S3 Bucket Policy Restricts by IP Address

Tenacity Id

Risk Level

Categories

s3-002

3

Last Updated:

April 21, 2022

An Amazon Simple Storage Service (S3) bucket policy restricts access by IP address. IP addresses could be used by one or more users, leading to potential unintended access to S3. S3 bucket policies can be configured to restrict access by both user or group and host IP address for better protection. Configure the S3 bucket policy to restrict by user or group.