S3 Bucket ACL READ Permission Granted to All

Tenacity Id

Risk Level

Categories

s3-013

3

Last Updated:

April 21, 2022

An Amazon Simple Storage Service (S3) bucket Access Control List (ACL) grants READ access permissions to All. Granting READ permission to All means that anyone, including public users, can read bucket objects, potentially exposing sensitive data. S3 bucket access permissions should be granted using the least privilege principle. Remove S3 bucket READ permissions for All and restrict READ to only required users or groups.