Identify and remediate public cloud compliance misconfigurations, mitigate security threats and control your expenses from one simple, easy to use platform.
s3-014
Last Updated:
April 21, 2022
An Amazon Simple Storage Service (S3) bucket Access Control List (ACL) grants WRITE_ACP access permissions to All. Unrestricted WRITE_ACP permission will allow anyone, including public users, to modify permissions on objects in the S3 bucket. This grants them the ability to escalate privileges to full access on any object, potentially exposing sensitive data and allowing a malicious actor to destroy data. Remove S3 bucket WRITE_ACP permissions for All and restricted it to only required users or groups.
