Identify and remediate public cloud compliance misconfigurations, mitigate security threats and control your expenses from one simple, easy to use platform.
s3-016
Last Updated:
April 21, 2022
An Amazon Simple Storage Service (S3) bucket Access Control List (ACL) grants FULL_CONTROL permissions to All Authenticated AWS Users. Unrestricted FULL_CONTROL permission will allow anyone with an AWS account to modify permissions on the bucket and objects in the S3 bucket; add, modify, remove, or replace any objects in the S3 bucket or the S3 bucket itself. Sensitive data could be potentially exposed to unintended users or applications and any compromised account give a malicious actor full access and control of the S3 bucket and data. Remove S3 bucket FULL_CONTROL permissions for All Authenticated Users and restricted it to only required users or groups.
