Identify and remediate public cloud compliance misconfigurations, mitigate security threats and control your expenses from one simple, easy to use platform.
s3-021
Last Updated:
April 21, 2022
An Amazon Simple Storage Service (S3) bucket Access Control List (ACL) grants FULL_CONTROL access permissions to All Authenticated AWS Users. Granting FULL_CONTROL permission to All Authenticated users means that anyone with an AWS user account can READ, READ_ACP, and WRITE_ACP permissions on the object, potentially destroying data or creating harmful objects. S3 bucket access permissions should be granted using the least privilege principle. Remove S3 bucket FULL_CONTROL permissions for All Authenticated users and restrict FULL_CONTROL to only required users or groups.
