Identify and remediate public cloud compliance misconfigurations, mitigate security threats and control your expenses from one simple, easy to use platform.
s3-022
Last Updated:
April 21, 2022
S3 bucket ACL grants FULL_CONTROL permissions to public users. Simple Storage Service (S3) bucket Access Control Lists (ACL) are used to control user access to buckets and objects. By default only the account owner has access to an S3 bucket and its contents but you can change the permissions to allow access by any user. Unrestricted FULL_CONTROL access to a bucket will allow anyone to perform any action on your S3 buckets and objects. Public S3 bucket FULL_CONTROL access should be disabled and that permission should only be allowed to users who require it.
