Back to All Checks
High S3

S3 general purpose buckets should block public access

CISNISTISO 27001HIPAA

Description

Checks if the S3 Block Public Access setting is enabled at the bucket level.

Remediation

To enable S3 Block Public Access at the bucket level, follow these steps:

Steps

  1. Sign in to the AWS Management Console and open the Amazon S3 console.
  2. In the Buckets list, choose the name of the bucket that you want to modify.
  3. Choose the 'Permissions' tab.
  4. In the 'Block Public Access (bucket settings)' section, choose 'Edit'.
  5. Select the checkboxes to block public access for the following settings: 'Block public access to buckets and objects granted through new access control lists (ACLs)', 'Block public access to buckets and objects granted through any access control lists (ACLs)', 'Block public access to buckets and objects granted through new public bucket or access point policies', and 'Block public and cross-account access to buckets and objects through any public bucket or access point policies'.
  6. Choose 'Save changes'.
  7. Review the settings and confirm by choosing 'Confirm'.

Compliance

CISNISTISO 27001HIPAA
Start Your Free Security Check