Back to All Checks
High S3

S3 Multi-Region Access Points should have block public access settings enabled

PCI DSS v4.0.1PCI DSS v1.4.4

Description

This control checks whether an Amazon S3 Multi-Region Access Point has block public access settings enabled. The control fails when the Multi-Region Access Point doesn't have block public access settings enabled. Publicly accessible resources can lead to unauthorized access, data breaches, or exploitation of vulnerabilities. Restricting access through authentication and authorization measures helps to safeguard sensitive information and maintain the integrity of your resources.

Remediation

Enable block public access settings for S3 Multi-Region Access Points.

Steps

  1. Open the Amazon S3 console.
  2. Navigate to 'Multi-Region Access Points'.
  3. Select the Multi-Region Access Point that needs remediation.
  4. Edit the 'Block public access' settings.
  5. Enable all Block public access options: Block public ACLs, Ignore public ACLs, Block public policy, and Restrict public buckets.
  6. Save the configuration.

Compliance

PCI DSS v4.0.1PCI DSS v1.4.4
Start Your Free Security Check