S3 Buckets not publicly accessible through ACL.
Buckets should not have ACLs that allow public access
Impact
Public access to the bucket can lead to data leakage
Recommended Actions
Follow the appropriate remediation steps below to resolve the issue.
Don’t use canned ACLs or switch to private acl
1
2
3
4
5
6
|
Resources:
GoodExample:
Properties:
AccessControl: Private
Type: AWS::S3::Bucket
|
Don’t use canned ACLs or switch to private acl
1
2
3
4
|
resource "aws_s3_bucket" "good_example" {
acl = "private"
}
|
1
2
3
4
5
6
7
8
|
resource "aws_s3_bucket" "example" {
bucket = "yournamehere"
}
resource "aws_s3_bucket_acl" "example" {
bucket = aws_s3_bucket.example.id
acl = "private"
}
|
Links