HIGH
Source
Trivy
ID
AVD-AWS-0092

S3 Buckets not publicly accessible through ACL.

Buckets should not have ACLs that allow public access

Impact

Public access to the bucket can lead to data leakage

Follow the appropriate remediation steps below to resolve the issue.

Add a logging block to the resource to enable access logging

1
2
3
4
5
6
7
8
---
AWSTemplateFormatVersion: "2010-09-09"
Description: A sample template
Resources:
  GoodExample:
    Properties:
      AccessControl: Private
    Type: AWS::S3::Bucket

Add a logging block to the resource to enable access logging

1
2
3
resource "aws_s3_bucket" "good_example" {
  acl = "private"
}