S3 Bucket with Unsecured CORS Rule
- Query id: 3505094c-f77c-4ba0-95da-f83db712f86c
- Query name: S3 Bucket with Unsecured CORS Rule
- Platform: Ansible
- Severity: High
- Category: Insecure Configurations
- URL: Github
Description¶
If the CORS (Cross-Origin Resource Sharing) rule is defined in an S3 bucket, it should be secure
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Postitive test num. 1 - yaml file
- name: Create s3 bucket2
community.aws.aws_s3_cors:
name: mys3bucket
state: present
rules:
- allowed_origins:
- http://www.example.com/
allowed_methods:
- GET
- POST
- PUT
- DELETE
- HEAD
allowed_headers:
- Authorization
expose_headers:
- x-amz-server-side-encryption
- x-amz-request-id
max_age_seconds: 30000
Postitive test num. 2 - yaml file
- name: Create s3 bucket4
aws_s3_cors:
name: mys3bucket2
state: present
rules:
- allowed_origins:
- http://www.example.com/
allowed_methods:
- GET
- POST
- PUT
- DELETE
- HEAD
allowed_headers:
- Authorization
expose_headers:
- x-amz-server-side-encryption
- x-amz-request-id
max_age_seconds: 30000
Code samples without security vulnerabilities¶
Negative test num. 1 - yaml file
- name: Create s3 bucket
community.aws.aws_s3_cors:
name: mys3bucket3
state: present
rules:
- allowed_origins:
- http://www.example.com/
allowed_methods:
- GET
- POST
allowed_headers:
- Authorization
expose_headers:
- x-amz-server-side-encryption
- x-amz-request-id
max_age_seconds: 30000
Negative test num. 2 - yaml file
- name: Create s3 bucket1
aws_s3_cors:
name: mys3bucket4
state: present
rules:
- allowed_origins:
- http://www.example.com/
allowed_methods:
- GET
- POST
allowed_headers:
- Authorization
expose_headers:
- x-amz-server-side-encryption
- x-amz-request-id
max_age_seconds: 30000