S3 Static Website Host Enabled
- Query id: 90501b1b-cded-4cc1-9e8b-206b85cda317
- Query name: S3 Static Website Host Enabled
- Platform: CloudFormation
- Severity: High
- Category: Insecure Configurations
- URL: Github
Description¶
Checks if any static websites are hosted on buckets. Even static websites can be a liability when poorly configured.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Postitive test num. 1 - yaml file
Resources:
Bucket2:
Type: AWS::S3::Bucket
Properties:
AccessControl: PublicRead
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: error.html
Postitive test num. 2 - json file
{
"Resources": {
"Bucket2": {
"Type": "AWS::S3::Bucket",
"Properties": {
"AccessControl": "PublicRead",
"WebsiteConfiguration": {
"IndexDocument": "index.html",
"ErrorDocument": "error.html"
}
}
}
}
}