S3 Bucket Without Ignore Public ACL
- Query id: 6c8d51af-218d-4bfb-94a9-94eabaa0703a
- Query name: S3 Bucket Without Ignore Public ACL
- Platform: CloudFormation
- Severity: Low
- Category: Insecure Configurations
- URL: Github
Description¶
S3 bucket without ignore public ACL
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
Resources:
Bucket11:
Type: AWS::S3::Bucket
Properties:
---
Resources:
Bucket12:
Type: AWS::S3::Bucket
Properties:
PublicAccessBlockConfiguration:
BlockPublicPolicy : true
RestrictPublicBuckets : true
---
Resources:
Bucket13:
Type: AWS::S3::Bucket
Properties:
PublicAccessBlockConfiguration:
BlockPublicAcls: false
BlockPublicPolicy : true
IgnorePublicAcls : false
RestrictPublicBuckets : true
Positive test num. 2 - json file
{
"Resources": {
"Bucket1": {
"Type": "AWS::S3::Bucket",
"Properties": {
"PublicAccessBlockConfiguration": {
"BlockPublicAcls": false,
"BlockPublicPolicy": true,
"IgnorePublicAcls": false,
"RestrictPublicBuckets": true
},
"AccessControl": "Private"
}
}
}
}