S3 Bucket With Public Access
- Query id: c3e073c1-f65e-4d18-bd67-4a8f20ad1ab9
- Query name: S3 Bucket With Public Access
- Platform: Ansible
- Severity: Critical
- Category: Access Control
- CWE: 284
- URL: Github
Description¶
S3 Bucket allows public access
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
---
- name: Create an empty bucket
amazon.aws.aws_s3:
bucket: mybucket
mode: create
permission: public-read
- name: Create an empty bucket 01
amazon.aws.aws_s3:
bucket: mybucket 01
mode: create
permission: public-read-write