S3 Bucket Without Ignore Public ACL
- Query id: 4fa66806-0dd9-4f8d-9480-3174d39c7c91
- Query name: S3 Bucket Without Ignore Public ACL
- Platform: Terraform
- Severity: Medium
- Category: Insecure Configurations
- CWE: 284
- URL: Github
Description¶
S3 bucket without ignore public ACL
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_s3_bucket" "positive1" {
bucket = "example"
}
resource "aws_s3_bucket_public_access_block" "positive2" {
bucket = aws_s3_bucket.example.id
block_public_acls = true
block_public_policy = true
ignore_public_acls = false
}
Positive test num. 2 - tf file
module "s3_bucket" {
source = "terraform-aws-modules/s3-bucket/aws"
version = "3.7.0"
bucket = "my-s3-bucket"
acl = "private"
ignore_public_acls = false
versioning = {
enabled = true
}
}
Positive test num. 3 - tf file
module "s3_bucket" {
source = "terraform-aws-modules/s3-bucket/aws"
version = "3.7.0"
bucket = "my-s3-bucket"
acl = "private"
versioning = {
enabled = true
}
}