AWS Misconfigurations
S3 Audit
Checks performed
- S3 Buckets Should Have Access Logging Enabled
- S3 Block Public Access Feature Should Be Enabled
- S3 Buckets Should Have Default Encryption Enabled
- S3 Buckets Should Have Versioning Enabled
- S3 Buckets Should Have A Secure Transport Policy
- S3 Buckets Should Not Allow Public Writes
- S3 Bucket Should Not Allow WRITE Access to Authenticated Users
- S3 Bucket Names Should Be DNS-compliant
- S3 Bucket Should Have MFA Delete Enabled
- S3 Buckets Should Not Allow Public Access Via Policy
- S3 Buckets Should Be Encrypted with Customer-Provided CMKs
- S3 Buckets Should Have Lifecycle Configuration Enabled
- S3 Buckets Should Have Wite Configuration Enabled
- S3 Buckets Should Have Object Lock Enabled
- S3 Buckets Should Use Transfer Acceleration
- S3 Bucket Should Not Allow Public FULL_CONTROL Access
- S3 Bucket Should Not Allow FULL_CONTROL Access to Authenticated Users
- S3 Buckets Should Not Allow Public READ Access
- S3 Bucket Should Not Allow READ Access to Authenticated Users
- S3 Bucket Should Not Allow Public READ_ACP Access
- S3 Bucket Should Not Allow READ_ACP Access For Authenticated Users
- S3 Bucket Should Not Allow Public WRITE_ACP Access
- S3 Bucket Should Not Allow WRITE_ACP Access to Authenticated Users
- S3 Buckets Should Enforce Server Side Encryption
- S3 Bucket Replication Should Be Enabled