More Info:

AWS S3 buckets should not be granting FULL_CONTROL access to authenticated users (i.e. signed AWS accounts or AWS IAM users) in order to prevent unauthorized access. Exposing your S3 buckets to AWS signed accounts or users can lead to data leaks, data loss and unexpected charges for the S3 service.

Risk Level

High

Address

Security

Compliance Standards

CBP, AWSWAF, PCIDSS, NIST

Triage and Remediation

Remediation

Using Console

Additional Reading: