More Info:

There should not be any publicly accessible S3 buckets available in your AWS account in order to protect your S3 data from loss and unauthorized access.

Risk Level

Critical

Address

Security

Compliance Standards

CBP, HITRUST, AWSWAF, SOC2, NISTCSF

Triage and Remediation

Remediation

Sure, here are the step-by-step instructions to remediate the S3 bucket misconfiguration in AWS:

  1. Log in to the AWS Management Console and navigate to the S3 service.

  2. Click on the name of the bucket that has the public FULL_CONTROL access.

  3. Click on the “Permissions” tab and then select “Bucket Policy”.

  4. Review the policy to see if there is any statement that grants public FULL_CONTROL access.

  5. If there is any statement that grants public FULL_CONTROL access, remove it from the policy by editing the JSON policy document.

  6. Alternatively, you can also revoke the public FULL_CONTROL access by selecting the “Access Control List” (ACL) tab and then removing the “Everyone” grantee with FULL_CONTROL access.

  7. Once you have made the necessary changes, click on the “Save” button to save the updated policy or ACL.

  8. Finally, test the bucket to ensure that the public FULL_CONTROL access has been remediated.

By following the above steps, you can remediate the S3 bucket misconfiguration to ensure that it does not allow public FULL_CONTROL access.

Additional Reading: