More Info:

AWS S3 buckets should not be publicly accessible for WRITE actions via S3 access control lists (ACLs), in order to protect your S3 data from unauthorized users.

Risk Level

Critical

Address

Security

Compliance Standards

HIPAA, PCIDSS, NIST

Triage and Remediation

Remediation

Sure, here are the step-by-step instructions to remediate the misconfiguration in AWS:

  1. Log in to the AWS Management Console.
  2. Navigate to the S3 service.
  3. Click on the name of the bucket that you want to remediate.
  4. Click on the “Permissions” tab.
  5. Under the “Block public access (bucket settings)” section, click on “Edit”.
  6. Uncheck the box next to “Block all public access”.
  7. Check the box next to “Block public access to buckets and objects granted through new public bucket policies”.
  8. Check the box next to “Block public and cross-account access to buckets and objects through any public bucket policies”.
  9. Click on “Save changes”.

After following these steps, your S3 bucket will no longer allow public writes.

Additional Reading: