Using Console
"Effect": "Allow"
and "Principal": "*"
.Principal
or Action
to limit access."Principal": "*"
to "Principal": {"AWS": "arn:aws:iam::ACCOUNT_ID:root"}
to grant access only to the AWS account root user.Using CLI
YOUR_BUCKET_NAME
with the name of your S3 bucket.Alternate optionBUCKET_NAME
with the name of the bucket you want to remediate.bucket_policy.json
file to identify any statements allowing public access ("Effect": "Allow"
with "Principal": "*"
).bucket_policy.json
file to remove or modify the statements allowing public access.BUCKET_NAME
with the name of the bucket.bucket_policy.json
file contains a policy allowing public access:bucket_policy.json
file to remove the statement:put-bucket-policy
command.Using Python
check_and_remediate_s3_public_access
for each bucket to check and remediate the public access issues in your S3 buckets."your_bucket_name"
with the actual name of the bucket you want to check and remediate. Make sure to have appropriate permissions to modify the bucket policy.