Rule: S3 Block Public Access Setting Should Be Enabled
This rule ensures the S3 Block Public Access setting is enabled to enhance security.
| Rule | S3 Block Public Access setting should be enabled |
| Framework | AWS Foundational Security Best Practices |
| Severity | ✔ Medium |
Rule Description:
The S3 Block Public Access setting should be enabled for AWS Foundational Security Best Practices. This ensures that unintended public access to S3 buckets and objects is blocked, enhancing the security of your S3 data.
Troubleshooting Steps:
- If the S3 Block Public Access setting is not enabled, potential security risks may exist, as unauthorized users could access your S3 data. Follow the steps below to troubleshoot and enable the setting.
Necessary Codes:
There are no specific codes required to enable the S3 Block Public Access setting, as it is a configuration setting within the AWS Management Console.
Step-by-Step Remediation Guide:
- 1.Login to your AWS Management Console.
- 2.Navigate to the Amazon S3 service.
- 3.In the S3 dashboard, click on the Bucket name that you want to enable Block Public Access for.
- 4.Under the "Permissions" tab, click on "Block public access" to access the Block Public Access settings.
- 5.Review the settings and ensure that the following options are enabled:
- Block public access to buckets and objects granted through new access control lists (ACLs)
- Block public access to buckets and objects granted through any access control lists (ACLs)
- Block public access to buckets and objects granted through new public bucket or access point policies
- Block public and cross-account access to buckets and objects through any public bucket or access point policies
- 6.Once the settings are confirmed, click on the "Save" button to enable the Block Public Access setting for the selected S3 bucket.
- 7.Repeat these steps for any additional S3 buckets that you want to protect.
By following the above steps, you will successfully enable the S3 Block Public Access setting for the AWS Foundational Security Best Practices, ensuring that your S3 buckets and objects are not publicly accessible.