Publicly accessible S3 bucket stores sensitive data

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

A publicly accessible S3 bucket contains sensitive data. This could lead to data exfiltration or data leakage. Sensitive data could include personally identifiable information (PII), credentials, financial information, and network or device information. For more details on how sensitive data is detected, see the official documentation.

Remediation

  1. Update the S3 bucket configuration to disable public access. See the official documentation for more information on how to disable public access.
  2. Restrict access to the S3 bucket containing sensitive data to only the necessary users or roles by reviewing IAM policies and bucket resource policies. For more information on restricting access to an S3 bucket, see the official documentation.