Bedrock custom models should not train from publicly accessible s3 buckets

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Description

This control verifies that Amazon Bedrock custom models are not trained using data from publicly accessible Amazon S3 buckets. Training models from publicly accessible buckets introduces significant security and integrity risks, as unauthorized users may modify or inject malicious data. This can result in data poisoning, model corruption, and exposure of sensitive data, undermining the reliability and trustworthiness of your AI/ML workflows.

Remediation

Update the bucket permissions and policies to restrict public access permissions. For guidance, review the Block Public Access to S3 Buckets documentation.

For additional configuration and protection measures, please consult the How can I secure the files in my Amazon S3 buckets? documentation.