- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Update your bucket policy as the contents of your Amazon S3 bucket are publicly accessible.
Unintentionally exposed Amazon S3 buckets have led to numerous data breaches and leaks. When misconfigured, an S3 bucket policy can permit anyone to download the contents of an Amazon S3 bucket.
Note: If the bucket is configured to host a static website, this rule does not trigger because bucket contents are expected to be public to serve the site.
Ensure that there is a valid business justification as to why the bucket and all of its contents have been made public. If there is no valid reason, follow these steps to prevent public access.
Follow the Controlling access to a bucket with user policies docs to edit your existing policy and set the policy permissions to private.
delete-bucket-policy
command to fully remove any public access to the bucket.aws s3api delete-bucket-policy \
--bucket insert-bucket-name-here
put-bucket-policy
command.aws s3api put-bucket-policy
--bucket insert-bucket-name-here
--policy file://insert-bucket-policy-file-name-here.json