By using AWS re:Post, you agree to the Terms of Use
/S3 permissions granted to other AWS accounts in bucket policies should be restricted/

S3 permissions granted to other AWS accounts in bucket policies should be restricted

0

Can anyone please help how to fix this security alert " S3 permissions granted to other AWS accounts in bucket policies should be restricted " Step by Step procedure to fix.

I tired the below AWS remediation steps , I am struck on 5 & 6 which I have marked **

Open the Amazon S3 console at https://console.aws.amazon.com/s3/. In the Bucket name list, choose the name of the S3 bucket for which you want to edit the policy. Choose Permissions, and then choose Bucket Policy. In the Bucket policy editor text box, do one of the following: Remove the statements that grant access to denied actions to other AWS accounts Remove the permitted denied actions from the statements Choose Save.

Thanks

2 Answers
1

in AWS Management Account (also called root account) - you can leverage Service Control Policies (SCPs) to add a policy that meets a specific compliance policy.

Use this link to find out exactly how to create a specific SCP and apply to your organization : https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html

answered a month ago
0

Yes, i gone through SCP but Sorry i am still confused what to do ?

answered 19 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions