Invalid AWS S3 Bucket Policies require replacement to a functioning policy to ensure that they provide provable security protection
AWS S3 Buckets have Bucket Policies which are used for configuring access, security and management policies for data held within the bucket. An S3 Bucket Policy is the key configuration tool used to protect your AWS S3 data and it should be actively implemented across all your buckets. Since AWS S3 is an older Amazon service that predates some of the more modern AWS Identity and Access Management (IAM) policy implementations, some S3 Buckets may contain outdated policies that have not been updated for a long time. This can result in Bucket Policies which are no longer valid and need updating.
Our SkySiege Cloud Assessments identifies these invalid policies that do not comply with current AWS IAM specifications. Not having a policy significantly limits your control over the data, reduces your ability to demonstrate compliance and undermines best practises for cloud-hosted data as provided by the AWS S3 Service. To ensure compliance and control every bucket must have a valid S3 Bucket Policy.
SkySiege Cloud Assessments quantatively validates AWS S3 bucket policies to ensure that they’re compliant with current AWS IAM standards. This avoids any doubt and removes the requirement to individually validate every AWS S3 Bucket Policy.
If you’re a SkySiege customer whose buckets have been detected under this issue then you can contact your SkySiege Engineer named in your report for additional guidance on how to translate each of your bucket policies. Your Engineer will also be able to provide default bucket policies that meet the required security standards in regulated environments.
SkySiege Cloud Security Assessments scan for this issue and provide same-day reports..
Available for individual projects or organisations.