Skip to content

Commit

Permalink
correct s3 query
Browse files Browse the repository at this point in the history
  • Loading branch information
aquamatthias committed Jun 12, 2024
1 parent df9bd9e commit d681dc4
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion fixcompliance/data/checks/aws/aws_s3.json
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@
"risk": "Failure to secure S3 buckets can lead to unauthorized access and potential security breaches in operations.",
"severity": "high",
"detect": {
"fix": "is(aws_s3_bucket) and bucket_public_access_block_configuration.{block_public_acls!=true or ignore_public_acls!=true or block_public_policy!=true or restrict_public_buckets!=true} or bucket_acl.grants[*].{permission in [READ, READ_ACP] and grantee.uri==\"http://acs.amazonaws.com/groups/global/AllUsers\"}"
"fix": "is(aws_s3_bucket) and (bucket_public_access_block_configuration.{block_public_acls!=true or ignore_public_acls!=true or block_public_policy!=true or restrict_public_buckets!=true} or bucket_acl.grants[*].{permission in [READ, READ_ACP] and grantee.uri==\"http://acs.amazonaws.com/groups/global/AllUsers\"})"
},
"remediation": {
"text": "To fix this issue, update the S3 bucket configurations to disable public settings and ensure bucket policies do not grant all permissions.",
Expand Down

0 comments on commit d681dc4

Please sign in to comment.