top of page

S3.8

S3 Block Public Access setting should be enabled at the bucket-level

Severity

Cloud Platforms

Resources

Related Standards

Automated

HIGH

AWS

Amazon S3

AWS CIS Foundations v1.4, AWS Foundational Best Practice, AWS Foundational Technical Review, NIST CSF, NIST.800-53.r5,

YES

This control checks if Amazon S3 buckets have bucket level public access blocks applied. This control fails if any of the bucket level settings are set to false" public: ignorePublicAcls; blockPublicPolicy; blockPublicAcls; restrictPublicBuckets."

bottom of page