Detections
Analytics

Amazon S3 Bucket Detected

info Web App Scanning Plugin ID 113134

Language:

Synopsis

Amazon S3 Bucket Detected

Description

Amazon Simple Storage Service (S3) is a public cloud storage service available in Amazon Web Services (AWS) which provides a programmatic way to store and retrieve data objects in storage containers called `buckets`. Web applications often rely on storage buckets to serve static assets (images or scripts for example) or to store application related data like user uploads, application exports or log files. Storage buckets can also be used to host static web applications without any additional service.

Depending on the expected usage of the storage bucket, developers can define permissions on the storage container and its objects to allow public operations on it (for example to list the content or retrieve an object) or to keep it private.

Solution

Ensure that the detected Amazon S3 bucket is already identified in the assets used by the web applications, and that the permissions are defined according to its expected purpose and to the AWS security best practices.

See Also

https://aws.amazon.com/articles/amazon-s3-bucket-public-access-considerations/

https://aws.amazon.com/s3/

https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html

Plugin Details

Severity: Info

ID: 113134

Type: remote

Published: 2/7/2022

Updated: 2/7/2022

Scan Template: api, basic, full, pci, scan