Update to Rules - S3 Buckets Should Not Be Publicly Open
Stax has changed how Rules relating to S3 buckets being publicly open are evaluated by including the FULL_CONTROL**is not granted to groupsAllUsers**orAllAuthenticatedUsers check.
If you observe buckets that were previously compliant now showing as non-compliant, it is likely due to the stricter requirement for the bucket to meet the additional control described above. For more information and remediation, visit S3 Buckets shouldn't be Publicly Open.
| Impacted Rule Name | Impacted Bundles
|
|---|---|
| S3 Buckets should not be Publicly Open for Reads |
|
| S3 Buckets should not be Publicly Open for Reads and Writes (Previously: S3 Buckets should not be Publicly Open) |
|
| S3 Buckets should not be Publicly Open for Writes |
|
| S3 Buckets should not be publicly open for read operations |
|
| S3 Buckets should not be publicly open for read and write operations (Previously: S3 Buckets should not be publicly open) |
|