top of page
AWS Foundational Security Best Practice
S3.12
S3 access control lists (ACLs) should not be used to manage user access to buckets
Severity
Cloud Platforms
Resources
MEDIUM
AWS
Amazon S3
This control checks if S3 buckets allow user permissions via access control lists (ACLs). This control fails if ACLs are configured for user access on S3 Bucket.
bottom of page