top of page
< Back

AWS Foundational Security Best Practice

S3.12

S3 access control lists (ACLs) should not be used to manage user access to buckets

Severity

Cloud Platforms

Resources

MEDIUM

AWS

Amazon S3

This control checks if S3 buckets allow user permissions via access control lists (ACLs). This control fails if ACLs are configured for user access on S3 Bucket.

bottom of page