You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Access controls for AWS S3 Buckets can be managed using a combination of identity-based and resource-based permission policies (the current preferred method) and using Bucket ACLs (a largely obsolete method dating back to the early days of AWS). Most Buckets should have ACLs disabled so that we don't need to worry about them. See https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html for details.
Is your feature request related to a problem? Please describe.
Access controls for AWS S3 Buckets can be managed using a combination of identity-based and resource-based permission policies (the current preferred method) and using Bucket ACLs (a largely obsolete method dating back to the early days of AWS). Most Buckets should have ACLs disabled so that we don't need to worry about them. See https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html for details.
Describe the solution you'd like
ScoutSuite should check for S3 Buckets that do not have ACLs disabled. This should be implemented by checking for Buckets where the "ObjectOwnership" setting is not "BucketOwnerEnforced". See https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/get-bucket-ownership-controls.html for more information.
The text was updated successfully, but these errors were encountered: