AWS S3 Bucket Policy Restricts Principal
Last updated
Last updated
This policy validates that S3 Bucket access policies do not allow any principal for a given action on the bucket, in accordance with the principle of least privilege.
Remediation
To remediate this, modify any grants in the S3 Bucket access policy that have Effect:Allow on Princiapl:*. New, more restrictive grants may be needed in their place to maintain access.
Reference
AWS S3 Bucket example policies
Risk
Remediation Effort
High
Low