Skip to content

Commit

Permalink
Add references to rules (aws_s3_rules)
Browse files Browse the repository at this point in the history
  • Loading branch information
@akozlovets098
akozlovets098 committed Dec 11, 2023
1 parent 1f1569e commit fe8b8ec
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions rules/aws_s3_rules/aws_s3_unauthenticated_access.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ Description: >
Checks for S3 access attempts where the requester is not an authenticated AWS user.
Runbook: >
If unauthenticated S3 access is not expected for this bucket, update its access policies.
Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-auth-workflow-bucket-operation.html
SummaryAttributes:
- bucket
- key
Expand Down
1 change: 1 addition & 0 deletions rules/aws_s3_rules/aws_s3_unknown_requester_get_object.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ Reports:
Severity: Low
Description: Validates that proper IAM entities are accessing sensitive data buckets.
Runbook: If the S3 access is not expected for this bucket, investigate the requester's other traffic.
Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/walkthrough1.html
SummaryAttributes:
- bucket
- key
Expand Down

0 comments on commit fe8b8ec

Please sign in to comment.