From fe8b8ecc156d24a482989a68546eae80cbbff594 Mon Sep 17 00:00:00 2001
From: akozlovets098 <an.kozlovets@gmail.com>
Date: Fri, 8 Dec 2023 17:45:54 +0200
Subject: [PATCH] Add references to rules (aws_s3_rules)

---
 rules/aws_s3_rules/aws_s3_unauthenticated_access.yml       | 1 +
 rules/aws_s3_rules/aws_s3_unknown_requester_get_object.yml | 1 +
 2 files changed, 2 insertions(+)

diff --git a/rules/aws_s3_rules/aws_s3_unauthenticated_access.yml b/rules/aws_s3_rules/aws_s3_unauthenticated_access.yml
index c69ba887d..819a9c8c7 100644
--- a/rules/aws_s3_rules/aws_s3_unauthenticated_access.yml
+++ b/rules/aws_s3_rules/aws_s3_unauthenticated_access.yml
@@ -18,6 +18,7 @@ Description: >
   Checks for S3 access attempts where the requester is not an authenticated AWS user.
 Runbook: >
   If unauthenticated S3 access is not expected for this bucket, update its access policies.
+Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-auth-workflow-bucket-operation.html
 SummaryAttributes:
   - bucket
   - key
diff --git a/rules/aws_s3_rules/aws_s3_unknown_requester_get_object.yml b/rules/aws_s3_rules/aws_s3_unknown_requester_get_object.yml
index 9f3cff797..d4bfe0345 100644
--- a/rules/aws_s3_rules/aws_s3_unknown_requester_get_object.yml
+++ b/rules/aws_s3_rules/aws_s3_unknown_requester_get_object.yml
@@ -19,6 +19,7 @@ Reports:
 Severity: Low
 Description: Validates that proper IAM entities are accessing sensitive data buckets.
 Runbook: If the S3 access is not expected for this bucket, investigate the requester's other traffic.
+Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/walkthrough1.html
 SummaryAttributes:
   - bucket
   - key