Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add references to rules (aws_s3_rules) #999

Merged
merged 1 commit into from
Dec 11, 2023
Merged

Add references to rules (aws_s3_rules) #999

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions rules/aws_s3_rules/aws_s3_unauthenticated_access.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ Description: >
Checks for S3 access attempts where the requester is not an authenticated AWS user.
Runbook: >
If unauthenticated S3 access is not expected for this bucket, update its access policies.
Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-auth-workflow-bucket-operation.html
SummaryAttributes:
- bucket
- key
Expand Down
1 change: 1 addition & 0 deletions rules/aws_s3_rules/aws_s3_unknown_requester_get_object.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ Reports:
Severity: Low
Description: Validates that proper IAM entities are accessing sensitive data buckets.
Runbook: If the S3 access is not expected for this bucket, investigate the requester's other traffic.
Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/walkthrough1.html
SummaryAttributes:
- bucket
- key
Expand Down