Amazon S3 Security Best Practice

 

Amazon S3

Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases, such as websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics. Amazon S3 provides easy-to-use management features so you can organize your data and configure finely-tuned access controls to meet your specific business, organizational, and compliance requirements. Amazon S3 is designed for 99.999999999% (11 9's) of durability, and stores data for millions of applications for companies all around the world.

S3.01

Bucket Encryption

Ensure that s3 Bucket is encrypted at rest.

S3.02

Public Bucket

Ensure that s3 Bucket is not publicly exposed via policy.

S3.03

Encrypted with KMS CMK

Ensure that s3 Bucket is encrypted at rest with customer managed KMS Key.

S3.04

MFA Delete Enabled

Ensure that s3 Buckets have MFA Delete enabled.

S3.05

Versioning Enabled

Ensure that s3 Buckets have versioning enabled.

S3.06

Enforce SSL

Ensure that s3 Bucket enforces encryption over SSL.

S3.07

Cross Account Access

Ensure that s3 Bucket only allow cross account access from trusted accounts.

S3.08

Logging Enabled

Ensure that s3 Buckets have logging enabled.

S3.09

Object Lock Enabled

Ensure that s3 Buckets have object lock enabled.

S3.10

Authenticated Full Control

Ensure that s3 Buckets are not allowing AWS users full control.

S3.11

Public Read Access

Ensure that s3 Buckets are not allowing public read access.

S3.12

Public Write Access

Ensure that s3 Buckets are not allowing public write access.

S3.13

Public Read ACP Access

Ensure that s3 Buckets are not allowing public read acp access.

S3.14

Public Full Control

Ensure that s3 Buckets are not allowing public full control.

S3.15

AWS Users Read Access

Ensure that s3 Buckets are not allowing AWS users read access.

S3.16

AWS Users Write Access

Ensure that s3 Buckets are not allowing AWS users write access.

S3.17

AWS Users Read ACP Access

Ensure that s3 Buckets are not allowing AWS users read acp access.

S3.18

AWS Users Write ACP Access

Ensure that s3 Buckets are not allowing AWS users write acp access.

View the Online Demo!

Are you curious as to what type of data Intelligent Discovery collects in relation to AWS vulnerabilities?
Login into our on-line demo to see a simulated view of what Intelligent Discovery collects and explains how to remediate.
demo.intelligentdiscovery.io

 

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +

Contact us

LDAPTIVE, LLC.
Mount Pleasant, SC
USA
Email: info@ldaptive.com
Intelligent Discovery ™

LDAPTIVE, LLC 2018 © All Rights Reserved. Privacy Policy | Terms of Service