amazon-genomics-cli
amazon-genomics-cli copied to clipboard
Default AGC bucket should remove the possibility of public access
Description
The default AGC bucket generated by AGC should have bucket level public access blocks applied so that a user cannot accidentally make a bucket public
Use Case
Rule: securityhub-s3-bucket-level-public-access-prohibited-4639e4aa Summary of Rule: This control checks if Amazon S3 buckets have bucket level public access blocks applied. This control fails if any of the bucket level settings are set to "false" public: ignorePublicAcls, blockPublicPolicy, blockPublicAcls, restrictPublicBuckets.
Proposed Solution
Set the following bucket level settings to true for the bucket created by AGC during activation. ignorePublicAcls, blockPublicPolicy, blockPublicAcls, restrictPublicBuckets