Ensure that your Amazon S3 buckets with website configuration enabled are regularly reviewed for security purposes. Upon enabling this rule on Cloud Conformity dashboard, you must specify one or more S3 buckets that are expected to have website configuration enabled. Once the rule is active, Cloud Conformity engine will scan your AWS account and will return review information for all S3 buckets.
This rule can help you with the following compliance standards:
- APRA
- MAS
- NIST 800-53 (Rev. 4)
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
To host website on AWS S3 you need to configure a bucket as website by adding the necessary configuration. By regularly reviewing these S3 buckets you make sure that only the desired buckets are accessible from the website endpoint.
Audit
To identify all Amazon S3 buckets with website configuration enabled for review purposes, perform the following:
Remediation / Resolution
When you disable S3 website hosting, Amazon S3 service removes the website configuration from your buckets so that these buckets are no longer accessible from the website endpoint. To disable website hosting for your S3 buckets, perform the following:
References
- AWS Documentation
- Amazon Simple Storage Service (S3) FAQs
- Amazon S3 Product Details
- How Do I Configure an S3 Bucket for Static Website Hosting?
- Configuring a Bucket for Website Hosting
- Hosting a Static Website on Amazon S3
- AWS Command Line Interface (CLI) Documentation
- s3api
- list-buckets
- get-bucket-website
- delete-bucket-website
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
S3 Buckets with Website Configuration Enabled
Risk level: Medium