S3 bucket objects should not allow public listing via ACL

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

Modify your bucket ACL to remove public READ access.

Public READ access allows the grantee to list all objects within your bucket and exploit objects with misconfigured ACL permissions.

For more information about S3 bucket ACLs, see the Access control list (ACL) documentation.

Follow the Controlling access to a bucket with user policies docs to edit your existing policy and set the policy permissions to private.

Run put-bucket-acl with your S3 bucket name and the ACL set to private.

aws s3api get-bucket-acl
 --bucket your-bucket-name
 --acl private