You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
S3 Buckets must not allow Get Action From All Principals, as to prevent leaking private information to the entire internet or allow unauthorized data tampering / deletion. This means the 'Effect' must not be 'Allow' when the 'Action' is Get, for all Principals.
Locations:
Result #1: Severity: HIGH State: TO_VERIFY Status: RECURRENT File:/cloudinfra/s3_1.tf[31,0] Expected value: aws_s3_bucket[s3_1].policy.Action should not be a 'Get' action Actual value: aws_s3_bucket[s3_1].policy.Action is a 'Get' action
Review result in Checkmarx One: S3 Bucket Allows Get Action From All Principals
The text was updated successfully, but these errors were encountered:
Checkmarx (IaC-Security): S3 Bucket Allows Get Action From All Principals
Checkmarx Project: cyates-checkmarx/JVL
Repository URL: https://github.com/cyates-checkmarx/JVL
Branch: master
Scan ID: 6bf2c567-d73e-490c-ac86-a35dd14d497b
S3 Buckets must not allow Get Action From All Principals, as to prevent leaking private information to the entire internet or allow unauthorized data tampering / deletion. This means the 'Effect' must not be 'Allow' when the 'Action' is Get, for all Principals.
Locations:
Result #1:
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
File: /cloudinfra/s3_1.tf[31,0]
Expected value: aws_s3_bucket[s3_1].policy.Action should not be a 'Get' action
Actual value: aws_s3_bucket[s3_1].policy.Action is a 'Get' action
Review result in Checkmarx One: S3 Bucket Allows Get Action From All Principals
The text was updated successfully, but these errors were encountered: