Cloud Conformity Real-Time Threat Monitoring and Analysis (RTMA) engine has detected configuration changes performed at the Amazon S3 service and resources level, within your AWS account.
This rule can help you with the following compliance standards:
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Real-Time Threat Monitoring.
Amazon S3 or Amazon Simple Storage Service is a global Infrastructure as a Service (IaaS) solution designed to store and retrieve any amount of data (objects) from anywhere on the Internet. S3 is a simple storage service that offers an extremely durable (99.999999999% durability), highly available (99.99% availability) and infinitely scalable data storage infrastructure at very low costs. AWS S3 provides a simple and intuitive web service interface and a powerful API that you can use to upload and download any type and amount of data that you want, read the same piece of data a million times, build simple FTP applications, use it to host static websites or relocate important data during emergency disaster recovery. Amazon S3 helps developers to focus on innovation instead of figuring out where and how to store their data.
Cloud Conformity RTMA can detect essentially any S3 configuration changes made within your AWS account such as creating and deleting buckets, making S3 buckets publicly accessible using Access Control Lists (ACLs), updating bucket policies to configure permissions for all objects within a bucket and updating S3 lifecycle policies. More precisely, the activity detected by this RTMA rule could be any IAM or root account user request initiated through AWS Management Console or any AWS API request initiated programmatically using AWS CLI or SDKs, that runs the following Amazon S3 actions:
Remediation / Resolution
Regardless of whether you use Amazon S3 service for storing simple log data or for mission-critical applications, monitoring S3 configuration changes in real-time is extremely important for keeping your data secure. As a security best practice, you need to be aware of any configuration change made at the S3 level at any point in time. Using Cloud Conformity RTMA to monitor S3 configuration changes can help you prevent any accidental or intentional modifications that may lead to data leakage and/or and data loss, therefore detecting Amazon S3 configuration changes is essential for keeping your cloud data secure.
References
- AWS Documentation
- Amazon S3
- Amazon S3 Frequently Asked Questions
- Introduction to Amazon S3
- Protecting Data in Amazon S3
- Using Versioning
- Working with Amazon S3 Buckets
- Working with Amazon S3 Objects
- Managing Access with ACLs
- Actions, Resources, and Condition Keys for Amazon S3
- Operations on Buckets
- Operations on Objects