elasticbeanstalk-us-east-1-531239714189
Overview
Critical
0High
1Medium
3Low
1Informational
0Security issues (5)
| Severity | Non-Compliance | Issue | Remediation | Read more | Action |
|---|---|---|---|---|---|
| High | — | Amazon S3 bucket versioning is disabled. | Enable S3 bucket versioning to protect the objects from accidental deletion or overwrite. | More info | |
| Medium | — | Amazon S3 bucket is missing Public Access Block configuration. | To ensure that public access to all your S3 buckets and objects is blocked, turn on Public Access Block. | More info | |
| Low | PCI DSS 10.2 HIPAA (Audit) | Amazon S3 server access logging is disabled. | Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. | More info | |
| Medium | CIS 2.1.1 PCI DSS 3.5 HIPAA (Encryption) | Amazon S3 bucket server-side encryption is disabled. | Enable server-side encryption for S3 buckets to protect your data. | More info | |
| Medium | CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) | Amazon S3 bucket policy was not found. | Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. | More info |