S3 Bucket Audit Report using AWS PowerShell Script – Secure your S3 Buckets

 

If you are working on AWS environment and if you follow the news related to AWS, you will probably know there are many major data breach happened because of the human negligence, where vast amount of data kept without any protection like encryption, public access blocking. It is all because of human error. We create S3 bucket, and start using them, without realizing on how to keep them protected.

If we can’t control the human behavior, at least we can do a daily security scan on all the buckets and get the clear picture of how the buckets are configured after creation and how many of the S3 buckets are not following security best practice. If we can get this information, we could easily fix them. So, for this reason I have created one AWS PowerShell script to extract the S3 bucket audit report. This script can be executed anytime, and only need read-only permission.

This script can collect following information for all the S3 buckets.

  • Bucket Name
  • Region
  • Encryption Status
  • Log Bucket Name
  • Log Bucket Target Prefix
  • Versioning Status
  • MFA on Delete Status
  • Block Public Acls Status
  • Ignore Public Acls Status
  • Block Public Policy Status
  • Restrict Public Buckets Status
  • Bucket Policy Configuration Status
  • Bucket Policy

Please find the sample report generated by this script.

Script:

 

Disclaimer: All posts and opinions on this site are provided AS IS with no warranties. These are our own personal opinions and do not represent our employer’s view in any way.

This article currently have 627 views

CC BY-ND 4.0 This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.