Aws Referencing Missing S3 Bucket
Description
Detects AWS Config delivery channels that are configured to use S3 buckets that don't exist. This misconfiguration breaks AWS Config's ability to deliver configuration and compliance data, which can lead to gaps in security monitoring and compliance auditing.
Detection Strategy
• Retrieves all AWS Config delivery channel configurations in the specified region
• For each delivery channel, verifies if the configured S3 bucket exists by attempting to access it
• Reports a vulnerability if the referenced S3 bucket returns a 404 (Not Found) error
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.