To help you discover S3 buckets that can be accessed publicly or from other accounts or organizations, AWS Identity and Access Management (IAM) Access Analyzer evaluation of S3 buckets now includes S3 Access Point policies in addition to bucket policies and access control lists. This helps you find unintended access to S3 buckets that use access points, and identifies the access point that permits access. Access Analyzer makes it easier to identify and remediate unintended public, cross-account or cross-organization sharing of your S3 buckets that use access points. This helps you restrict bucket access and adhere to the security best practice of least privilege.

Categories: AWS