cloud-security

S3 Bucket Policy

Definition

S3 bucket policies are resource-based IAM policies attached directly to S3 buckets that control access for any AWS identity or the public. They define which principals can perform which S3 actions on the bucket and its objects.

Misconfigured S3 bucket policies that grant public access (Principal: "*") have been responsible for numerous large-scale data breaches. AWS S3 Block Public Access settings provide account and bucket-level safeguards that override policies permitting public access.

Related Terms

Resource Policy

Cloud Resource-Based Policy

IAM Roles

Cloud IAM Roles

DSPM

Data Security Posture Management

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product