MEDIUM

Ensure S3 bucket CORS policy is restrictive

Cross-Origin Resource Sharing (CORS) policies control which domains can access bucket resources from web browsers. Overly permissive policies expose data to unauthorized websites.

Security Impact

Permissive CORS (AllowedOrigins: *) allows any website to make requests to your bucket from users' browsers.

How to Remediate

Review CORS configuration and specify allowed origins explicitly. Avoid using * for AllowedOrigins on sensitive buckets.

Affected Resources

AWS::S3::Bucket

Compliance Frameworks

SOC 2OWASP

How TigerGate Helps

TigerGate continuously monitors your AWS environment to detect and alert on this misconfiguration. Here's what our platform does for this specific check:

  • Continuous Scanning

    Automatically scans all Simple Storage Service (S3) resources across your AWS accounts every hour

  • Instant Alerts

    Get notified via Slack, email, or webhooks when this misconfiguration is detected

  • One-Click Remediation

    Fix this issue directly from the TigerGate dashboard with our guided remediation

  • Compliance Evidence

    Automatically collect audit evidence for SOC 2, OWASP compliance

  • Drift Detection

    Get alerted if this configuration drifts back to an insecure state after remediation

Check Details

Check ID
aws-s3-16
Service
Simple Storage Service (S3)
Category
Access Control
Severity
MEDIUM

Automate This Check

TigerGate automatically scans your AWS environment for this and 575+ other security checks.

Start Free Trial

Related Simple Storage Service (S3) Checks

View all checks
aws-s3-1critical

Ensure S3 bucket has block public access enabled

aws-s3-2critical

Ensure S3 bucket policy does not allow public read access

aws-s3-3critical

Ensure S3 bucket policy does not allow public write access

aws-s3-4medium

Ensure MFA Delete is enabled on S3 buckets

aws-s3-5high

Ensure S3 bucket has server-side encryption enabled