OSS Bucket Policy No Anonymous Access
ID: rule:aliyun:oss-bucket-policy-no-any-anonymous
Severity: high
IaC Types: ROS, Terraform
Description
Ensures OSS bucket policy does not grant any permissions to anonymous users.
Reason for Violation
The OSS bucket policy allows anonymous access with Principal '*'.
Recommendation
Remove any Allow statements with Principal '*' from the bucket policy.
Resource Types
- ROS:
ALIYUN::OSS::Bucket - Terraform:
alicloud_oss_bucket