OSS bucket policy does not grant permissions to anonymous users

ID: rule:aliyun:oss-bucket-policy-no-any-anonymous
Severity: high

Description

OSS bucket policy does not grant any read or write permissions to anonymous users.

Reason for Violation

OSS bucket policy grants permissions to anonymous users, which may expose sensitive data.

Recommendation

Remove anonymous user permissions from OSS bucket policy. Ensure Principal does not contain '*' for anonymous access.

Resource Types

• ALIYUN::OSS::Bucket