OSS Bucket Public Read Prohibited

ID: rule:aliyun:oss-bucket-public-read-prohibited
Severity: high

Description

OSS buckets should not allow public read access unless specifically required. Public read access allows anyone to access and download objects in the bucket.

Reason for Violation

The OSS bucket has public read access enabled, which may expose sensitive data to unauthorized access.

Recommendation

Change the bucket ACL to private by setting the AccessControl property to 'private'.

Resource Types

ALIYUN::OSS::Bucket

Description​

Reason for Violation​

Recommendation​

Resource Types​

Description

Reason for Violation

Recommendation

Resource Types