OSS Bucket Public Write Prohibited

ID: rule:aliyun:oss-bucket-public-write-prohibited
Severity: high

Description

OSS buckets should not allow public write access. Public write access allows anyone to upload, modify, or delete objects in the bucket, which poses significant security risks.

Reason for Violation

The OSS bucket has public write access enabled (public-read-write ACL), which allows unauthorized users to modify or delete data.

Recommendation

Change the bucket ACL to private or public-read by setting the AccessControl property to 'private' or 'public-read'.

Resource Types

ALIYUN::OSS::Bucket

Description​

Reason for Violation​

Recommendation​

Resource Types​

Description

Reason for Violation

Recommendation

Resource Types