S3 Bucket Does Not Have Object Lock Enabled
Overview
Check if S3 bucket Object Lock is enabled. Utilize a write-once-read-many (WORM) approach to store items, ensuring they cannot be deleted or altered for a specified duration or indefinitely. This strategy serves as a deterrent against ransomware attacks.
Vendor
AWS
Cloud Service
S3
Related Controls
S3.15
References
https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html
Severity
3
Item Types
AWS::S3::Bucket