.png)
How can I check whether a non-public S3 bucket is using server-side encryption in JupiterOne?
dcpeach
✭✭✭✭✭
As an additional safeguard S3 server-side encryption uses an AES-256 block ciphers.
0
Answers
-
Below is a query that flags which internal S3 buckets are unencrypted.
FIND unique aws_s3_bucket WITH tag.dataclassification != ('Public' or'public' or 'PUBLIC') AND ( ( tag.dataclassification = ('Internal' or 'internal' or 'INTERNAL') AND encrypted != true AND policyDocument !~= '"s3:x-amz-server-side-encryption"' ) ) AS e1 RETURN e1.displayName as "Name", e1.arn as "ARN", e1.accountId as "Account ID", e1.region as Region, e1.tag.dataclassification as "Data Classification", e1. encrypted as Encrypted, e1.encryptionKeyRef as "KMs Key ID"0
This Month's Leaders
Categories
- 336 All Categories
- Featured Categories
- 7 About the AskJ1 Community
- 11 Product Announcements
- From Mission Control
- 1 Rapid Response
- 3 How J1 Uses J1
- Topics
- 131 Asset Management
- 56 Compliance & Reporting
- 65 Security Operations
- 40 Security Engineering
- 5 Open Source
- 18 News, Careers and More