Find public facing S3 buckets.
The accidental or deliberate exposure of private data stored in Amazon S3 is a persistent issue. S3 buckets can become public through multiple mechanisms, and keeping track of all of them can be difficult. This Op checks bucket policies and Access Control Lists for the most common inadvertent exposures.
DisruptOps users can choose to lock down the Bucket policy to pre-approved IP addresses, or tagged the instance as approved for Internet access.