Files
Anthropic-Cybersecurity-Skills/skills/auditing-aws-s3-bucket-permissions/references/api-reference.md
T
mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
2026-03-10 21:02:12 +01:00

2.3 KiB

API Reference: Auditing AWS S3 Bucket Permissions

boto3 S3 Client

List Buckets

import boto3
s3 = boto3.client("s3")
response = s3.list_buckets()
for bucket in response["Buckets"]:
    print(bucket["Name"], bucket["CreationDate"])

Get Bucket ACL

acl = s3.get_bucket_acl(Bucket="my-bucket")
for grant in acl["Grants"]:
    print(grant["Grantee"], grant["Permission"])

Get/Put Public Access Block

# Check settings
resp = s3.get_public_access_block(Bucket="my-bucket")
config = resp["PublicAccessBlockConfiguration"]

# Enable all blocks
s3.put_public_access_block(
    Bucket="my-bucket",
    PublicAccessBlockConfiguration={
        "BlockPublicAcls": True,
        "IgnorePublicAcls": True,
        "BlockPublicPolicy": True,
        "RestrictPublicBuckets": True,
    },
)

Get Bucket Policy

import json
policy_str = s3.get_bucket_policy(Bucket="my-bucket")["Policy"]
policy = json.loads(policy_str)
for stmt in policy["Statement"]:
    print(stmt["Effect"], stmt["Principal"], stmt["Action"])

Check Encryption

enc = s3.get_bucket_encryption(Bucket="my-bucket")
rules = enc["ServerSideEncryptionConfiguration"]["Rules"]
print(rules[0]["ApplyServerSideEncryptionByDefault"]["SSEAlgorithm"])

Check Versioning

resp = s3.get_bucket_versioning(Bucket="my-bucket")
print(resp.get("Status", "Disabled"))

Key S3 API Methods for Security Auditing

Method Returns
list_buckets() All buckets in account
get_bucket_acl() ACL grants (AllUsers, AuthenticatedUsers)
get_public_access_block() Block public access configuration
get_bucket_policy() Bucket policy JSON (wildcard principals)
get_bucket_encryption() Default encryption algorithm
get_bucket_versioning() Versioning status
get_bucket_logging() Access logging configuration
get_bucket_location() Bucket region

Public Grant URIs to Flag

URI Risk
http://acs.amazonaws.com/groups/global/AllUsers Public read/write
http://acs.amazonaws.com/groups/global/AuthenticatedUsers Any AWS account

References