A tool for customers to evaluate their AWS service configurations based on AWS and community best practices and receive recommendations on potential improvements.
Describe the bug
In the S3Bucket.py file, the functions policyAllowsPublicRead and policyAllowsPublicWrite use Iam.simulate_principal_policy to evaluate if the bucket is public accessible. But Iam policy simulator can't evaluate resource policy. So these two functions won't work.
I suggest to just check if the bucket is public accessible by using s3: get-bucket-policy-status api to check if the bucket is public or not.
Describe the bug In the S3Bucket.py file, the functions policyAllowsPublicRead and policyAllowsPublicWrite use Iam.simulate_principal_policy to evaluate if the bucket is public accessible. But Iam policy simulator can't evaluate resource policy. So these two functions won't work.
I suggest to just check if the bucket is public accessible by using s3: get-bucket-policy-status api to check if the bucket is public or not.