securing-s3-buckets
Overview
Implements layered S3 security controls across five workflows: securing new buckets, auditing existing configurations, remediating findings, configuring encryption, and enabling monitoring. Follows AWS Well-Architected security best practices.
Execute commands using the AWS MCP server when connected (sandboxed execution, audit logging, observability). Fall back to AWS CLI or shell otherwise.
Common Tasks
0. Verify Dependencies
Check for required tools before starting.
Constraints:
- You MUST inform the user if required tools are missing
- You SHOULD confirm credentials with
aws sts get-caller-identity
See references/iam-permissions.md for IAM permissions by workflow.
1. Classify the Request
| User intent | Workflow |
|---|---|
| Secure a new bucket | A: Secure New Bucket |
| Audit / review existing bucket | B: Audit Existing Bucket |
| Fix a specific finding | C: Remediate Issue |
| Configure encryption | D: Configure Encryption |
| Enable logging / monitoring | E: Enable Monitoring |
Constraints:
- You MUST ask for all required parameters upfront
- You MUST confirm bucket name and region before any write operation
- You MAY infer region from user context if clearly stated
- You SHOULD run
aws iam simulate-principal-policyto validate permissions before write operations - You SHOULD display write commands and wait for confirmation before executing
put-bucket-policy Safety Rules
These rules apply to ALL workflows that call put-bucket-policy:
- You MUST attempt to retrieve the existing policy first (
aws s3api get-bucket-policy) —put-bucket-policyreplaces the entire policy - If a policy exists, you MUST back it up before modifying:
aws s3api get-bucket-policy --bucket <name> --output text > backup-policy-$(date +%s).json - If
NoSuchBucketPolicyis returned, proceed with a new policy — no backup is needed - You MUST merge new statements into the existing policy's Statement array (if one exists)
- You MUST validate merged JSON syntax before applying (e.g.
echo '<policy>' | python3 -m json.tool) - You SHOULD display the full
put-bucket-policycommand and wait for confirmation
2. Workflow A — Secure New Bucket
See references/workflows.md for full CLI steps.
Required steps (execute in order, do not skip):
- Create bucket with
--bucket-namespace account-regional - Enable versioning
- Enable encryption (SSE-S3 + Bucket Keys + block SSE-C)
- Enable logging (ask user which option — conditional)
- Enforce HTTPS-only via
DenyInsecureTransportbucket policy - Enable ABAC
Constraints:
-
You MUST pass
--bucket-namespace account-regionaloncreate-bucketcall — this is REQUIRED, not optional. Example:aws s3api create-bucket --bucket <name> --bucket-namespace account-regional --region <region> -
You MUST NOT change Block Public Access — S3 enables it by default on new buckets
-
You MUST NOT change ACL ownership controls — S3 disables ACLs (
BucketOwnerEnforced) by default -
You MUST apply a bucket policy with a
DenyInsecureTransportstatement that deniess3:*whenaws:SecureTransportisfalse— this is REQUIRED, not optional. Example:aws s3api put-bucket-policy --bucket <name> --policy '{"Version":"2012-10-17","Statement":[{"Sid":"DenyInsecureTransport","Effect":"Deny","Principal":"*","Action":"s3:*","Resource":["arn:aws:s3:::<name>/*","arn:aws:s3:::<name>"],"Condition":{"Bool":{"aws:SecureTransport":"false"}}}]}' -
You MUST ask the user which logging option they want before step 4
-
You MUST follow the put-bucket-policy safety rules for steps 4 and 5
-
You SHOULD confirm each step succeeded before proceeding
3. Workflow B — Audit Existing Bucket
See references/audit-checklist.md for the full checklist.
Constraints:
- You MUST run all read-only audit commands before reporting findings
- You MUST NOT execute any write or modify commands during an audit
- You MUST report each control as PASS / FAIL / NOT CONFIGURED with severity
- For logging: report PASS if either S3 server access logging OR CloudTrail data events are enabled; NOT CONFIGURED only if neither
4. Workflow C — Remediate Issue
See references/remediation.md for fix commands by issue type.
Constraints:
- You MUST identify the issue type before applying any fix
- You MUST follow the put-bucket-policy safety rules when modifying policies
- You MUST re-run the relevant audit check after applying the fix to confirm resolution
5. Workflow D — Configure Encryption
See references/encryption.md for encryption options and commands.
Constraints:
- You MUST default to SSE-S3 with S3 Bucket Keys and SSE-C blocked unless the user explicitly requests KMS
- When using SSE-KMS, you MUST use a customer managed key — NEVER the AWS managed
aws/s3key - You MUST specify customer-managed KMS keys by full ARN, not alias
- You MUST include
BucketKeyEnabled: trueandBlockedEncryptionTypes: [SSE-C]in all configurations - Note: The S3 API accepts
aws/s3and aliases without error — agent-enforced constraints. Verify withget-bucket-encryptionafter applying.
6. Workflow E — Enable Monitoring
See references/workflows.md for full CLI steps.
Constraints:
- You MUST check whether a GuardDuty detector already exists before creating one
- You MUST use the trail's home region (not the bucket's region) for CloudTrail commands
- You SHOULD enable all four core recommended AWS Config rules
Troubleshooting
ObjectLockConfigurationNotFoundError — Object Lock is not enabled. Treat as NOT CONFIGURED, not a failure.
AccessDenied on audit commands — Check IAM policy, bucket policy, Block Public Access, VPC endpoint policy, and SCPs/RCPs. Use aws iam simulate-principal-policy to diagnose.
put-bucket-policy silently removes existing statements — See put-bucket-policy safety rules.
GuardDuty BadRequestException: detector already exists — Run aws guardduty list-detectors first; only call create-detector if empty.
CloudTrail changes not taking effect — Verify you are using --region <trail-home-region>, not the bucket's region. Find it with aws cloudtrail describe-trails --query 'trailList[*].[Name,HomeRegion]'.
Additional Resources
- references/iam-permissions.md — IAM permissions by workflow
- references/audit-checklist.md — Per-control checklist with severity and pass conditions
- references/encryption.md — Encryption options, KMS guidance, SSE-C blocking
- references/remediation.md — Fix commands for common findings
- references/workflows.md — Full CLI command sequences for Workflows A and E
- AWS S3 Security Best Practices
- AWS Well-Architected Security Pillar
More from aws/agent-toolkit-for-aws
aws-iam
Verified corrections for IAM behaviors that AI agents frequently get\
236aws-serverless
Builds, deploys, manages, debugs, configures, and optimizes serverless applications on AWS using Lambda, API Gateway, Step Functions, EventBridge, and SAM/CDK. Covers cold starts, CORS debugging, event source mappings, troubleshooting, concurrency, SnapStart, Powertools, function URLs, EventBridge Scheduler, Lambda layers, Durable Functions, durable execution, checkpoint-and-replay, and production readiness. Use when the user mentions Lambda, API Gateway, Step Functions, SAM templates, CDK serverless stacks, DynamoDB stream triggers, SQS event sources, cold starts, timeouts, 502/504 errors, throttling, concurrency, CORS, Powertools, Durable Functions, durable execution, checkpoint-and-replay, or any event-driven architecture on AWS, even if they don't say "serverless." Do NOT use for EC2, ECS/Fargate containers, or Amplify hosting.
218aws-sdk-python-usage
|
212aws-cloudformation
Author, validate, and troubleshoot AWS CloudFormation templates. Covers template authoring with secure defaults, pre-deployment validation (cfn-lint, cfn-guard, change sets), and root-cause diagnosis of failed stacks using CloudFormation events and CloudTrail correlation.
211aws-cdk
Authors, deploys, and troubleshoots AWS infrastructure using CDK with TypeScript or Python. Covers best practices, stack architecture, and construct patterns. Always use when writing CDK constructs, bootstrapping environments, running cdk deploy/synth/diff, fixing CDK or CloudFormation errors, planning stack structure, importing existing resources, resolving drift, or refactoring stacks without resource replacement.
208aws-messaging-and-streaming
>
172