TF 0116 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
S3 DNS Compliant Bucket Names
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | s3 |
| Provider | aws |
| Vulnerability Type | misconfiguration |
Description
S3 buckets are being created with names containing periods ('.'), which violates AWS DNS compliance requirements. Such names can lead to compatibility issues with certain S3 features and integrations.
Impact
Non-DNS compliant S3 bucket names may prevent the use of features like S3 Transfer Acceleration and HTTPS access, potentially exposing data to misrouting or failed connections. This can disrupt application functionality, reduce security, and limit interoperability with AWS services.
Resolution
Recreate S3 bucket to use - instead of . in S3 bucket names