Public Resources

Lists cloud storage exposed to the internet.

The Public Resources page shows all cloud storage assets that are currently accessible by anyone on the internet. Use this page to review, approve, or flag each publicly exposed resource based on whether the exposure is intentional and acceptable.

Summary Cards

Two cards at the top provide a quick count of your exposure status. Resources can be filtered by type. We currently keep track of EBS Snapshots, RDS Databases, RDS Snapshots, and S3 Buckets.

Status Tabs

Resources are organized into three tabs based on their review status:

Tab

Meaning

Needs Review

Newly discovered public resources that have not been assessed yet

Approved

Resources confirmed as intentionally public

In Violation

Resources confirmed as exposed contrary to policy

Click each tab to view resources in that state.

Reviewing Resources

Approving a Resource

If a public resource is intentional (e.g. a public website assets bucket):

Go to the Needs Review tab.
Check the box next to the resource(s) you want to approve.
Select 'Change Status'
Click Approved and Save.

Flagging a Violation

If a public resource should not be exposed:

Go to the Needs Review tab.
Check the box next to the resource(s) you want to approve.
Select 'Change Status'
Click In Violation and Save.

Changing a Previously Set Status

You can change the status of a resource at any time:

From the Approved tab: use Move to Needs Review or Flag as Violation
From the In Violation tab: use Move to Needs Review or Approve Selected

Resource Cards

Each resource card shows:

Resource name and type
Resource cloud account and regional details
An external link that leads to the resource for manual evaluation
Current acknowledgment status

PreviousData Stores NextData Classification

Last updated 1 month ago

hashtagSummary Cards

hashtagStatus Tabs

hashtagReviewing Resources

hashtagApproving a Resource

hashtagFlagging a Violation

hashtagChanging a Previously Set Status

hashtagResource Cards