From 7ecb4d7b00bf6cd5a04b78ddbb02a1e7576cf5e7 Mon Sep 17 00:00:00 2001
From: Pepe Fagoaga <pepe@verica.io>
Date: Wed, 27 Sep 2023 09:35:26 +0200
Subject: [PATCH] fix(s3_bucket_policy_public_write_access): Handle S3 Policy
 without Principal (#2871)

---
 .../s3_bucket_policy_public_write_access.py                  | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/prowler/providers/aws/services/s3/s3_bucket_policy_public_write_access/s3_bucket_policy_public_write_access.py b/prowler/providers/aws/services/s3/s3_bucket_policy_public_write_access/s3_bucket_policy_public_write_access.py
index fab73e76..ca509904 100644
--- a/prowler/providers/aws/services/s3/s3_bucket_policy_public_write_access/s3_bucket_policy_public_write_access.py
+++ b/prowler/providers/aws/services/s3/s3_bucket_policy_public_write_access/s3_bucket_policy_public_write_access.py
@@ -41,7 +41,10 @@ class s3_bucket_policy_public_write_access(Check):
                     if (
                         statement["Effect"] == "Allow"
                         and "Condition" not in statement
-                        and "*" in str(statement["Principal"])
+                        and (
+                            "Principal" in statement
+                            and "*" in str(statement["Principal"])
+                        )
                         and (
                             "s3:PutObject" in statement["Action"]
                             or "*" in statement["Action"]