This policy validates that S3 Bucket access policies do not allow any principal for a given action on the bucket, in accordance with the principle of least privilege.
To remediate this, modify any grants in the S3 Bucket access policy that have
Princiapl:*. New, more restrictive grants may be needed in their place to maintain access.
AWS S3 Bucket example policies