AWS S3 Bucket Policy Gone Wrong [Comic]
AWS S3 Bucket Policy Gone Wrong [Comic]
From S3 Bucket to Pandora's Box in one simple step.
Join the DZone community and get the full member experience.
Join For FreeSee why enterprise app developers love Cloud Foundry. Download the 2018 User Survey for a snapshot of Cloud Foundry users’ deployments and productivity.
This “Curious Dev” was trying to play around with AWS S3 bucket policy.
*Statutory warning: Curiosity kills. Never try this stunt while at work. Organizations as big as U.S. Pentagon have faced the music because of this.
The ‘Principal’ element in the policy code specifies the user, account, service, or other entity that is allowed or denied access to a resource residing in AWS S3 bucket. There have been several cases reported across the world about how S3 buckets lead to data leakage. In most cases, that ‘star’ is the culprit.
For more information, visit AWS’ Principal page in the IAM User Guide. To know more about how to restrict Amazon S3 Bucket access to a specific IAM role, click here.
Cloud Foundry saves app developers $100K and 10 weeks on average per development cycle. Download the 2018 User Survey for a snapshot of Cloud Foundry users’ deployments and productivity. Find out what people love about the industry standard cloud application platform.
Like This Article? Read More From DZone
Published at DZone with permission of Jayashree Hegde Adkoli , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
{{ parent.title || parent.header.title}}
{{ parent.tldr }}
{{ parent.linkDescription }}
{{ parent.urlSource.name }}