/ Cloud Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

AWS S3 Bucket Policy Gone Wrong [Comic]

DZone 's Guide to

AWS S3 Bucket Policy Gone Wrong [Comic]

From S3 Bucket to Pandora's Box in one simple step.

by
·
Mar. 22, 18 · Cloud Zone ·
Free Resource

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

This “Curious Dev” was trying to play around with AWS S3 bucket policy.
Image title

*Statutory warning: Curiosity kills. Never try this stunt while at work. Organizations as big as U.S. Pentagon have faced the music because of this.


The ‘Principal’ element in the policy code specifies the user, account, service, or other entity that is allowed or denied access to a resource residing in AWS S3 bucket. There have been several cases reported across the world about how S3 buckets lead to data leakage. In most cases, that ‘star’ is the culprit.

For more information, visit AWS’ Principal page in the IAM User Guide. To know more about how to restrict Amazon S3 Bucket access to a specific IAM role, click here.

Like This Article? Read More From DZone

AWS S3 Bucket Naming Challenge [Comic]
Considerations for Creating Secure User Groups on AWS Using IAM
5 Benefits of S3 Select and How it Protects Data Under GDPR Compliance

Free DZone Refcard

Cloud Native Data Grids: Hazelcast IMDG With Kubernetes
DOWNLOAD
Topics:
aws s3 ,aws ,cloud security ,privacy policy ,data security breach ,public cloud ,public cloud security ,cloud storage ,iam

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

Cloud Partner Resources

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone