AWS S3 Bucket Policy Gone Wrong
Cloud Comics

A “Curious Dev” was trying to play around with AWS S3 bucket policy.

*Statutory warning: Curiosity kills. Never try this stunt while at work. Organizations as big as U.S. Pentagon have faced the music because of this.

 

The ‘Principal’ element in the policy code specifies the user, account, service, or other entity that is allowed or denied access to a resource residing in AWS S3 bucket. There have been several cases reported across the world about how S3 buckets lead to data leakage. In most cases, that ‘star’ is the culprit.

For more information, visit AWS’ Principal page in the IAM User Guide. To know more about how to restrict Amazon S3 Bucket access to a specific IAM role, click here.

Share your experiences with us.

And don’t forget to follow us on twitter @totalcloudio for such comics.

Do check out TotalCloud Inc.’s new flagship feature Security Group View that will provide visual cues to security loopholes in real-time and in 3D space. Sign-up to try. Want to know how the visual cues to security renders, read this post.

Check out this video that gives a gist of AWS Security Group View:

Want a quick demo? Click here.

As a cloud security practitioner, how are you using IAM as a primary control mechanism? Do share your views.

Related Reading:

5 Not-to-Ignore Best Practices for AWS NACLs (Network Access Control Lists)

5 Not-to-Ignore Best Practices for AWS Security Groups

Top Categories
Stay up to date on the latest stories case studies and videos
You might also like
AWS Tips & Tricks, Cloud Computing
Testing the Waters of AWS EC2 C5D Instances
Ever since Amazon announced AWS EC2 C5D instances, we — as AWS practitioners — have been digging deep into the ...
Read More
AWS Tips & Tricks, Cloud Computing
5 Not-to-Ignore Best Practices for AWS Security Groups
To secure AWS resources 24X7 from unwanted attacks, you must always have the right combination of VPC, Network Access Contr...
Read More
Cloud Comics
The FIFA Fever and the AWS Bill Nightmare
The entire world is raving about FIFA world cup, and Mr. Dev is caught up in a nail-biting football match trying to keep up...
Read More
Cloud Computing, Product
Getting a Handle on Spiralling AWS Lambda Cost in ~15 sec
AWS Lambda function might look low-priced while getting started. Even though developers can limit its max memory size and m...
Read More
Cloud Comics, Cloud Computing
Despicable You and the AWS Cloud Bill Shock
To err is human… to avoid a massive bill is divine. Keep a check on those logs getting piled up in S3. Set a cost ceilin...
Read More