AWS S3 Bucket Policy Gone Wrong
Cloud Comics

A “Curious Dev” was trying to play around with AWS S3 bucket policy.

*Statutory warning: Curiosity kills. Never try this stunt while at work. Organizations as big as U.S. Pentagon have faced the music because of this.

 

The ‘Principal’ element in the policy code specifies the user, account, service, or other entity that is allowed or denied access to a resource residing in AWS S3 bucket. There have been several cases reported across the world about how S3 buckets lead to data leakage. In most cases, that ‘star’ is the culprit.

For more information, visit AWS’ Principal page in the IAM User Guide. To know more about how to restrict Amazon S3 Bucket access to a specific IAM role, click here.

Share your experiences with us.

And don’t forget to follow us on twitter @totalcloudio for such comics.

Top Categories
Stay up to date on the latest stories case studies and videos
You might also like
AWS Tips & Tricks, Cloud Computing
5 Not-to-Ignore Best Practices for AWS Security Groups
To secure AWS resources 24X7 from unwanted attacks, you must always have the right combination of VPC, Network Access Contr...
Read More
Cloud Comics
The FIFA Fever and the AWS Bill Nightmare
The entire world is raving about FIFA world cup, and Mr. Dev is caught up in a nail-biting football match trying to keep up...
Read More
Cloud Computing, Product
Getting a Handle on Spiralling AWS Lambda Cost in ~15 sec
AWS Lambda function might look low-priced while getting started. Even though developers can limit its max memory size and m...
Read More
Cloud Comics, Cloud Computing
Despicable You and the AWS Cloud Bill Shock
To err is human… to avoid a massive bill is divine. Keep a check on those logs getting piled up in S3. Set a cost ceilin...
Read More
Cloud Comics
In Your Cloud: Expectations Vs. Reality
Few reflections from a Cloud user: Is the reality ever actually as good as expectations…time for a reality check! Tweet y...
Read More