The ‘Principal’ element in the policy code specifies the user, account, service, or other entity that is allowed or denied access to a resource residing in AWS S3 bucket. There have been several cases reported across the world about how S3 buckets lead to data leakage. In most cases, that ‘star’ is the culprit.
Share your experiences with us.
And don’t forget to follow us on twitter @totalcloudio for such comics.
Do check out TotalCloud Inc.’s new flagship feature Security Group View that will provide visual cues to security loopholes in real-time and in 3D space. Sign-up to try. Want to know how the visual cues to security renders, read this post.
Check out this video that gives a gist of AWS Security Group View:
Want a quick demo? Click here.
As a cloud security practitioner, how are you using IAM as a primary control mechanism? Do share your views.