Aws S3 Bucket Policy Gone Wrong

A “Curious Dev” was trying to play around with AWS S3 bucket policy.

*Statutory warning: Curiosity kills. Never try this stunt while at work. Organizations as big as U.S. Pentagon have faced the music because of this.

The ‘Principal’ element in the policy code specifies the user, account, service, or other entity that is allowed or denied access to a resource residing in AWS S3 bucket. There have been several cases reported across the world about how S3 buckets lead to data leakage. In most cases, that ‘star’ is the culprit.

For more information, visit AWS’ Principal page in the IAM User Guide. To know more about how to restrict Amazon S3 Bucket access to a specific IAM role, click here.

Share your experiences with us.

And don’t forget to follow us on twitter @totalcloudio for such comics.

Related Reading:

5 Not-to-Ignore Best Practices for AWS NACLs (Network Access Control Lists)

5 Not-to-Ignore Best Practices for AWS Security Groups

Aws S3 Bucket Policy Gone Wrong

Smart Scheduling at your fingertips

Go from simple to smart, real-time AWS resource scheduling to save cost and increase team productivity.

Learn More
More Posts

You Might Also Like

Product
Cloud Parking
Our automated Cloud Parking offers more scalability and flexibility than the standard AWS Instance Scheduler, guaranteeing you reasonable billing of your Cloud Architecture.
March 24, 2020
Sayonee
AWS Tips & Tricks
The Proven Practices for Successful AWS Cost Optimization
Running your AWS cloud architecture can be expensive, you need to adopt strategies that tried and tested to bring down your expenses. Here are the best AWS cost optimization strategies available currently.
March 4, 2020
Hrishikesh
AWS Tips & Tricks
AWS Cost Optimization Checklist
Want to cut down on the costs of maintaining your cloud services? Here's a list of things you need to make sure when running your AWS architecture.
March 2, 2020
Hrishikesh
AWS Tips & Tricks
How to Schedule RDS Instances with an AWS Lambda function?
Save your costs with scheduled operation of your database. Start and stop the RDS instances manually with python Lambda functions.
February 25, 2020
Hrishikesh
Product
Introducing the TotalCloud Smart Scheduler
Announcing the launch of the TotalCloud Resource Scheduler! Take complete advantage of AWS's 'pay for what you consume' model by putting a power control for every AWS resource that you use.
January 14, 2020
Sayonee
AWS Use Case Files
Increase EBS Volume Size In Aws
Learn how a simple workflow can auto-remediate and increase the EBS volume size when disk utilization goes beyond 90%
December 2, 2019
Sayonee