Extracting Data From S3 As The Attacker
Our previous blog post discussed securing S3 buckets (you can find it here), but how might you steal data from those S3 buckets if you were an attacker? This blog post will explore some methods available and the specific permissions an attacker would require to perform them – this will allow you to create service control policies (SCPs) to prevent their use. Or prevent them from being used in any of your IAM policies.