2 posts tagged with "S3"

Our previous blog post discussed securing S3 buckets (you can find it here), but how might you steal data from those S3 buckets if you were an attacker? This blog post will explore some methods available and the specific permissions an attacker would require to perform them – this will allow you to create service control policies (SCPs) to prevent their use. Or prevent them from being used in any of your IAM policies.

If you’ve been using AWS, you’ve undoubtedly heard of S3 buckets. S3 buckets provide object-level storage for almost unlimited amounts of data – S3 also supports multiple data tiers to help you lower costs if you’re storing backup data, for example. However, how to properly secure an S3 bucket can be confusing. In this guide, we will walk through some security tips to apply to your S3 buckets.