AWS Rolls Out New Security Feature To Prevent Accidental S3 Data Leaks

Amazon's Web Services division rolled out new security features to AWS account owners last week that are meant to prevent accidental data exposures caused by the misconfiguration of S3 data storage buckets. From a report: Starting today, AWS account owners will have access to four new options inside their S3 dashboards under the "Public access settings for this account" section. These four new options allow the account owner to set a default access setting for all of an account's S3 buckets. These new account-level settings will override any existing or newly created bucket-level ACLs (access control lists) and policies. Account owners will have the ability to apply these new settings for S3 buckets that will be created from now onwards, to apply the new setting retroactively, or both.

S3?

[jfdavis668]

I didn't know my video card could leak. I'll have to open it up and check.

This is a much needed thing... even I can do it.

[ctilsie242]

This is an absolute no brainer, and IMHO, a must have. Log onto AWS, go to S3, check four checkboxes, type in "confirm", hit OK, and not worry about public buckets again, unless someone explicitly logs in as a root/admin user and unchecks them.

Hopefully more AWS customers do this.

Re:Jesus christ

[Njovich]

I didn't say disable access, I said disable public file listings. I think people that want to sell access can manage to make a listing of the files they want to make accessible. Or make it a very hard to enable option or something like that.