Amazon Web Services (AWS) has announced that all customers can now freely check whether their S3 buckets are leaking stored data.
“Previously available only to Business and Enterprise support customers, [the S3 bucket permissions check] identifies S3 buckets that are publicly accessible due to ACLs or policies that allow read/write access for any user,” the cloud computing giant noted. The check is available through AWS Trusted Advisor, an online tool that helps users inspect their AWS environment and improve system performance and reliability, optimize costs, and close security gaps.
Cloud storage instances that can be accessed by anyone who stumbles upon them are a big problem: hardly a day goes by without news about some company or other inadvertently leaving sensitive data accessible to unauthorized users. As flagged by the BBC, some security researchers have begun leaving “friendly warnings” to AWS S3 users whose private content has been made public.
Read more about the new S3 bucket permissions check AWS is offering to all its users on Help Net Security.