- 최신
- 최다 투표
- 가장 많은 댓글
Absolutely, you should follow s3 best practices as suggested here previously, as first aid, add following bucket policy immediately to deny access to everyone:
-
Navigate to S3 service from management console
-
Click on the bucket
-
Go to Permissions tab
-
Scroll down, go to Bucket policy and then click edit
-
In the policy, add following policy
{ "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "<your user arn or role arn would come here>" }, "Action": [ "s3:*" ], "Resource": [ "arn:aws:s3:::bucket_name", "arn:aws:s3:::bucket_name/*" ] }, { "Effect": "Deny", "NotPrincipal": { "AWS": "<your user arn or role arn would come here>" }, "Action": [ "s3:*" ], "Resource": [ "arn:aws:s3:::bucket_name", "arn:aws:s3:::bucket_name/*" ] } ] } -
Click Save changes
This would deny everyone to access the bucket, once done then go to S3 Best Practices and see how you could avoid this situation to keep security of the bucket tight.
If the S3 bucket is not needed, it may be deleted.
If still in use, setting up an S3 access log may help identify when unauthorized access has occurred.
Also, the following document describes best practices for S3, so consider following best practices.
https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html
