- Newest
- Most votes
- Most comments
AWS is aware of this and are working on a solution.
You're highlighting a valid concern about the potential for unauthorized access to S3 buckets leading to unexpected charges, particularly if it results in a DDOS attack. While AWS does charge for unauthorized requests, While AWS does charge for unauthorized requests, there are several measures customers can take to mitigate this risk: DDOS Protection: Consider using AWS Shield, a managed Distributed Denial of Service (DDoS) protection service, to help protect against and mitigate DDOS attacks targeting your S3 buckets.
Amazon S3 Block Public Access: https://aws.amazon.com/s3/features/block-public-access/ Security best practices for Amazon S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html Preventing unauthorized access and data exfiltration: https://docs.aws.amazon.com/whitepapers/latest/logical-separation/mitigating-unauthorized-access-to-data.html
Is this temporary workaround for private bucket?
https://docs.aws.amazon.com/AmazonS3/latest/userguide/RequesterPaysBuckets.html
This issue is now addressed - see https://aws.amazon.com/about-aws/whats-new/2024/05/amazon-s3-no-charge-http-error-codes/
Amazon S3 will make a change so unauthorized requests that customers did not initiate are free of charge. With this change, bucket owners will never incur request or bandwidth charges for requests that return an HTTP 403 (Access Denied) error response if initiated from outside their individual AWS account or AWS Organization.
Relevant content
- asked 2 years ago
- asked 5 months ago
- asked 19 days ago
AWS OFFICIALUpdated 3 years ago- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 2 years ago
