In general the cloud object store Amazon S3 is pretty straightforward to use, but mistakes are easily made. The service itself is proven to be secure (“security of the cloud”), reliable and performant. However, misconfiguration by the owner of the S3 buckets can give a totally different experience (“security in the cloud”). In this blog the five most common mistakes will be addressed as a learning experience.
1. Leaky S3 buckets Never configure your S3 bucket to allow direct public access to your S3 buckets.