User: you charge me when people make unauthorised requests to an S3 bucket?

AWS: yes of course

User: but

AWS: working as intended

User: but

AWS: thank you for your money

medium.com/@maciej.pocwierz/ho

Follow

@jonty

*innocent configuration oversight*

"If all those misconfigured systems were attempting to back up their data into my S3 bucket, why not just let them do so? I opened my bucket for public writes and collected over 10GB of data within less than 30 seconds. Of course, I can’t disclose whose data it was. But it left me amazed at how an innocent configuration oversight could lead to a dangerous data leak!"

This is so infuriating. Not only that devs use some magic packets with default configuration and produce data loss, but also that the managers require the devs to produce results asap. That's how such mess happens.

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.