To post a new support question, click the Post New Topic button below.
Current Version: 4.8.5 | Sytist Manual | Common Issues | Feature Requests
Please log in or Create an account to post or reply to topics.
You will still receive notifications of replies to topics you are part of even if you do not subscribe to new topic emails.
Amazon S3
J
Jeffery Bryson
29 posts
Mon Feb 08, 21 6:39 PM CST
Just received this email from Amazon... my question would be are my photos safe from general public? or is there a possibility that someone could find them in the bucket and take them? I set the amazon s3 up a while ago when i setup my new site, about 2 years ago so not sure if I missed a need to make changes or not...
Amazon Web Services, Inc.
4:45 PM (51 minutes ago)
to me
Hello,
We are writing to notify you that you have configured your S3 bucket(s) to be publicly accessible, and this may be a larger audience than you intended. By default, S3 buckets allow only the account owner to access the contents of a bucket; however, customers can configure S3 buckets to permit public access. Public buckets are accessible by anyone on the Internet, and content in them may be indexed by search engines.
We recommend enabling the S3 Block Public Access feature on buckets if public access is not required. S3 bucket permissions should never allow "Principal":"*" unless you intend to grant public access to your data. Additionally, S3 bucket ACLs should be appropriately scoped to prevent unintended access to "Authenticated Users" (anyone with an AWS account) or "Everyone" (anyone with Internet access) unless your use case requires it. For AWS's definition of "Public Access," please see The Meaning of "Public” [1].
The list of buckets which can be publicly accessed is below:
sytistwebupload | us-east-1
You can ensure individual buckets, or all your buckets prevent public access by turning on the S3 Block Public Access feature [2]. This feature is free of charge and it only takes a minute to enable. For step by step instructions on setting up S3 Block Public Access via the S3 management console, see Jeff Barr’s blog [3], or check out the video tutorial on Block Public Access [4].
If you have a business need to maintain some level of public access, please see Overview of Managing Access [5] for more in-depth instructions on managing access to your bucket to make sure you’ve permitted the correct level of access to your objects. If you would like more information about policy configuration in S3, please refer to Managing Access in Amazon S3 [6], and S3 Security Best Practices [7].
We recommend that you make changes in accordance with your operational best practices.
If you believe you have received this message in error or if you require technical assistance, please open a support case[8].
[1] https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status
[2] https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html
[3] https://aws.amazon.com/blogs/aws/amazon-s3-block-public-access-another-layer-of-protection-for-your-accounts-and-buckets/
[4] https://aws.amazon.com/s3/features/block-public-access/
[5] https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-overview.html#access-control-resources-manage-permissions-basics
[6] https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html
[7] https://docs.aws.amazon.com/AmazonS3/latest/dev/security-best-practices.html
[8] https://aws.amazon.com/support
Sincerely,
Amazon Web Services
Amazon Web Services, Inc. is a subsidiary of Amazon.com, Inc. Amazon.com is a registered trademark of Amazon.com, Inc. This message was produced and distributed by Amazon Web Services Inc., 410 Terry Ave. North, Seattle, WA 98109-5210
---
Reference: https://phd.aws.amazon.com/phd/home#/event-log?Event%20ARN=arn:aws:health:global::event/S3/AWS_S3_SECURITY_NOTIFICATION/AWS_S3_SECURITY_NOTIFICATION_b051c289-90a4-4a09-9837-5fadb54a3c68&eventID=arn:aws:health:global::event/S3/AWS_S3_SECURITY_NOTIFICATION/AWS_S3_SECURITY_NOTIFICATION_b051c289-90a4-4a09-9837-5fadb54a3c68&eventTab=details&layout=vertical
Amazon Web Services, Inc.
4:45 PM (51 minutes ago)
to me
Hello,
We are writing to notify you that you have configured your S3 bucket(s) to be publicly accessible, and this may be a larger audience than you intended. By default, S3 buckets allow only the account owner to access the contents of a bucket; however, customers can configure S3 buckets to permit public access. Public buckets are accessible by anyone on the Internet, and content in them may be indexed by search engines.
We recommend enabling the S3 Block Public Access feature on buckets if public access is not required. S3 bucket permissions should never allow "Principal":"*" unless you intend to grant public access to your data. Additionally, S3 bucket ACLs should be appropriately scoped to prevent unintended access to "Authenticated Users" (anyone with an AWS account) or "Everyone" (anyone with Internet access) unless your use case requires it. For AWS's definition of "Public Access," please see The Meaning of "Public” [1].
The list of buckets which can be publicly accessed is below:
sytistwebupload | us-east-1
You can ensure individual buckets, or all your buckets prevent public access by turning on the S3 Block Public Access feature [2]. This feature is free of charge and it only takes a minute to enable. For step by step instructions on setting up S3 Block Public Access via the S3 management console, see Jeff Barr’s blog [3], or check out the video tutorial on Block Public Access [4].
If you have a business need to maintain some level of public access, please see Overview of Managing Access [5] for more in-depth instructions on managing access to your bucket to make sure you’ve permitted the correct level of access to your objects. If you would like more information about policy configuration in S3, please refer to Managing Access in Amazon S3 [6], and S3 Security Best Practices [7].
We recommend that you make changes in accordance with your operational best practices.
If you believe you have received this message in error or if you require technical assistance, please open a support case[8].
[1] https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status
[2] https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html
[3] https://aws.amazon.com/blogs/aws/amazon-s3-block-public-access-another-layer-of-protection-for-your-accounts-and-buckets/
[4] https://aws.amazon.com/s3/features/block-public-access/
[5] https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-overview.html#access-control-resources-manage-permissions-basics
[6] https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html
[7] https://docs.aws.amazon.com/AmazonS3/latest/dev/security-best-practices.html
[8] https://aws.amazon.com/support
Sincerely,
Amazon Web Services
Amazon Web Services, Inc. is a subsidiary of Amazon.com, Inc. Amazon.com is a registered trademark of Amazon.com, Inc. This message was produced and distributed by Amazon Web Services Inc., 410 Terry Ave. North, Seattle, WA 98109-5210
---
Reference: https://phd.aws.amazon.com/phd/home#/event-log?Event%20ARN=arn:aws:health:global::event/S3/AWS_S3_SECURITY_NOTIFICATION/AWS_S3_SECURITY_NOTIFICATION_b051c289-90a4-4a09-9837-5fadb54a3c68&eventID=arn:aws:health:global::event/S3/AWS_S3_SECURITY_NOTIFICATION/AWS_S3_SECURITY_NOTIFICATION_b051c289-90a4-4a09-9837-5fadb54a3c68&eventTab=details&layout=vertical
Tim - PicturesPro.com
16,145 posts
(admin)
Tue Feb 09, 21 4:58 AM CST
The bucket has to be public for people to see the photos. Does not mean they can find them in the bucket, they can't.
Tim Grissett, DIA - PicturesPro.com
My Email Address: info@picturespro.com
My Email Address: info@picturespro.com
Please log in or Create an account to post or reply to topics.
Loading more pages