This Op will identify IAM Roles and users/groups with excessive IAM permissions for data access.
Identify and correct any IAM policies that allow excessive data access permissions. This assessment focuses on S3 and DynamoDB and identifies and restricts all IAM policies (managed and inline) that allow excessive permissions for tables, buckets and objects.
- Restrict Data Access
- Remove Exposed Data Actions
Fashion App’s Faux Pas: Open Buckets of (21) Buttons TL; DR: Leaving their S3 buckets exposed, fashion-focused social app, 21 Buttons, is caught with their pants down. Because it had nothing to do with
In our last post, we walked through the console and highlighted making the most of the Security Hub console and some tips and tricks to make it more useful. Today I want to dive into one of the best parts of Security Hub — taking actions on events and findings.