A few thoughts on the $80 million fine from the Capital One Breach
It’s Twitter thread so a bit hard to read but worth it. The cause is due to an AWS IAM policy s3:GetObject to * resource. IAM is trial and error, you run your app, see if it works and need what permission and grant it. Sometime you feel frustrated and just quickly do a * and there we go. $80 million fine. What can we do about it? This thread give some tips and guide line to improve security when working with IAM. Some tools such as police sentry to review IAM, or Netflix’s repokid to automatically revoking unused IAM permission.