Multi account s3 presentation

•

1 like•95 views

John Varghese

Cross account s3 permission

Data & Analytics

● Object-file storage
● Stores data (objects) in “buckets” -- addressed by a
“prefix” or “key”
● Globally-unique namespace (All AWS customers)
● Buckets reside in regions
● Can store A LOT of data
● *Very complex permissions model
● Buckets cannot be moved

VERY easy to do the WRONG thing:
https://www.computing.co.uk/ctg/news/3026816/fedex-left-hundreds-of-thousands-of-personal-records-exposed-on-unsecured-s3-server

● IAM, Bucket ACLs, Bucket Policies, and Object ACLs!
● Fully documented authentication flow here:

● IAM is… IAM
● Bucket ACL
○ Defines the AWS Account that is allowed access to a
bucket
● Bucket Policy
○ IAM syntax -- this is a RESOURCE POLICY
● Object ACL
○ Defines the AWS Account that is permitted access to
the object itself

● AWS resources “reside” in an account.
● Accessing resources in an account requires an IAM
principal (Role, User, Group).
● Buckets have ownership (the account it resides in)
● Objects have ownership (the account that PUT the object
into the bucket)
○ Account = Account that owns IAM Role/User/Group
that placed the object into the bucket
● Bucket and object ownership can be different!

● If the bucket resides in the SAME account as the IAM
principal:
○ In *MOST cases: Simply add the S3 IAM permissions
in IAM -- DONE!

● Source IAM needs to explicitly grant access
● Bucket itself needs to explicitly grant access

● MyApp has s3:PutObject on the-bucket
● the-bucket allows MyApp s3:PutObject access
● MyApp successfully places myobj into the-bucket
Account BAccount A
MyApp
the-bucket
myobj

Account BAccount A
MyApp
the-bucket
myobj
Bucket is owned by Account B
Object is owned by Account A
Mismatched ownership

Account A
MyApp
Account B
the-bucket
myobj
Account C
MyOtherApp
● MyOtherApp’s IAM role permits access to myobj
● the-bucket allows MyOtherApp access to myobj
● ACCESS DENIED because myobj needs an ACL to allow
Account C access to it

Account B
the-bucket
myobj
Account C
MyOtherApp
● MyApp & MyOtherApp have sts:AssumeRole permissions to
S3Role
● S3Role has s3:PutObject on the-bucket
● MyApp assumes S3Role and then puts myobj in the-bucket
● MyOtherApp assumes S3Role to read from the-bucket
Account A
MyApp
S3Role

● Dictionary with all your S3 buckets
○ Accounts and Region
● If cross-account, creates the IAM roles in the
bucket-owning account
○ AppName-SourceAccountNumber
● Grants the source app sts:AssumeRole permissions to
the destination role
● IMPORTANT: Need a client that is aware of this!

● Permissions follow the following verbs:
○ list
○ get
○ put
○ delete
● Bucket Level Permissions (List)
○ s3:ListBucket
○ s3:ListBucketVersions
○ *

get put delete
s3:GetObject
s3:GetObjectTagging
s3:GetObjectVersion
s3:GetObjectVersionTagging
s3:GetObjectAcl
s3:GetObjectVersionAcl
s3:PutObject
s3:PutObjectTagging
s3:PutObjectVersionTagging
s3:ListMultipartUploadParts
s3:AbortMultipartUpload
s3:RestoreObject
s3:DeleteObject
s3:DeleteObjectTagging
s3:DeleteObjectVersion
s3:DeleteObjectVersionTagging
Listing multipart uploads is typically used when performing MP uploads, and as such, has been
lumped in with put permissions.

● NOT YET PRODUCTION READY
● OSS @
https://github.com/Netflix-Skunk
works/bucketsnake
● Docs:
https://netflix-skunkworks.github.
io/bucketsnake/
● Bucket Snake clients are in the
works
○ Sample Boto Code

John Varghese

Automating security in aws with divvy cloud

John Varghese

AWS temporary credentials challenges in prevention detection mitigation

John Varghese

Securing aws workloads with embedded application security

John Varghese

Of CORS thats a thing how CORS in the cloud still kills security

John Varghese

Native cloud security monitoring

John Varghese

Last year in AWS - 2019

John Varghese

Gpu accelerated BERT deployment on aws

John Varghese

More from John Varghese (20)

Lessons Learned From Cloud Migrations: Planning is Everything

Leveraging AWS Cloudfront & S3 Services to Deliver Static Assets of a SPA

AWS Transit Gateway-Benefits and Best Practices

Bridging Operations and Development With Observabilty

Security Observability for Cloud Based Applications

Who Broke My Crypto

Building an IoT System to Protect My Lunch

Building a Highly Secure S3 Bucket

Reduce Amazon RDS Costs up to 50% with Proxies

Keynote - Lead the change around you

AWS Systems manager 2019

Acd19 kubertes cluster at scale on aws at intuit

Emerging job trends and best practices in the aws community

Automating security in aws with divvy cloud

AWS temporary credentials challenges in prevention detection mitigation

Securing aws workloads with embedded application security

Of CORS thats a thing how CORS in the cloud still kills security

Native cloud security monitoring

Last year in AWS - 2019

Gpu accelerated BERT deployment on aws

Recently uploaded

Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Escorts Service Booking Contact Details :- WhatsApp Chat :- +91-7737669865 4-May-2024(SMW) Call Girls In Model Towh +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in , Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service NCRWelcome To Escorts Service – An All Over New Very Sexy Hot Call Girls Agency Service Escorts In South NCR’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...

amitlee9823

April 2024 - Crypto Market Report's Analysis

manisha194592

Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (Bangalore) Booking Contact Details :- WhatsApp Chat :- +91-7737669865 2-May-2024(SMW) Call Girls In Model Towh Bangalore +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in Bangalore NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in Bangalore, Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service Bangalore NCRWelcome To Bangalore Escorts Service – An All Over New Bangalore Very Sexy Hot Call Girls Agency Service Escorts In South BangaloreNCRBangalore’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Bangalore Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...

amitlee9823

Anomaly detection and data imputation within time series

Paris Women in Machine Learning and Data Science

Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure

Pooja Nehwal

Call Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night Stand Booking Contact Details :- WhatsApp Chat :- +91-7737669865 Call Girls In Model Towh +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in , Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service NCRWelcome To Escorts Service – An All Over New Very Sexy Hot Call Girls Agency Service Escorts In South NCR’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At #K09 Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Call Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night Stand

amitlee9823

(NEHA) Call Girls Katra Call Now: 8617697112 Katra Escorts Booking Contact Details WhatsApp Chat: +91-8617697112 Katra Escort Service includes providing maximum physical satisfaction to their clients as well as engaging conversation that keeps your time enjoyable and entertaining. Plus, they look fabulously elegant, making an impression. Independent Escorts Katra understands the value of confidentiality and discretion; they will go the extra mile to meet your needs. Simply contact them via text messaging or through their online profiles; they'd be more than delighted to accommodate any request or arrange a romantic date or fun-filled night together. We provide:

(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7

Call Girls in Nagpur High Profile Call Girls

FESE Capital Markets Fact Sheet 2024 Q1.pdf

MarinCaroMartnezBerg

Halmar dropshipping via API with DroFx

olyaivanovalion

Capstone Project on IBM Data Analytics Program

MoniSankarHazra

Vip Mumbai Call Girls Thane West Call On 9920725232 With Body to body massage with sex Booking Contact Details :- WhatsApp Chat :- +91-9920725232 4-May-2024(SMW) Call Girls In Model Towh +91-9920725232 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in NCR 24 Hours Available Service Call Girls, Contact Us +91-9920725232 (Any Time. Any Where) Call Girls in , Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service NCRWelcome To Escorts Service – An All Over New Very Sexy Hot Call Girls Agency Service Escorts In South NCR’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —9920725232 We are available 24*7 all days of the year. Call us — 9920725232 Thank you for Visiting.

Vip Mumbai Call Girls Thane West Call On 9920725232 With Body to body massage...

amitlee9823

Vip Mumbai Call Girls Marol Naka Call On 9920725232 With Body to body massage with sex Booking Contact Details :- WhatsApp Chat :- +91-9920725232 4-May-2024(SMW) Call Girls In Model Towh +91-9920725232 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in NCR 24 Hours Available Service Call Girls, Contact Us +91-9920725232 (Any Time. Any Where) Call Girls in , Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service NCRWelcome To Escorts Service – An All Over New Very Sexy Hot Call Girls Agency Service Escorts In South NCR’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —9920725232 We are available 24*7 all days of the year. Call us — 9920725232 Thank you for Visiting.

Vip Mumbai Call Girls Marol Naka Call On 9920725232 With Body to body massage...

amitlee9823

CebaBaby dropshipping via API with DroFX.pptx

olyaivanovalion

Call Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night Stand Booking Contact Details :- WhatsApp Chat :- +91-7737669865 Call Girls In Model Towh +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in , Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service NCRWelcome To Escorts Service – An All Over New Very Sexy Hot Call Girls Agency Service Escorts In South NCR’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At #K09 Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Call Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night Stand

amitlee9823

Invezz.com - Grow your wealth with trading signals

Invezz1

Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand Booking Contact Details :- WhatsApp Chat :- +91-7737669865 Call Girls In Model Towh +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in , Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service NCRWelcome To Escorts Service – An All Over New Very Sexy Hot Call Girls Agency Service Escorts In South NCR’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At #K09 Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand

amitlee9823

Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore Booking Contact Details :- WhatsApp Chat :- +91-7737669865 2-May-2024(SMW) Call Girls In Model Towh Bangalore +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in Bangalore NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in Bangalore, Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service Bangalore NCRWelcome To Bangalore Escorts Service – An All Over New Bangalore Very Sexy Hot Call Girls Agency Service Escorts In South BangaloreNCRBangalore’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Bangalore Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...

amitlee9823

Accredited-Transport-Cooperatives-Jan-2021-Web.pdf

adriantubila

Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore Booking Contact Details :- WhatsApp Chat :- +91-7737669865 2-May-2024(SMW) Call Girls In Model Towh Bangalore +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in Bangalore NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in Bangalore, Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service Bangalore NCRWelcome To Bangalore Escorts Service – An All Over New Bangalore Very Sexy Hot Call Girls Agency Service Escorts In South BangaloreNCRBangalore’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Bangalore Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...

amitlee9823

Call Girls Bommasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore Booking Contact Details :- WhatsApp Chat :- +91-7737669865 2-May-2024(SMW) Call Girls In Model Towh Bangalore +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in Bangalore NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in Bangalore, Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service Bangalore NCRWelcome To Bangalore Escorts Service – An All Over New Bangalore Very Sexy Hot Call Girls Agency Service Escorts In South BangaloreNCRBangalore’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Bangalore Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Call Girls Bommasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...

amitlee9823

Recently uploaded (20)

Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...

April 2024 - Crypto Market Report's Analysis

Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...

Anomaly detection and data imputation within time series

Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure

Call Girls In Hsr Layout ☎ 7737669865 🥵 Book Your One night Stand

(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7

FESE Capital Markets Fact Sheet 2024 Q1.pdf

Halmar dropshipping via API with DroFx

Capstone Project on IBM Data Analytics Program

Vip Mumbai Call Girls Thane West Call On 9920725232 With Body to body massage...

Vip Mumbai Call Girls Marol Naka Call On 9920725232 With Body to body massage...

CebaBaby dropshipping via API with DroFX.pptx

Call Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night Stand

Invezz.com - Grow your wealth with trading signals

Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand

Call Girls Jalahalli Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...

Accredited-Transport-Cooperatives-Jan-2021-Web.pdf

Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...

Call Girls Bommasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...

Multi account s3 presentation

2. ● Object-file storage ● Stores data (objects) in “buckets” -- addressed by a “prefix” or “key” ● Globally-unique namespace (All AWS customers) ● Buckets reside in regions ● Can store A LOT of data ● *Very complex permissions model ● Buckets cannot be moved

3. VERY easy to do the WRONG thing: https://www.computing.co.uk/ctg/news/3026816/fedex-left-hundreds-of-thousands-of-personal-records-exposed-on-unsecured-s3-server

4. ● IAM, Bucket ACLs, Bucket Policies, and Object ACLs! ● Fully documented authentication flow here:

5. ● IAM is… IAM ● Bucket ACL ○ Defines the AWS Account that is allowed access to a bucket ● Bucket Policy ○ IAM syntax -- this is a RESOURCE POLICY ● Object ACL ○ Defines the AWS Account that is permitted access to the object itself

6. ● AWS resources “reside” in an account. ● Accessing resources in an account requires an IAM principal (Role, User, Group). ● Buckets have ownership (the account it resides in) ● Objects have ownership (the account that PUT the object into the bucket) ○ Account = Account that owns IAM Role/User/Group that placed the object into the bucket ● Bucket and object ownership can be different!

7. ● If the bucket resides in the SAME account as the IAM principal: ○ In *MOST cases: Simply add the S3 IAM permissions in IAM -- DONE!

8. ● Source IAM needs to explicitly grant access ● Bucket itself needs to explicitly grant access

9. ● MyApp has s3:PutObject on the-bucket ● the-bucket allows MyApp s3:PutObject access ● MyApp successfully places myobj into the-bucket Account BAccount A MyApp the-bucket myobj

10. Account BAccount A MyApp the-bucket myobj Bucket is owned by Account B Object is owned by Account A Mismatched ownership

11. Account A MyApp Account B the-bucket myobj Account C MyOtherApp ● MyOtherApp’s IAM role permits access to myobj ● the-bucket allows MyOtherApp access to myobj ● ACCESS DENIED because myobj needs an ACL to allow Account C access to it

12. Account B the-bucket myobj Account C MyOtherApp ● MyApp & MyOtherApp have sts:AssumeRole permissions to S3Role ● S3Role has s3:PutObject on the-bucket ● MyApp assumes S3Role and then puts myobj in the-bucket ● MyOtherApp assumes S3Role to read from the-bucket Account A MyApp S3Role

13.

14. ● ● ○ ○ ○ ○ ●

15. ● Dictionary with all your S3 buckets ○ Accounts and Region ● If cross-account, creates the IAM roles in the bucket-owning account ○ AppName-SourceAccountNumber ● Grants the source app sts:AssumeRole permissions to the destination role ● IMPORTANT: Need a client that is aware of this!

16.

17. ● Permissions follow the following verbs: ○ list ○ get ○ put ○ delete ● Bucket Level Permissions (List) ○ s3:ListBucket ○ s3:ListBucketVersions ○ *

18. get put delete s3:GetObject s3:GetObjectTagging s3:GetObjectVersion s3:GetObjectVersionTagging s3:GetObjectAcl s3:GetObjectVersionAcl s3:PutObject s3:PutObjectTagging s3:PutObjectVersionTagging s3:ListMultipartUploadParts s3:AbortMultipartUpload s3:RestoreObject s3:DeleteObject s3:DeleteObjectTagging s3:DeleteObjectVersion s3:DeleteObjectVersionTagging Listing multipart uploads is typically used when performing MP uploads, and as such, has been lumped in with put permissions.

19. ● NOT YET PRODUCTION READY ● OSS @ https://github.com/Netflix-Skunk works/bucketsnake ● Docs: https://netflix-skunkworks.github. io/bucketsnake/ ● Bucket Snake clients are in the works ○ Sample Boto Code

Multi account s3 presentation

Recommended

Recommended

More Related Content

Similar to Multi account s3 presentation

Similar to Multi account s3 presentation (20)

More from John Varghese

More from John Varghese (20)

Recently uploaded

Recently uploaded (20)

Multi account s3 presentation