Certified Security - Specialty

Sign Up Free or Log In to participate!

Since file is public via the ACL, is the Sid: PublicReadGetObject is superfluous.

ACL or Sid should be removed (don’t have both). Agree?

Mike Kennedy

Sid is just an optional statement identifier. Think of it as a name, it is not imparting anything beyond a description. Perhaps a better statement description would have been more helpful. It’s just saying that this is a public file – "PublicReadGetObject". However, with the boolean condition we’re now saying that this public file should only be made available via SSL.


Ditto what Mike said. Thanks Mike

Barry Sheward

I didn’t see anything in this video related to S3 ACLs. Like Mike said, the Sid value is irrelevant. The critical part of this whole video is the "Effect" : "Deny" with the condition: "Condition":{ "Bool": { "aws:SecureTransport": false }}

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?