faas
ACL or Sid should be removed (don’t have both). Agree?
Certified Security - Specialty
Sign Up Free or Log In to participate!
Since file is public via the ACL, is the Sid: PublicReadGetObject is superfluous.
Sign Up Free or Log In to participate!
ACL or Sid should be removed (don’t have both). Agree?
Psst…this one if you’ve been moved to ACG!
Sid is just an optional statement identifier. Think of it as a name, it is not imparting anything beyond a description. Perhaps a better statement description would have been more helpful. It’s just saying that this is a public file – "PublicReadGetObject". However, with the boolean condition we’re now saying that this public file should only be made available via SSL.
Ditto what Mike said. Thanks Mike
I didn’t see anything in this video related to S3 ACLs. Like Mike said, the Sid value is irrelevant. The critical part of this whole video is the "Effect" : "Deny" with the condition: "Condition":{ "Bool": { "aws:SecureTransport": false }}