|
|
|
|
|
|
by ramimac
2244 days ago
|
|
|
If you actually want to expire the assets, you could use S3 lifecycle configuration - https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecy.... If you want "clever" ideas, maybe a Lambda that moves off objects of a certain age to a private bucket? I disagree on what the issue was with their S3 bucket. As these were all public static assets, the real problem was just the ability to bulk enumerate them. As mentioned in the post, the two issues were:
1. ListObjects was enabled
2. The filenames lacked sufficient entropy (debatable in my opinion) |
|
|