Hacker News new | ask | show | jobs
by Zombieball 1461 days ago
> and the bucket itself had no protection against outside access with a compromised key

Any advice on how to safeguard against this?
1 comments
jhugo 1461 days ago
Don't use static keys, and audit access to sensitive resources.

If possible, use VPC endpoints and lock down the bucket to only allow access from them.

link