The worry is real. In a sign that Amazon Web Services is still worried about poorly configured buckets on its S3 service, the company has made one of its management tools free.
Made available last year, this tool was part of the AWS Trusted Advisor service, and it flashed orange alerts when it found insecure buckets.
Now, the company has decided that this utility needs to made available for free to all users, and not just business and enterprise customers that made use of its cloud platform:
“Previously available only to Business and Enterprise support customers, this check identifies S3 buckets that are publicly accessible due to ACLs or policies that allow read/write access for any user.”
The cloud giant saw a rash of data leaks last year due to improperly configured S3 storage, including many high-profile ones that resulted in personal information of millions of users being made available in the open for anyone to access.
Now, yes, this tool is not much more than a yellow light on the management console.
However, making it widely available for free may result in more users being able to find out the security issues with their S3 cloud configurations.
It may not stem the tide of badly built buckets.
But at least, AWS is trying to help.