From the course: Complete Guide to AWS Security and Compliance Management

Unlock this course with a free trial

Join today to access over 25,300 courses taught by industry experts.

Understanding S3 access control lists

Understanding S3 access control lists - Amazon Web Services (AWS) Tutorial

From the course: Complete Guide to AWS Security and Compliance Management

Start my 1-month free trial Buy for my team

Understanding S3 access control lists

- [Instructor] S3 Access Control Lists, or ACLs, are another tool that exists for controlling access to objects stored in S3. Let's understand what they are and see how they work and appreciate why they are dangerous. The first thing to understand about ACLs is that they can apply to every object you put into S3. With literally trillions of objects, in S3, that's potentially a lot of ACLs. Imagine the chaos if each object was managed with its own unique ACL. Maintenance would be an administrative nightmare. Another thing to understand is that with S3 being one of the oldest services in AWS, access control lists came into being long before IAM policies and bucket policies existed. Let's get into the console to gain an appreciation of why you need to be very careful if you decide to use ACLs. Here I am logged into the web console, looking at my S3 buckets. Let's take a look at my public-assets bucket. Clicking on the name of that bucket takes me to a page that lists all of the objects…

Contents