For enhanced security it would be best if the ability to read or write to an arbitrary bucket can be controlled using config settings.
E.g. add to config.yml:
allow_any_bucket_read: true
allow_any_bucket_write: false
On AWS or Azure it's certainly possible to do the equivalent based on policy settings, but the above config will be a good default for those who inadvertently use credentials that allow read/write access to any bucket in their account.
For enhanced security it would be best if the ability to read or write to an arbitrary bucket can be controlled using config settings. E.g. add to config.yml: allow_any_bucket_read: true allow_any_bucket_write: false
On AWS or Azure it's certainly possible to do the equivalent based on policy settings, but the above config will be a good default for those who inadvertently use credentials that allow read/write access to any bucket in their account.