Open mosesrenegade opened 5 months ago
Thank you for opening a PR for this! I was not aware that this behavior has changed. I need to implement https://github.com/Hacking-the-Cloud/hackingthe.cloud/issues/389 which I think will largely replace this. I have merged the PR you referenced.
I was doing a workshop and needed help figuring out why the s3-account-finder tool was not working. It turns out that new buckets do not work with this Terraform Policy:
Instead, I also had to add the ACLs from Amazon that enabled READ into the bucket, which in Terraform is expressed like so:
This means there is no account enumeration through this method currently without this part of the policy.
Please reference this PR for the change:
https://github.com/Hacking-the-Cloud/hackingthe.cloud/pull/395