Public S3 access

[ftijtaddeo]

When i deploy a file to S3, it sets the permissions on both the bucket and object to Public Read. I've been able to recreate this on demand.

[mkloubert]

You can set acl property to one of these values in your target.

[ftijtaddeo]

As a matter of security, the default here should be either no action or set to private. Making content public in S3 should require and active configuration by someone.

[justinmetz]

I couldn't agree more with the above statement. Defaulting to public could (and will) really burn a lot of people unknowingly.. This really needs to be addressed...