Security guides are often rather basic and superficial. Knowing the least privilege principle is crucial and forms the foundation of security best practices, but following it in practice isn’t always straightforward.
S3, for example, comes with many different methods to define permissions for buckets and objects. If you define permissions only via IAM roles, you might still have more privileges than required. There are also ACLs and bucket policies, which allow more fine granular access control. Using the right tool for each job is as vital as following the right principles. With this cheat sheet, you have all the options at hand, together with reasons when to use them.
In this 15 page cheat sheet we'll cover best practices in the following areas of AWS S3:
Data loss prevention
Other security best practices cheat sheets you might be interested in: