CODEWITHSUNDEEP
amazon-web-servicesamazon-s3bucket
pca1987
pca1987

Reputation: 343

Accessing file in AWS S3 bucket programmatically without credentials or keys?

Using C#, I am able to download files from the bucket just by knowing the bucket name and the file key (filename).

The file and bucket are set up to not be accessible publicly.

Once I do 

GetObjectRequest request = new GetObjectRequest
                {
                    BucketName = bucketName,
                    Key = keyName
                };

Even though I have not provided access key or the secret key, I still have access to the file content.

Is there a way to not allow this?

Upvotes: 1

Views: 2485

Answers (3)

Priyanka Makhija
Priyanka Makhija

Reputation: 168

If your code is on EC2 machine, it fetches the access key and secret key stored in the hidden .aws directory. Also, if this EC2 instance has an IAM role with suitable permissions, it can fetch the contents from your S3 bucket very well.

You might need to check the role associated with your EC2 instance in order to prevent the accessibility to your S3 bucket.

Upvotes: 0

E.J. Brennan
E.J. Brennan

Reputation: 46839

@akiva is partially correct.

If you are running this on an ec2 instance, if that instance has a 'IAM role' associated with it, and if that role has access to the bucket, the application can access the bucket without the application providing credentials.

On a regular machine, or even on an ec2 instance that does not have an associated IAM role, credentials are often stored in the users .aws subdirectory in a credentials file.

Upvotes: 2

akiva
akiva

Reputation: 2737

if you're connecting from an EC2 server it sometimes has a configuration file that stores the credentials globally for you

Upvotes: 0

Related Questions