Privilege Level Concern

Hi Nick

The plugin does not allow anyone to delete buckets.

The plugin’s settings, where you can create buckets, is limited to admins with the ‘manage_options’ capability or for Multisites those with ‘manage_network_options’.

Let me know if you need any further info.

HI! While the UI doesn’t have the ability to do that, the level of permissions that this plugin needs for S3 does. Meaning, all an attacker needs is the keys and they can completely delete a bucket.

If this plugin doesn’t have this feature, then why does it need that level of priv?

If you use the plugin with an AWS IAM user you can control the permissions and not allow deleting of buckets.

The only delete permission the user needs for the plugin is DeleteObject

That’s actually incorrect. I’ve tried creating various roles, and every single time I get hit back with the error that this is the minimum that is required for your plugin to operate:

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: “s3:*”,
“Resource”: “*”
}
]
}

The plugin will not function without complete access to S3.

Just a note, I double checked the policy and DeleteObject was indeed missing. I’ve generated a new policy that excludes deleting buckets and this does seem to work. I would recc changing your warning with an example policy that’s not so wide open.

Thanks for your help, and for a wonderful plugin.

Thanks Nick, was about to send you this and say the same, we need to update our example ??

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Sid”: “Stmt1422543245111”,
“Effect”: “Allow”,
“Action”: [
“s3:CreateBucket”,
“s3:DeleteObject”,
“s3:Put*”,
“s3:Get*”,
“s3:List*”
],
“Resource”: [
“arn:aws:s3:::*”
]
}
]
}

OH shit! That’s way more simplified than what I”ve got. Nice on the wildcards. Thanks again!!