5 Cloud Security Mistakes That'll Get You Hacked
A friend's startup got breached last month.
Cause? Public S3 bucket with customer data.
Fix time? 5 minutes.
Damage? $50K + lost customer trust.
Don't be that startup. Here are the 5 mistakes I see every week
1. Wildcard IAM Policies ❌
JSON
{ "Action": "*", "Resource": "*" }
Fix — Be specific:
{
"Action": ["s3:GetObject", "s3:PutObject"],
"Resource": "arn:aws:s3:::my-bucket/*"
}
2. Public Storage Buckets ❌
Fix — Block public access:
Bash
aws s3control put-public-access-block \
--account-id 123456789012 \
--public-access-block-configuration \
"BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true"
3. No Encryption ❌
Fix — Enable default encryption:
hcl
`resource "aws_s3_bucket_server_side_encryption_configuration" "example" {
bucket = aws_s3_bucket.my_bucket.id
rule {
apply_server_side_encryption_by_default {
sse_algorithm = "aws:kms"
}
}
}`
4. Missing MFA ❌
Fix — Enforce via SCP:
JSON
{
"Effect": "Deny",
"Action": "*",
"Resource": "*",
"Condition": {
"BoolIfExists": {"aws:MultiFactorAuthPresent": "false"}
}
}
5. No Monitoring ❌
Fix — Quick security scan:
Bash
`#!/bin/bash
echo "🔍 Checking public S3 buckets..."
aws s3api list-buckets --query 'Buckets[].Name' --output text | while read bucket; do
aws s3api get-public-access-block --bucket $bucket 2>/dev/null || echo "⚠️ $bucket: No public access block!"
done
echo "🔒 Checking open security groups..."
aws ec2 describe-security-groups \
--filters "Name=ip-permission.cidr,Values=0.0.0.0/0" \
--query 'SecurityGroups[].GroupName' --output text
echo "👤 Checking MFA..."
aws iam list-users --query 'Users[].UserName' --output text | while read user; do
aws iam list-mfa-devices --user-name $user --query 'MFADevices' --output text | grep -q . || echo "⚠️ $user: No MFA!"
done`
**Quick Tools
**Bash
pip install prowler
prowler aws --checks cis_2.0
*Do This NOW
*
- Enable S3 Block Public Access
- Turn on default encryption
- Enable MFA on root account
- Run Prowler scan TL;DR: Least privilege + Encryption + MFA + Monitoring = 95% fewer breaches.
Like this? ❤️ Follow for more quick DevOps tips.
Top comments (0)