Discussion on: AmpliBox - a Self Hosted File Storage App with AWS Amplify

rosswilliams profile image

I would really love to give you a live demo but you can understand the security issue here

Your github project includes the environment name and amplify app id. Using that I can find this project hosted on the internet, and you are basically giving people a free spot to transfer unlimited amounts of data. For example, your bucket now has a picture of my cat in it.

If someone else deployed the code provided, they could wind up with a nasty AWS bill surprise. I think the caution around security needs a bigger call-out.

swyx profile image
shawn swyx wang πŸ‡ΈπŸ‡¬ Author

indeed. i'll add more of a callout in the github, as well as instructions to remove