Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Data Prepper S3 source does not validate bucket ownership #3005

Closed
dlvenable opened this issue Jul 11, 2023 · 0 comments · Fixed by #3009
Closed

[BUG] Data Prepper S3 source does not validate bucket ownership #3005

dlvenable opened this issue Jul 11, 2023 · 0 comments · Fixed by #3009
Assignees
@dlvenable
Labels
bug Something isn't working
Milestone
v2.4

Comments

@dlvenable
Copy link
Member

Describe the bug

The s3 source no longer validates the bucket ownership, which can lead to bucket sniping.

To Reproduce
Steps to reproduce the behavior:

  1. Run Data Prepper with cross-account SQS/S3

Expected behavior

The bucket is not owned by the same account, Data Prepper should not read from this S3 bucket.

Additional context

This was a regression introduced in 2.3 via:

https://github.com/opensearch-project/data-prepper/pull/2727/files#diff-93680a6369c6fc1d125fc6244e536b254234123d702ea7750812a7df24ec96eaR63-R65
@dlvenable dlvenable added bug Something isn't working untriaged and removed untriaged labels Jul 11, 2023
@dlvenable dlvenable self-assigned this Jul 11, 2023
dlvenable added a commit to dlvenable/data-prepper that referenced this issue Jul 11, 2023
@dlvenable
Fix bucket ownership validation. Resolves opensearch-project#3005
afdb8ca 
Signed-off-by: David Venable <dlv@amazon.com>
@dlvenable dlvenable mentioned this issue Jul 11, 2023
Merged
4 tasks
dlvenable added a commit that referenced this issue Jul 12, 2023
@dlvenable
Fix bucket ownership validation. Resolves #3005 (#3009)
decccb9 
Signed-off-by: David Venable <dlv@amazon.com>
opensearch-trigger-bot bot pushed a commit that referenced this issue Jul 12, 2023
@dlvenable @github-actions
Fix bucket ownership validation. Resolves #3005 (#3009)
fad820e 
Signed-off-by: David Venable <dlv@amazon.com>
(cherry picked from commit decccb9)
asifsmohammed pushed a commit that referenced this issue Jul 12, 2023
@opensearch-trigger-bot @dlvenable
Fix bucket ownership validation. Resolves #3005 (#3009) (#3011)
8fb9d79 
Signed-off-by: David Venable <dlv@amazon.com>
(cherry picked from commit decccb9)

Co-authored-by: David Venable <dlv@amazon.com>
@dlvenable dlvenable added this to the v2.4 milestone Jul 12, 2023
chenqi0805 pushed a commit that referenced this issue Jul 19, 2023
@dlvenable @chenqi0805
Fix bucket ownership validation. Resolves #3005 (#3009)
fd86cc6 
Signed-off-by: David Venable <dlv@amazon.com>
Signed-off-by: George Chen <qchea@amazon.com>
MaGonzalMayedo pushed a commit to MaGonzalMayedo/data-prepper that referenced this issue Jul 25, 2023
@dlvenable
Fix bucket ownership validation. Resolves opensearch-project#3005 (op…
7cbbb7b 
…ensearch-project#3009)

Signed-off-by: David Venable <dlv@amazon.com>
Signed-off-by: Marcos Gonzalez Mayedo <alemayed@amazon.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dlvenable dlvenable

Labels
bug Something isn't working
Projects
Data Prepper Tracking Board
Archived in project
Milestone
v2.4
Development

Successfully merging a pull request may close this issue.

Fix bucket ownership validation in S3 source dlvenable/data-prepper
1 participant
@dlvenable