-
Notifications
You must be signed in to change notification settings - Fork 194
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Data Prepper S3 source does not validate bucket ownership #3005
Comments
dlvenable
added a commit
to dlvenable/data-prepper
that referenced
this issue
Jul 11, 2023
Signed-off-by: David Venable <dlv@amazon.com>
4 tasks
dlvenable
added a commit
that referenced
this issue
Jul 12, 2023
asifsmohammed
pushed a commit
that referenced
this issue
Jul 12, 2023
chenqi0805
pushed a commit
that referenced
this issue
Jul 19, 2023
MaGonzalMayedo
pushed a commit
to MaGonzalMayedo/data-prepper
that referenced
this issue
Jul 25, 2023
…ensearch-project#3009) Signed-off-by: David Venable <dlv@amazon.com> Signed-off-by: Marcos Gonzalez Mayedo <alemayed@amazon.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
The
s3
source no longer validates the bucket ownership, which can lead to bucket sniping.To Reproduce
Steps to reproduce the behavior:
Expected behavior
The bucket is not owned by the same account, Data Prepper should not read from this S3 bucket.
Additional context
This was a regression introduced in 2.3 via:
https://github.com/opensearch-project/data-prepper/pull/2727/files#diff-93680a6369c6fc1d125fc6244e536b254234123d702ea7750812a7df24ec96eaR63-R65
The text was updated successfully, but these errors were encountered: