Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security Concern: Unrestricted S3 Access in Titiler Policy #40

Open
achrafchabbouh1988 opened this issue Feb 26, 2024 · 1 comment
Open

Comments

@achrafchabbouh1988
Copy link

The CloudFormation template (sam.yml) you provided grants the Lambda function unrestricted access to all S3 buckets through the policy associated with the AWSLambdaExecute statement. This presents a significant security risk, as the application might unintentionally access or modify data in buckets unrelated to its intended operations. This could potentially expose sensitive information or disrupt critical business processes.

  • Recommendations:
    1. Refactor the policy: Use a least privilege approach by specifying the exact S3 buckets the function requires access to instead of using wildcards (*).
    2. Consider IAM roles: Utilize IAM roles to grant specific permissions to the Lambda function instead of relying on the broader AWSLambdaExecute policy.
@vincentsarago
Copy link
Member

This presents a significant security risk, as the application might unintentionally access or modify data in buckets unrelated to its intended operation

Well the lambda handler provided with this SAM only do reads and in SAM we only allow GET and HEAD request

Action:
- s3:GetObject
- s3:HeadObject

The SAM template also add the possibility to select specific Bucket

Bucket:
Type: CommaDelimitedList
Default: "*"
so any user can change * to the list they want the tiler to access

Consider IAM roles: Utilize IAM roles to grant specific permissions to the Lambda function instead of relying on the broader AWSLambdaExecute policy.

Sure, I'll be happy to review a PR to add this 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants