json
18 lines · 1 tab
Kai Nakamura
Apr 2026
1 tab
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "DenyInsecureTransport",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::codesnips-assets-production",
"arn:aws:s3:::codesnips-assets-production/*"
],
"Condition": {
"Bool": { "aws:SecureTransport": "false" }
}
}
]
}
1 file · json
Explain with highlit
Public cloud storage needs explicit safety rails because the defaults are not enough by themselves. I deny insecure transport, block public access at the account level, and scope principals tightly. Storage mistakes are still one of the easiest ways to cause a quiet data leak.
Share this code
Here's the card — post it anywhere.