You definitely need to do this, but a platform should help where possible, and try to have users fall into a 'pit of success' where if a dev just goes with the defaults everything is fine. In this case, S3 buckets should be private and encrypted by default and devs should need to actively choose to switch those things off (which I think may be the case now, but it wasn't in the past.)
> S3 buckets should be private and encrypted by default and devs should need to actively choose to switch those things off
Yeah, that's the case right now. There's multiple screens you have to go to, that almost scream at you that you're making EVERYTHING PUBLIC. Also, in the overview, it distinctly says "!! PUBLIC".
This is like having a small store and instead of locking up at the end of the day, blaming the door for not automatically locking. Yes new automatic locks exist now, but you still need to check.
Cloud technology allows us to build fantastic software very fast. But if you’re too lazy to implement a basic api to get S3 data on a needs to know basis, that’s on you.
AWS makes this very easy. You can’t blame anyone else.
You definitely need to do this, but a platform should help where possible, and try to have users fall into a 'pit of success' where if a dev just goes with the defaults everything is fine. In this case, S3 buckets should be private and encrypted by default and devs should need to actively choose to switch those things off (which I think may be the case now, but it wasn't in the past.)