AMA: Identify S3 Buckets Open to Cross-Account Attacks
"We have been asked to identify any of our S3 buckets that are exploitable by the resource policy trusting the AWS service blindly and not checking for the source account as described in this article.
"I found buckets that trust CloudTrail, but haven’t been able to decipher the next part of the query to find them if they don’t have the conditional on it. I have had no luck in the serverless realm of this page.
"Is there anyone at J1 that can comment on this and provide some direction?" - Adam