MVC: Scan for public facing Amazon S3 buckets
Problem to solve
When hosting applications, it is possible that cloud infrastructure becomes misconfigured and assets intended to be privately accessible unintentionally become publicly accessible. A common, specific example of this is when AWS S3 storage buckets that are incorrectly shared publicly.
Intended users
Further details
Proposal
Request a read-only token to the user's AWS cluster and identify S3 buckets that are publicly accessible. Provide a list of all public buckets back to the users in a report. Re-scan the given AWS cluster periodically (proposal: every hour) and update the results.
User journey
- User goes to configuration screen
- User enters AWS token, any other needed settings, and enables scanning
- User views report page
- User takes action based on results (such as deleting the S3 bucket or updating its permissions)
- We should guide the user to the relevant AWS page if possible but we don't need to fix their AWS statues from within GitLab for this issue
UX
- Scanning should happen periodically without requiring a user to manually trigger the scan. Scanning should also not require a code commit nor an MR.
- Report should live under a new section in Security & Compliance
- Report should list each AWS S3 bucket that is publicly accessible and any relevant metadata.
- Coordinate with UX on designs for this screen. Sketch ideas in the Designs tab
Permissions and Security
Documentation
Availability & Testing
What does success look like, and how can we measure that?
What is the type of buyer?
Links / references
A lot of the technical challenges with this issue are similar to those solved in #36871 (closed) - consider how that issue resolved them as part of working this issue.