A technique to find the Account ID of a private S3 bucket.

Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

Learn how to find the AWS Account ID of any S3 bucket using a technique that involves applying an IAM policy to the request, inferring whether the policy permits the request, and applying a wildcard match on the 's3:ResourceAccount' condition key. This technique can be used to uncover the Account ID incrementally, reducing the search space from trillions to hundreds.

How to find the AWS Account ID of any S3 Bucket