Software engineer Maciej Pocwierz reported being charged $1,300 per day, approximately 50,000 baht, for S3 usage that he did not upload any files to. Recently, AWS executive Jeff Barr addressed this issue, attributing it to Pocwierz naming his bucket exactly the same as a sample bucket in an open-source project. Users attempting to follow the sample without modification ended up trying to upload files to Pocwierz’s bucket, though unsuccessfully due to inaccessible keys, resulting in “Access Denied” responses. However, AWS still billed API calls at $0.005 per 1,000 requests. Additionally, when users make S3 API calls without specifying a region, AWS defaults it to us-east-1 and incurs a redirect cost. Overall, Pocwierz’s bucket received approximately 96 million API requests in a single day without his active usage. AWS support waived these charges upon Pocwierz’s contact, but indicated it as a one-time gesture. Pocwierz has not disclosed the name of the open-source project, simply mentioning that upon making his S3 bucket public, he received up to 10GB of data within 30 seconds, with the data source remaining undisclosed. Chief Evangelist of AWS, Jeff Barr, acknowledged the issue and expressed the view that customers should not pay for requests they did not initiate themselves, promising company action soon.
TLDR: Maciej Pocwierz faced unexpected charges for S3 usage due to a naming coincidence with a sample project bucket, resulting in numerous unauthorized API requests. AWS acknowledged the issue and will address it promptly.
Leave a Comment