After reviewing Bubble’s documentation I was previously under the impression that both data and files stored in my app were backed up and encrypted (both in transit and at rest). What isn’t currently made clear in the Bubble documentation is that this only applies to data stored in Bubble’s database but does not apply to files that are uploaded using Bubble’s default uploader and stored via Amazon S3.
To sort out some of the specifics, I had a conversation with Bubble’s support team last week and wanted to share what I learned so that others don’t have to go through the same process to access the information:
Files uploaded via Amazon S3 are not backed up by Bubble. Instead, Bubble relies on standard Amazon S3 data protection features. This seems reasonable as a Bubble back-up would be redundant.
Files uploaded via Amazon S3 are NOT encrypted at rest, even though Amazon provides a feature that would enable this behaviour by default. This seems like an obvious area for improvement in the Bubble ecosystem, especially if the feature already exists with Amazon S3. While the risk of an attacker accessing the Amazon S3 storage bucket is low, why not add an extra layer of protection to the files themselves just in case?
When asked about the possibility of enabling default server-side encryption for S3 storage, Bubble support responded as follows:
Unfortunately, it is a new feature we’d have to build to enable this and not something currently on the roadmap. There’s also no way to manually toggle this setting for a particular app at this time. Users usually rely on the private files feature since that creates a URL that goes through the Bubble server which checks privacy rules for a given file.
I am definitely using private files and privacy rules with my app, but that doesn’t address the risk of an attacker gaining access to the S3 bucket directly.
Am I the only one that thinks this should be a higher priority on Bubble’s roadmap, and that their documentation should be more clear about how backups/encryption work with file uploads? Perhaps others deal with this limitation by connecting their own S3 bucket, but it seems like a lot of extra work when Bubble has an (almost-perfect) implementation that is already integrated.