Another grandstanding politician
I've not much time for Bezos but even less for politicians trying to make headlines. For starters, if S3 buckets are the attack vector then firewalls have sod all to do with it, S3 buckets are internet facing by design. Secondly, the instructions are clear on good practice - private by default (which new ones are now anyway) and don't embed secret keys in human readable code.
The other aspect to this story is that from what I can gather, it was an inside job anyway. So regardless of whose computer it was, if you have the keys to the kingdom, you can do what you like.