AWS Security Blog

Tag: S3

AWS IAM Sessions at re:Invent 2015

As I said last week, the breakout sessions for the Security & Compliance track have been announced and are shown in the re:Invent 2015 session catalog. If you are going to re:Invent 2015, you can add these sessions to your schedule now. Today, I will highlight the AWS Identity and Access Management (IAM) sessions that […]

Read More

In Case You Missed Them: Some Recent Security Enhancements in AWS

With the steady cadence of updates and enhancements for AWS services, it can sometimes be easy to miss announcements about features that relate to security. Here are some recent security-related updates in AWS services that we’re excited about and that you might not have heard about. AWS Trusted Advisor inspects your AWS environment and finds […]

Read More

Some AWS SDKs Security Features You Should Know About

The AWS SDK team recently added and documented some security-related features that we think you shouldn’t miss. Check these out! Updates for managing access keys in the .NET and Java SDKs. In Referencing Credentials using Profiles, blogger Norm Johanson describes how you can now put a credentials file in your user folder. This great security […]

Read More

IAM Policies and Bucket Policies and ACLs! Oh, My! (Controlling Access to S3 Resources)

In previous posts we’ve explained how to write S3 policies for the console and how to use policy variables to grant access to user-specific S3 folders. This week we’ll discuss another frequently asked-about topic: the distinction between IAM policies, S3 bucket policies, S3 ACLs, and when to use each. They’re all part of the AWS […]

Read More

CloudBerry Active Directory Bridge for Authenticating non-AWS AD Users to S3

One of the benefits of AWS is the highly available, durable, and practically unlimited cloud-based storage you can get with Amazon Simple Storage Services (Amazon S3).  Over two trillion objects are already stored in S3 and customers are always finding more creative uses for S3.  One of the more commonly requested use cases is how […]

Read More

Encrypting Data in Amazon S3

Readers have expressed interest in learning more about encryption and key management for protecting data stored in AWS. Amazon Simple Storage Service (S3) supports a server-side encryption feature where you can set a flag in the API or check a box in the AWS Management Console to automatically encrypt your data before it’s written to […]

Read More

Securing Access to AWS Using MFA – Part 3

In Part 1 (configuring MFA for sign-in) and Part 2 (MFA-protected API access) of this series, we discussed various ways in which AWS Multi-Factor Authentication (MFA) can improve the security of your account.  This week’s topic will be a brief overview of how you can use MFA in conjunction with Amazon S3 Versioning. What is […]

Read More

Writing IAM Policies: Grant Access to User-Specific Folders in an Amazon S3 Bucket

Many of you have asked how to construct an AWS Identity and Access Management (IAM) policy with folder-level permissions for Amazon S3 buckets. This week’s guest blogger Elliot Yamaguchi, Technical Writer on the IAM team, will explain the basics of writing that type of policy. To show you how to create a policy with folder-level […]

Read More

Writing IAM Policies: How to Grant Access to an Amazon S3 Bucket

In this post, we’ll address a common question about how to write an AWS Identity and Access Management (IAM) policy to grant read-write access to an Amazon S3 bucket.  Doing so helps you control who can access your data stored in S3. You can grant either programmatic access or AWS Management Console access to S3 […]

Read More