AWS Storage Blog
Category: AWS CloudTrail
Find public Amazon S3 buckets in your AWS account
Data is key to business, and securing it from unintended access is a critical business activity. As cloud usage increases, this can be a significant task to address. You want to verify that you aren’t unintentionally exposing or sharing data publicly. Under the Shared Responsibility Model, AWS is responsible for protecting the infrastructure that runs […]
Disabling ACLs for existing Amazon S3 workloads with information in S3 server access logs and AWS CloudTrail
Access control lists (ACLs) are permission sets that define user access, and the operations users can take on specific resources. Amazon S3 was launched in 2006 with ACLs as its first authorization mechanism. Since 2011, Amazon S3 has also supported AWS Identity and Access Management (IAM) policies for managing access to S3 buckets, and recommends using […]
Customize file delivery notifications using AWS Transfer Family managed workflows
Enterprises and organizations that transfer files, both internally and with external parties, can benefit from having file-processing protocols that facilitate efficient and transparent file-transfer management. When transferring files, especially at scale, it is important to have visibility into the status of file transfer, and for you to able to process files as you receive them. […]
Restore data from Amazon S3 Glacier storage classes starting with partial object keys
When managing data storage, it is important to optimize for cost by storing data in the most cost-effective manner based on how often data is used or accessed. For many enterprises, this means using some form of cold storage or archiving for data that is less frequently accessed or used while keeping more frequently used […]
How Simon Data reduced encryption costs by using Amazon S3 Bucket Keys on existing objects
As more organizations look to operate faster and at scale, they need ways to meet critical compliance requirements and improve data security. Encryption is a critical component of a defense in depth strategy, and when used correctly, can provide an additional layer of protection above basic access control. However, workloads that access millions or billions […]