AWS Storage Blog

Category: Security, Identity, & Compliance

Adding and removing object tags with Amazon S3 Batch Operations

For many organizations, securely and cost-effectively organizing massive amounts of stored data can be a daunting task. Without an easy way to organize data, companies may find themselves exerting a lot of time and energy trying to meet their data storage requirements, potentially slowing down projects and operations. For instance, certain data may need to […]

Read More

Automate centralized backup at scale across AWS services using AWS Backup

Reliable and consistent backup of cloud data is important to have a secure data archive and restore in the event of data loss. Traditionally, backup administrators used manual backup procedures that were difficult to scale and lowered productivity, with data distributed across multiple cloud resources. Cloud backup, along with the automation of infrastructure provisioning, are […]

Read More

Create and share encrypted backups across accounts and Regions using AWS Backup

Enterprises and organizations in more security-conscious industries often protect their data through encryption, restricting data access to those with the necessary permissions and improving their security posture. Creating backups of data resources is often another critical component of a secure and resilient architecture. Additionally, backing up encrypted data is also important, even across geographical regions […]

Read More

AWS Backup is now FedRAMP High approved for your compliance and data protection needs

Meeting compliance is an important consideration when moving data to the cloud, and data protection is a key requirement when gaining approval for regulated workloads. On March 29, 2021 AWS Backup was granted the FedRAMP High Authority to Operate (ATO) by the JAB (Joint Authorization Board) in AWS GovCloud (US) Regions. AWS Backup enables you […]

Read More

Point-in-time recovery and continuous backup for Amazon RDS with AWS Backup

Today, AWS Backup is announcing support for continuous backup and point-in-time recovery (PITR) of Amazon Relational Database Service (Amazon RDS). This feature enables customers to recover Amazon RDS backup data from a specified time within their retention period. With this feature, database and backup administrators are able to reduce their recovery point objective (RPO) to […]

Read More

Securing AWS Transfer Family with AWS Web Application Firewall and Amazon API Gateway

AWS Transfer Family is a fully managed, serverless file transfer service for Amazon S3 and Amazon EFS. The service provides you with the flexibility to authenticate your file transfer client users using credentials stored in an identity provider (IdP) of your choice. You can achieve this by integrating an Amazon API Gateway endpoint backed by an AWS Lambda function that […]

Read More

Secure data recovery with cross-account backup and Cross-Region copy using AWS Backup

UPDATE: On April 12, 2021, AWS announced support for copying Amazon FSx file system backups across AWS Regions and AWS accounts. For more information, read this blog post on cross-Region and cross-account backups for Amazon FSx using AWS Backup. There are many benefits to using more than one AWS account, including resource and operational isolation, disaster […]

Read More
Amazon S3

Limit access to Amazon S3 buckets owned by specific AWS accounts

Customers use Amazon S3 to store and protect data for a range of use cases, including data lakes, enterprise applications, backup, and archive. Amazon S3 provides easy-to-use management features, fine-grained access controls, strong consistency, and durability to meet a range of business, organizational, and compliance requirements. A common data loss prevention requirement is ensuring that […]

Read More
Amazon S3

Using job tags to manage permissions for Amazon S3 Batch Operations jobs

As organizations grow their use of AWS, they often find that a variety of teams and applications begin to use the data stored in Amazon S3. While customers love the agility benefits of this, they also seek to govern their data’s security, productivity, and cost. Earlier this year we announced support for job tags with […]

Read More
re:Invent

Automating copying encrypted Amazon EBS snapshots across AWS accounts

UPDATE: The screenshots of the Amazon DLM interface in this post were updated on 7/14/2021. Many customers have disaster recovery (DR) best practices that require them to copy their Amazon EBS snapshots to an isolated account in a different Region and encrypt those snapshots with a different key. In doing so, customers are able to […]

Read More