AWS Storage Blog

Category: Security, Identity, & Compliance

Changing your Amazon S3 encryption from S3-Managed to AWS KMS

Customers who use Amazon Simple Storage Service (Amazon S3) often take advantage of S3-Managed Encryption Keys (SSE-S3) for server-side object encryption (SSE). For many customers, the decision to use SSE-S3 meets their security requirements, as it protects their data at rest. However, for some other customers, SSE-S3 may have met their requirements initially, but their […]

Read More

Replicating existing objects between S3 buckets

Customers commonly have business requirements or enterprise policies that call for additional copies of their existing Amazon S3 objects. While Amazon S3 Replication is widely used to replicate newly uploaded objects between S3 buckets, the simplest way of replicating large numbers of existing objects between S3 buckets is not obvious to many customers. In this […]

Read More

AWS Identity and Access Management on AWS Snowball Edge

Many of our customers use AWS Snowball Edge devices for secure data transfer and edge computing applications. Recently, AWS announced support for AWS Identity and Access Management (IAM) on Snowball Edge. Before the introduction of IAM on Snowball Edge, IT administrators shared a single access key/secret key combination with all the users who wanted to […]

Read More

How Zalando built its data lake on Amazon S3

Founded in 2008, Zalando is Europe’s leading online platform for fashion and lifestyle with over 32 million active customers. I am a lead data engineer at Zalando and a steady contributor to the company’s cloud journey. In this blog post, I cover how Amazon Simple Storage Service (Amazon S3) became a cornerstone of the data […]

Read More

Encrypting existing Amazon S3 objects with the AWS CLI

Encryption of data at rest is increasingly required by industry protocols, government regulations, and internal organizational security standards. Encryption helps you protect your stored data against unauthorized access and other security risks. Amazon S3’s default encryption can be used to automate the encryption of new objects in your bucket, but default encryption does not change […]

Read More

Deploying Amazon FSx for Windows File Server into a shared VPC

As enterprises continue to move more of their application footprint to the cloud, they quickly realize that they need a solution for their file data. While many modern applications are built to interact with API driven storage services, like object stores, NoSQL, or graph databases (among others), there are still a large number of workloads […]

Read More

AWS Storage Gateway adds File Gateway audit logs

As customers expand their use of cloud services, they must often align their security and compliance processes with existing enterprise requirements. In a hybrid cloud storage environment that includes both on-premises storage and cloud storage, it can be challenging for customers to monitor user activity related to their data. This is particularly the case as […]

Read More
Access Analyzer for Amazon S3

Monitor, review, and protect Amazon S3 buckets using Access Analyzer for S3

At AWS, Security is more than just features – it’s a mindset. Today, we announced Access Analyzer for S3, a new feature that monitors your resource policies so you don’t have to. By default, all buckets and objects created in S3 are private. AWS enables you with mechanisms like Access Control Lists (ACLs) and Bucket […]

Read More
Amazon EFS Featured Image

Maintain your compliance requirements by using AWS PrivateLink with Amazon EFS

Amazon Elastic File System (Amazon EFS) serves tens of thousands of companies across the world, in every industry and vertical. Many of our customers have very specific network and network management policies, based on compliance or regulatory requirements. Today, I will show you how you can meet or enhance your compliance posture by using AWS […]

Read More
Amazon EFS Featured Image

Store Mission-critical Files in AWS GovCloud (US) with Amazon EFS – Now FedRAMP Certified

I’m super excited to share that Amazon Elastic File System (Amazon EFS) has achieved FedRAMP High provisional authorization in AWS GovCloud (US). With this achievement, U.S. government agencies can now easily and cost-effectively store sensitive files including Personally Identifiable Information (PII), sensitive patient records, financial data, law enforcement data, and other Controlled Unclassified Information (CUI) […]

Read More