AWS Storage Blog

Category: Security, Identity, & Compliance

Centralized cross-account management with Cross-Region copy using AWS Backup

Many organizations begin their cloud journey with a single AWS account and gradually expand their cloud presence into a multi-account environment for regulatory, compliance, security, or cost tracking purposes. Organizations often choose to deploy workloads and applications in multiple Regions on AWS Global Infrastructure for high availability, scalability, and performance. Building and operating in multi-account […]

Read More

Protecting backup archives with WORM and Tape Retention Lock

Many AWS customers use AWS Storage Gateway’s Tape Gateway to back up and archive long-term mission-critical on-premises data in Amazon S3 Glacier and Amazon S3 Glacier Deep Archive. Customers in regulated industries are mandated by governance policies or regulatory compliance rules to retain their data for many years, or even indefinitely. For example, large banks, broker-dealers, and […]

Read More

Managing backups at scale in your AWS Organizations using AWS Backup

Customers want the ability to have a standardized way to manage their backups at scale with AWS Backup and their AWS Organizations. AWS Backup offers a centralized, managed service to back up data across AWS services in the cloud and on premises using AWS Storage Gateway. AWS Backup serves as a single dashboard for backup, restore, […]

Read More

Changing your Amazon S3 encryption from S3-Managed to AWS KMS

Customers who use Amazon Simple Storage Service (Amazon S3) often take advantage of S3-Managed Encryption Keys (SSE-S3) for server-side object encryption (SSE). For many customers, the decision to use SSE-S3 meets their security requirements, as it protects their data at rest. However, for some other customers, SSE-S3 may have met their requirements initially, but their […]

Read More

Replicating existing objects between S3 buckets

Customers commonly have business requirements or enterprise policies that call for additional copies of their existing Amazon S3 objects. While Amazon S3 Replication is widely used to replicate newly uploaded objects between S3 buckets, the simplest way of replicating large numbers of existing objects between S3 buckets is not obvious to many customers. In this […]

Read More

AWS Identity and Access Management on AWS Snowball Edge

Many of our customers use AWS Snowball Edge devices for secure data transfer and edge computing applications. Recently, AWS announced support for AWS Identity and Access Management (IAM) on Snowball Edge. Before the introduction of IAM on Snowball Edge, IT administrators shared a single access key/secret key combination with all the users who wanted to […]

Read More

How Zalando built its data lake on Amazon S3

Founded in 2008, Zalando is Europe’s leading online platform for fashion and lifestyle with over 32 million active customers. I am a lead data engineer at Zalando and a steady contributor to the company’s cloud journey. In this blog post, I cover how Amazon Simple Storage Service (Amazon S3) became a cornerstone of the data […]

Read More

Encrypting existing Amazon S3 objects with the AWS CLI

Encryption of data at rest is increasingly required by industry protocols, government regulations, and internal organizational security standards. Encryption helps you protect your stored data against unauthorized access and other security risks. Amazon S3’s default encryption can be used to automate the encryption of new objects in your bucket, but default encryption does not change […]

Read More

Deploying Amazon FSx for Windows File Server into a shared VPC

As enterprises continue to move more of their application footprint to the cloud, they quickly realize that they need a solution for their file data. While many modern applications are built to interact with API driven storage services, like object stores, NoSQL, or graph databases (among others), there are still a large number of workloads […]

Read More

AWS Storage Gateway adds File Gateway audit logs

As customers expand their use of cloud services, they must often align their security and compliance processes with existing enterprise requirements. In a hybrid cloud storage environment that includes both on-premises storage and cloud storage, it can be challenging for customers to monitor user activity related to their data. This is particularly the case as […]

Read More