Category: AWS Identity and Access Management (IAM)

This post is Part 2 of a two-part blog post series that will take you, an application developer, through the process of configuring and developing a data application that authenticates users with Microsoft Entra ID and then uses S3 Access Grants to access data on those users’ behalf. Part 1 of this series gave an […]

This is Part 1 of a two-part blog series: Configuring the application. Here is Part 2: Developing the application. When we at AWS talk to our customers about their data lakes, they usually describe a desired access pattern in which users and groups from a corporate directory are granted access to datasets in Amazon Simple […]

Amazon Simple Storage Service (Amazon S3) is the most popular object storage platform for modern data lakes. Organizations today evolved to adopt a lake house architecture that combines the scalability and cost effectiveness of data lakes with the performance and ease-of-use of data warehouses. Likewise, Amazon S3 plays an increasingly important role as the foundational […]

To adhere to the principle of least privilege, users define granular access to their Amazon Simple Storage Service (Amazon S3) data based on applications, personas, groups or organization units (OUs). This practice helps customers to mitigate the risk of unauthorized access, limiting potential damage in case of a security breach as employees only have access […]

SaaS providers with multi-tenant environments use cloud solutions to dynamically scale their workloads as customer demand increases. As their cloud footprint grows, having visibility into each end-customer’s storage consumption becomes important to distribute resources accordingly. An organization can use storage usage data per customer (tenant) to adjust its pricing model or better plan its budget. […]

Orca Security, an AWS Partner, is an independent cybersecurity software provider whose agent-less cloud security environment is trusted by hundreds of enterprises globally. Orca makes cloud security simple for enterprises moving to and scaling with AWS with its patented SideScanning™ technology and Unified Data Model. Orca’s customers use Amazon Elastic Block Store (Amazon EBS) volumes […]

Securely storing and authorizing access to data in the cloud is a top priority. One challenge faced by organizations is developing a consistent authorization experience to grant access to data for hybrid architectures. Workloads running on AWS can access data stored on services like Amazon Elastic File System (Amazon EFS) using AWS Identity and Access […]

Transfer protocols, such as Secure Shell (SSH) File Transfer Protocol (SFTP), File Transfer Protocol Secure (FTPS), and File Transfer Protocol (FTP) are essential for corporations to migrate file transfer workflows by integrating with existing authentication systems. These protocols are deeply embedded in business processes across many industries like financial services, healthcare, telecommunications, and retail. Companies […]

1/11/2024: Updates made due to CloudShell migration to Amazon Linux 2023 (AL2023). Protecting sensitive data is not a novel idea. Customers in industries like financial services and healthcare regularly exchange files containing sensitive data, including Personal Identifiable Information (PII) and financial records with their users. Pretty Good Privacy (PGP) encryption of these files is often […]

Access control lists (ACLs) are permission sets that define user access, and the operations users can take on specific resources. Amazon S3 was launched in 2006 with ACLs as its first authorization mechanism. Since 2011, Amazon S3 has also supported AWS Identity and Access Management (IAM) policies for managing access to S3 buckets, and recommends using […]