AWS Storage Blog

Category: AWS Identity and Access Management (IAM)

Authorize NFS clients outside of AWS with AWS IAM Roles Anywhere

Securely storing and authorizing access to data in the cloud is a top priority. One challenge faced by organizations is developing a consistent authorization experience to grant access to data for hybrid architectures. Workloads running on AWS can access data stored on services like Amazon Elastic File System (Amazon EFS) using AWS Identity and Access […]

AWS Transfer Family Featured Image

Extending SAP workloads with AWS Transfer Family

Transfer protocols, such as Secure Shell (SSH) File Transfer Protocol (SFTP), File Transfer Protocol Secure (FTPS), and File Transfer Protocol (FTP) are essential for corporations to migrate file transfer workflows by integrating with existing authentication systems. These protocols are deeply embedded in business processes across many industries like financial services, healthcare, telecommunications, and retail. Companies […]

AWS Transfer Family Featured Image

­­Encrypt and decrypt files with PGP and AWS Transfer Family

1/11/2024: Updates made due to CloudShell migration to Amazon Linux 2023 (AL2023). Protecting sensitive data is not a novel idea. Customers in industries like financial services and healthcare regularly exchange files containing sensitive data, including Personal Identifiable Information (PII) and financial records with their users. Pretty Good Privacy (PGP) encryption of these files is often […]

S3 Security

Disabling ACLs for existing Amazon S3 workloads with information in S3 server access logs and AWS CloudTrail

Access control lists (ACLs) are permission sets that define user access, and the operations users can take on specific resources. Amazon S3 was launched in 2006 with ACLs as its first authorization mechanism. Since 2011, Amazon S3 has also supported AWS Identity and Access Management (IAM) policies for managing access to S3 buckets, and recommends using […]

S3 Security

Enforcing encryption in transit with TLS1.2 or higher with Amazon S3

Update April 8, 2024: As of February 27th, 2024, all AWS service API endpoints (including for Amazon S3) now require a minimum of TLS version 1.2. Therefore, the S3 bucket and S3 Access Point policy examples in this post that enforce minimum of TLS version 1.2 are no longer necessary as this is the default […]

AWS Elastic Disaster Recovery

Failover Microsoft Azure workloads to AWS using AWS Elastic Disaster Recovery

Enterprises strive to make sure that business critical applications, workloads, and data remain available during planned and unplanned downtime. When using the cloud, organizations must make sure to apply the same approach to business continuity and disaster recovery as they would with on-premises infrastructure. Customers on the cloud can leverage AWS Elastic Disaster Recovery (AWS […]

Simplify and scale access management to shared datasets with cross-account Amazon S3 Access Points

In today’s interconnected and data centric world, businesses must have access to the right data for data-driven decision-making, ultimately driving better business results. Collecting all the relevant data takes time and capital as it requires setting up data ingestion pipelines, hiring analysts to validate and interpret the data, and incorporating data insights that influence important […]

AWS Backup 2021 blog image

Automating AWS Backup pre- and post-script execution with AWS Step Functions

Customers execute custom scripts before or after a backup job to automate and orchestrate required and repetitive tasks. For example, customers running applications hosted in Amazon Elastic Compute Cloud (EC2) instances use scripts to complete application transactions, flush the buffers and caches, stop file I/O operations, or ensure that the application is idle, bringing the […]

AWS Backup 2021 blog image

Troubleshooting automated pre- and post-scripts for AWS Backup

Customers can use event-driven architectures with decoupled tasks to automate and orchestrate custom scripts for backup jobs. With event-driven architectures, troubleshooting is key to understanding failures at the component levels in order to resolve issues that arise and keep the entire automated workflow running smoothly. In the first post in this two-part blog series, we […]

AWS Elastic Disaster Recovery

Synchronize Amazon EC2 instance tags and instance type with AWS Elastic Disaster Recovery source servers

When performing disaster recovery, you recover your original systems and IT infrastructure to their original state at an alternate, available site. When you recover your servers, the recovered servers should match the original compute infrastructure to reduce the risk of underprovisioning or overprovisioning your recovery environment. This improves the likelihood that your recovery servers have […]