AWS Storage Blog
Category: AWS Identity and Access Management (IAM)
Authorize NFS clients outside of AWS with AWS IAM Roles Anywhere
Securely storing and authorizing access to data in the cloud is a top priority. One challenge faced by organizations is developing a consistent authorization experience to grant access to data for hybrid architectures. Workloads running on AWS can access data stored on services like Amazon Elastic File System (Amazon EFS) using AWS Identity and Access […]
Extending SAP workloads with AWS Transfer Family
Transfer protocols, such as Secure Shell (SSH) File Transfer Protocol (SFTP), File Transfer Protocol Secure (FTPS), and File Transfer Protocol (FTP) are essential for corporations to migrate file transfer workflows by integrating with existing authentication systems. These protocols are deeply embedded in business processes across many industries like financial services, healthcare, telecommunications, and retail. Companies […]
Encrypt and decrypt files with PGP and AWS Transfer Family
1/11/2024: Updates made due to CloudShell migration to Amazon Linux 2023 (AL2023). Protecting sensitive data is not a novel idea. Customers in industries like financial services and healthcare regularly exchange files containing sensitive data, including Personal Identifiable Information (PII) and financial records with their users. Pretty Good Privacy (PGP) encryption of these files is often […]
Disabling ACLs for existing Amazon S3 workloads with information in S3 server access logs and AWS CloudTrail
Access control lists (ACLs) are permission sets that define user access, and the operations users can take on specific resources. Amazon S3 was launched in 2006 with ACLs as its first authorization mechanism. Since 2011, Amazon S3 has also supported AWS Identity and Access Management (IAM) policies for managing access to S3 buckets, and recommends using […]
Enforcing encryption in transit with TLS1.2 or higher with Amazon S3
Update April 8, 2024: As of February 27th, 2024, all AWS service API endpoints (including for Amazon S3) now require a minimum of TLS version 1.2. Therefore, the S3 bucket and S3 Access Point policy examples in this post that enforce minimum of TLS version 1.2 are no longer necessary as this is the default […]
Failover Microsoft Azure workloads to AWS using AWS Elastic Disaster Recovery
Enterprises strive to make sure that business critical applications, workloads, and data remain available during planned and unplanned downtime. When using the cloud, organizations must make sure to apply the same approach to business continuity and disaster recovery as they would with on-premises infrastructure. Customers on the cloud can leverage AWS Elastic Disaster Recovery (AWS […]
Simplify and scale access management to shared datasets with cross-account Amazon S3 Access Points
In today’s interconnected and data centric world, businesses must have access to the right data for data-driven decision-making, ultimately driving better business results. Collecting all the relevant data takes time and capital as it requires setting up data ingestion pipelines, hiring analysts to validate and interpret the data, and incorporating data insights that influence important […]
Automating AWS Backup pre- and post-script execution with AWS Step Functions
Customers execute custom scripts before or after a backup job to automate and orchestrate required and repetitive tasks. For example, customers running applications hosted in Amazon Elastic Compute Cloud (EC2) instances use scripts to complete application transactions, flush the buffers and caches, stop file I/O operations, or ensure that the application is idle, bringing the […]
Troubleshooting automated pre- and post-scripts for AWS Backup
Customers can use event-driven architectures with decoupled tasks to automate and orchestrate custom scripts for backup jobs. With event-driven architectures, troubleshooting is key to understanding failures at the component levels in order to resolve issues that arise and keep the entire automated workflow running smoothly. In the first post in this two-part blog series, we […]
Synchronize Amazon EC2 instance tags and instance type with AWS Elastic Disaster Recovery source servers
When performing disaster recovery, you recover your original systems and IT infrastructure to their original state at an alternate, available site. When you recover your servers, the recovered servers should match the original compute infrastructure to reduce the risk of underprovisioning or overprovisioning your recovery environment. This improves the likelihood that your recovery servers have […]