AWS Storage Blog

Category: Security, Identity, & Compliance

Amazon S3 featured image - new

Disabling Amazon S3 access control lists with S3 Inventory

Access control lists (ACLs) define user access and the operations users can take on specific resources. Amazon Simple Storage Service (Amazon S3) was launched in 2006 with ACLs as its first authorization mechanism. Since 2011, Amazon S3 has also supported AWS Identity and Access Management (IAM) policies for managing access to S3 buckets, and it recommends […]

Authorize NFS clients outside of AWS with AWS IAM Roles Anywhere

Securely storing and authorizing access to data in the cloud is a top priority. One challenge faced by organizations is developing a consistent authorization experience to grant access to data for hybrid architectures. Workloads running on AWS can access data stored on services like Amazon Elastic File System (Amazon EFS) using AWS Identity and Access […]

AWS Transfer Family Featured Image

Detect malware threats using AWS Transfer Family

Securely sharing files over SFTP, FTP, and FTPS is a staple within many business-to-business (B2B) workflows. Across industries, companies use file transfer to transmit inventory, invoice, and compliance information. It is critical for companies to make sure that shared files do not have any malicious content that could compromise their systems. Guaranteeing the shared files […]

AWS Transfer Family Featured Image

Extending SAP workloads with AWS Transfer Family

Transfer protocols, such as Secure Shell (SSH) File Transfer Protocol (SFTP), File Transfer Protocol Secure (FTPS), and File Transfer Protocol (FTP) are essential for corporations to migrate file transfer workflows by integrating with existing authentication systems. These protocols are deeply embedded in business processes across many industries like financial services, healthcare, telecommunications, and retail. Companies […]

AWS Transfer Family Featured Image

­­Encrypt and decrypt files with PGP and AWS Transfer Family

1/11/2024: Updates made due to CloudShell migration to Amazon Linux 2023 (AL2023). Protecting sensitive data is not a novel idea. Customers in industries like financial services and healthcare regularly exchange files containing sensitive data, including Personal Identifiable Information (PII) and financial records with their users. Pretty Good Privacy (PGP) encryption of these files is often […]

Amazon S3 featured image - new

Find public Amazon S3 buckets in your AWS account

Data is key to business, and securing it from unintended access is a critical business activity. As cloud usage increases, this can be a significant task to address. You want to verify that you aren’t unintentionally exposing or sharing data publicly. Under the Shared Responsibility Model, AWS is responsible for protecting the infrastructure that runs […]

S3 Security

Disabling ACLs for existing Amazon S3 workloads with information in S3 server access logs and AWS CloudTrail

Access control lists (ACLs) are permission sets that define user access, and the operations users can take on specific resources. Amazon S3 was launched in 2006 with ACLs as its first authorization mechanism. Since 2011, Amazon S3 has also supported AWS Identity and Access Management (IAM) policies for managing access to S3 buckets, and recommends using […]

AWS Backup 2021 blog image

Best practices for data lake protection with AWS Backup

Data lakes, powered by Amazon Simple Storage Service (Amazon S3), provide organizations with the availability, agility, and flexibility required for modern analytics approaches to gain deeper insights. Protecting sensitive or business-critical information stored in these S3 buckets is a high priority for organizations. AWS Backup for Amazon S3 makes it easier to centrally automate the […]

S3 cost optimization

Reducing AWS Key Management Service costs by up to 99% with Amazon S3 Bucket Keys

Customers across many industries face increasingly stringent audit and compliance requirements on data security and privacy. Certain compliance frameworks, such as FISMA, FEDRAMP, PCI DSS, and SOC 2, have specific regulatory standards for validating the security of systems. A common requirement for these compliance frameworks is more rigorous encryption standards for data-at-rest, where organizations must […]

Amazon S3 featured image - new

Extending Java applications to directly access files in Amazon S3 without recompiling

The Java programming language has been among the most used languages in software development for many years, and a vast number of Java applications exist today. Almost all applications interact with files in some way, yet most of these have been written to interact with a file system based on block storage and cannot directly […]