AWS Storage Blog
Category: Security, Identity, & Compliance
How to develop a user-facing data application with IAM Identity Center and S3 Access Grants (Part 2)
This post is Part 2 of a two-part blog post series that will take you, an application developer, through the process of configuring and developing a data application that authenticates users with Microsoft Entra ID and then uses S3 Access Grants to access data on those users’ behalf. Part 1 of this series gave an […]
How to develop a user-facing data application with IAM Identity Center and S3 Access Grants (Part 1)
This is Part 1 of a two-part blog series: Configuring the application. Here is Part 2: Developing the application. When we at AWS talk to our customers about their data lakes, they usually describe a desired access pattern in which users and groups from a corporate directory are granted access to datasets in Amazon Simple […]
How to enforce Amazon S3 Access Grants with Immuta
Amazon Simple Storage Service (Amazon S3) is the most popular object storage platform for modern data lakes. Organizations today evolved to adopt a lake house architecture that combines the scalability and cost effectiveness of data lakes with the performance and ease-of-use of data warehouses. Likewise, Amazon S3 plays an increasingly important role as the foundational […]
Scaling data access with Amazon S3 Access Grants
To adhere to the principle of least privilege, users define granular access to their Amazon Simple Storage Service (Amazon S3) data based on applications, personas, groups or organization units (OUs). This practice helps customers to mitigate the risk of unauthorized access, limiting potential damage in case of a security breach as employees only have access […]
Getting visibility into storage usage in multi-tenant Amazon S3 buckets
SaaS providers with multi-tenant environments use cloud solutions to dynamically scale their workloads as customer demand increases. As their cloud footprint grows, having visibility into each end-customer’s storage consumption becomes important to distribute resources accordingly. An organization can use storage usage data per customer (tenant) to adjust its pricing model or better plan its budget. […]
Consolidate and query Amazon S3 Inventory reports for Region-wide object-level visibility
Organizations around the world store billions of objects and files representing terabytes to petabytes of data. Data is often owned by different teams, departments, or business units, spanning multiple locations. As the amount of datastores, locations, and owners grow, you need a way to cost-effectively maintain visibility on important characteristics of your data, including based […]
How Orca Security efficiently shares encrypted Amazon EBS Snapshots
Orca Security, an AWS Partner, is an independent cybersecurity software provider whose agent-less cloud security environment is trusted by hundreds of enterprises globally. Orca makes cloud security simple for enterprises moving to and scaling with AWS with its patented SideScanning™ technology and Unified Data Model. Orca’s customers use Amazon Elastic Block Store (Amazon EBS) volumes […]
Disabling Amazon S3 access control lists with S3 Inventory
Access control lists (ACLs) define user access and the operations users can take on specific resources. Amazon Simple Storage Service (Amazon S3) was launched in 2006 with ACLs as its first authorization mechanism. Since 2011, Amazon S3 has also supported AWS Identity and Access Management (IAM) policies for managing access to S3 buckets, and it recommends […]
Authorize NFS clients outside of AWS with AWS IAM Roles Anywhere
Securely storing and authorizing access to data in the cloud is a top priority. One challenge faced by organizations is developing a consistent authorization experience to grant access to data for hybrid architectures. Workloads running on AWS can access data stored on services like Amazon Elastic File System (Amazon EFS) using AWS Identity and Access […]
Detect malware threats using AWS Transfer Family
Securely sharing files over SFTP, FTP, and FTPS is a staple within many business-to-business (B2B) workflows. Across industries, companies use file transfer to transmit inventory, invoice, and compliance information. It is critical for companies to make sure that shared files do not have any malicious content that could compromise their systems. Guaranteeing the shared files […]