AWS Storage Blog
Category: Security, Identity, & Compliance
Find public Amazon S3 buckets in your AWS account
Data is key to business, and securing it from unintended access is a critical business activity. As cloud usage increases, this can be a significant task to address. You want to verify that you aren’t unintentionally exposing or sharing data publicly. Under the Shared Responsibility Model, AWS is responsible for protecting the infrastructure that runs […]
Disabling ACLs for existing Amazon S3 workloads with information in S3 server access logs and AWS CloudTrail
Access control lists (ACLs) are permission sets that define user access, and the operations users can take on specific resources. Amazon S3 was launched in 2006 with ACLs as its first authorization mechanism. Since 2011, Amazon S3 has also supported AWS Identity and Access Management (IAM) policies for managing access to S3 buckets, and recommends using […]
Best practices for data lake protection with AWS Backup
Data lakes, powered by Amazon Simple Storage Service (Amazon S3), provide organizations with the availability, agility, and flexibility required for modern analytics approaches to gain deeper insights. Protecting sensitive or business-critical information stored in these S3 buckets is a high priority for organizations. AWS Backup for Amazon S3 makes it easier to centrally automate the […]
Reducing AWS Key Management Service costs by up to 99% with Amazon S3 Bucket Keys
Customers across many industries face increasingly stringent audit and compliance requirements on data security and privacy. Certain compliance frameworks, such as FISMA, FEDRAMP, PCI DSS, and SOC 2, have specific regulatory standards for validating the security of systems. A common requirement for these compliance frameworks is more rigorous encryption standards for data-at-rest, where organizations must […]
Extending Java applications to directly access files in Amazon S3 without recompiling
The Java programming language has been among the most used languages in software development for many years, and a vast number of Java applications exist today. Almost all applications interact with files in some way, yet most of these have been written to interact with a file system based on block storage and cannot directly […]
Seamlessly map file shares for Amazon FSx for Windows File Server with AWS Auto Scaling
When managing a fleet of Windows instances, you often need a central repository for files that can be accessed from multiple locations. Having an automatically mapped Server Message Block (SMB) file share when your end-users connect to the domain-joined instances automates the repetitive and time-consuming task of mapping file shares manually to hundreds of new […]
Enforcing encryption in transit with TLS1.2 or higher with Amazon S3
Update April 8, 2024: As of February 27th, 2024, all AWS service API endpoints (including for Amazon S3) now require a minimum of TLS version 1.2. Therefore, the S3 bucket and S3 Access Point policy examples in this post that enforce minimum of TLS version 1.2 are no longer necessary as this is the default […]
Failover Microsoft Azure workloads to AWS using AWS Elastic Disaster Recovery
Enterprises strive to make sure that business critical applications, workloads, and data remain available during planned and unplanned downtime. When using the cloud, organizations must make sure to apply the same approach to business continuity and disaster recovery as they would with on-premises infrastructure. Customers on the cloud can leverage AWS Elastic Disaster Recovery (AWS […]
Understanding Amazon S3 Block Public Access
Update (4/27/2023): Amazon S3 now automatically enables S3 Block Public Access and disables S3 access control lists (ACLs) for all new S3 buckets in all AWS Regions. Storing data securely is a key tenet for every business. Companies balance this against the need to share data where and when it’s needed. Human security review is a […]
Simplify and scale access management to shared datasets with cross-account Amazon S3 Access Points
In today’s interconnected and data centric world, businesses must have access to the right data for data-driven decision-making, ultimately driving better business results. Collecting all the relevant data takes time and capital as it requires setting up data ingestion pipelines, hiring analysts to validate and interpret the data, and incorporating data insights that influence important […]