Category: Security

Financial services customers that are regulated by the U.S. Securities and Exchange Commission (SEC) are required by regulations (17 CFR § 240.17a-4 and 17 CFR § 240.18a-6, or, briefly, “17a-4” and “18a-6”) to store their electronic books and records under certain protective measures. Both 17a-4 and 18a-6 require the ability to retrieve the original, unmodified […]

This post is Part 2 of a two-part blog post series that will take you, an application developer, through the process of configuring and developing a data application that authenticates users with Microsoft Entra ID and then uses S3 Access Grants to access data on those users’ behalf. Part 1 of this series gave an […]

This is Part 1 of a two-part blog series: Configuring the application. Here is Part 2: Developing the application. When we at AWS talk to our customers about their data lakes, they usually describe a desired access pattern in which users and groups from a corporate directory are granted access to datasets in Amazon Simple […]

The Java programming language has been among the most used languages in software development for many years, and a vast number of Java applications exist today. Almost all applications interact with files in some way, yet most of these have been written to interact with a file system based on block storage and cannot directly […]

Update April 8, 2024: As of February 27th, 2024, all AWS service API endpoints (including for Amazon S3) now require a minimum of TLS version 1.2. Therefore, the S3 bucket and S3 Access Point policy examples in this post that enforce minimum of TLS version 1.2 are no longer necessary as this is the default […]

Update (4/27/2023): Amazon S3 now automatically enables S3 Block Public Access and disables S3 access control lists (ACLs) for all new S3 buckets in all AWS Regions. Storing data securely is a key tenet for every business. Companies balance this against the need to share data where and when it’s needed. Human security review is a […]

Customers who use Amazon Simple Storage Service (Amazon S3) often take advantage of S3-managed encryption keys (SSE-S3) for server-side object encryption (SSE). For many customers, the decision to use SSE-S3 meets their security requirements, as it protects their data at rest. However, for some other customers, SSE-S3 may have met their requirements initially, but their […]

Encryption of data at rest is increasingly required by industry protocols, government regulations, and internal organizational security standards. Encryption helps you protect your stored data against unauthorized access and other security risks. Amazon S3’s default encryption can be used to automate the encryption of new objects in your bucket, but default encryption does not change […]

UPDATE 9/8/2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. As customers expand their use of cloud services, they must often align their security and compliance processes with existing enterprise requirements. In a hybrid cloud storage environment that includes both on-premises storage and cloud storage, it can be challenging for customers […]

Update (4/27/2023): Amazon S3 now automatically enables S3 Block Public Access and disables S3 access control lists (ACLs) for all new S3 buckets in all AWS Regions. Amazon Simple Storage Service (Amazon S3) was AWS’ first Generally Available service when it launched on Pi Day in 2006, and in doing so created cloud storage. It quickly […]