Security of Amazon S3 is a shared responsibility. Cloud security at AWS is the highest priority. AWS is responsible for the "security of the cloud," whereas customers are responsible for "security in the cloud". As an AWS customer, you benefit from a data center and network architecture that are built to meet the requirements of the most security-sensitive organizations. This eBook addresses foundational Amazon S3 security best practices and guidelines for you to consider as you develop and implement your own storage security policies. The best practices and guidelines don't represent a complete security solution, treat them as helpful considerations rather than prescriptions.
Read the security best practices and guidelines for S3 eBook to:
- Understand the "least privilege" access model
- Ensure that your S3 buckets are not publicly accessible
- Protect data at scale with Amazon S3 by using encryption, versioning, and other tools
- Audit and implement monitoring of your S3 buckets