A Cloud Guru - Certified Solutions Architect Associate - S3 - Security & Encryption
30 Apr 2018
Securing your buckets
- By default, all newly created buckets are PRIVATE
- You can setup access control to your buckets using;
- Bucket Policies
- Access Control Lists
- S3 buckets can be configured to create access logs which log all requests made to the S3 bucket. This can be done to another bucket.
Encryption in S3
- In Transit;
- SSL/TLS
- At Rest;
- Server Side Encryption
- S3 Managed Keys - SSE-S3
- AWS Key Management Service, Managed Keys - SSE-KMS
- Server Side Encryption With Customer Provided Keys - SSE-C
- Client Side Encryption