Protecting Data in S3 Buckets

anuj April 30, 2021 Protecting Data in S3 Buckets2021-04-30T14:20:20+00:00 1 Comment

Broadly, you can protect these via IAM Policies and via Encryption

Default Encryption

The objects are encrypted using server-side encryption with either Amazon S3-managed keys (SSE-S3) or customer master keys (CMKs) stored in AWS Key Management Service (AWS KMS).

Data Protection Best Practices

Implement server-side encryption
Enforce encryption of data in transit
Consider using Amazon Macie with Amazon S3
Identify and audit all your Amazon S3 buckets

IAM Best Practices - Several security best practices also address access control, including:

Ensure Amazon S3 buckets are not publicly accessible
Implement least privilege access
Use IAM roles
Enable MFA (Multi-Factor Authentication) Delete
Identify and audit all your Amazon S3 buckets
Monitor AWS security advisories

Protecting Data in S3 Buckets

1 Comment Already

Leave a Reply Cancel reply