In this course, we review the methods available to us for securing S3 buckets and objects and how to use them. We also apply best security practices and see what other AWS services are at our disposal to help secure our S3 buckets and even remediate security issues.
Have you ever stumbled across online articles detailing the sad anecdotes of how insecure S3 buckets caused tons of data to be breached?
The reality is that over time, S3 has become a critical service that is highly available and durable and stores all forms of data, whether public or private. With increasing usage and varying use cases, the probability of attacks also increases, which is why it’s essential to learn to secure our data. One thing to remember is that because the use case depends on the organization/user/application, so does the security of the data being stored. So to sum it up, data security in S3 starts and ends with us—the humans.
AWS has introduced tons of features to help tackle all attack vectors; however, it’s up to the user to decide which ones they need to use. You don’t want to restrict access so much that it’s a hassle to let anyone read or list your data, but you also want to make sure access isn’t so open that it allows complete strangers permission to read from and upload to your bucket.