eustaquio.bruno
While watching the class is pretty obvious the benefits of cross-region replication regarding compliance and latency, but I didn’t quite catch the security benefits of it that Scott mentioned in the video. Does someone have an example?
Thanks!
1 Answers
vault0109
I think when you use the cross region replication with the S3, you can also overwrite the owner of objects to be the owner of destination bucket once the objects are copied to the destination bucket. If we’re using the cross region replication to copy your log files from a source bucket to a destination bucket, you can ensure that your log files from the destination bucket can’t be accessed by the users from your source bucket.
your answer is backed up by the documentation: "Maintain object copies under different ownership — Regardless of who owns the source object, you can tell Amazon S3 to change replica ownership to the AWS account that owns the destination bucket. This is referred to as the owner override option. You can use this option to restrict access to object replicas." https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html