O'Reilly logo

Cloud Security Automation by Prashant Priyam

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security in S3

S3 is highly secure storage. Here, we can enable fine-grained access policies for resource access and encryption.

To enable access-level security, you can use the following:

  • S3 bucket policy
  • IAM access policy
  • MFA for object deletion 

The S3 bucket policy is a JSON code that defines what will be accessed by whom and at what level:

{
  "Version": "2008-10-17",
  "Statement": [
    {
      "Sid": "AllowPublicRead",
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": [
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::prashantpriyam/*"
      ]
    }
  ]
}

In the preceding JSON code, we have just allowed read-only access for all the objects (as defined in the Action section) for an S3 bucket named prashantpriyam (defined in the Resource section).

Similar ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required