This is the third article in a three-part series on Amazon S3 Security In-Depth. In Part I of this series, we discussed the different mechanisms you can use to allow access to your Amazon S3 buckets and objects. In Part II, we looked at writing identity-based policies to manage access to your S3 resources. In this Part III, we will cover authentication and identity within the context of AWS Identity and Access Management (IAM). Continue reading
This is the second in a three-part series on Amazon S3 Security In-Depth. In Part I of this series, we discussed the different mechanisms you can use to allow access to your Amazon S3 buckets and objects. In this Part II, we will take a deeper look at managing access to your S3 resources using AWS Identity and Access Management (IAM). Continue reading
To use Amazon S3 effectively, you need to be aware of the security mechanisms provided by AWS to control your S3 resources. This is the first part in a three-part series on S3 security. In this part, we will discuss the three different access control tools provided by AWS to manage your S3 resources. Continue reading
In this post, you will learn about S3 Select, a feature announced by AWS in 2017 to allow you to retrieve subsets of data from an object on S3. We will discuss why you would want to use S3 Select, then walk through a simple use case of how to use S3 Select with Boto 3, the AWS SDK for Python.
One of the most critical aspects of a sensible backup strategy is the selection of backup storage. From Google Drive to a private Minio server, the range of options is truly infinite. Some of those storage services, however, come with limitations that force you to examine professional-grade choices. Continue reading
All of the major public clouds offer identity and access management (IAM) tools. The exact nature of the various cloud IAM tools vary, however. So do their names.
As a result, if you are familiar with the IAM solutions available from one public cloud, such as Amazon Web Services (AWS), it can be challenging to understand how IAM tools work on another platform, like Google Cloud or Microsoft Azure.
This article clarifies that issue by comparing the identity and access management tools and frameworks associated with each of the three major public clouds -- AWS, Azure, and Google. It identifies the key IAM-related terms and tools to know for each cloud and explains the approach that each cloud takes to managing user accounts, groups, access control and (where applicable) Active Directory integration. Continue reading
Geographical redundancy, or geo redundancy for short, is a valuable data storage strategy that can help to improve data reliability and availability. When you replicate data across multiple regions, your data is more resistant to disruptions that could cause damage to a particular data center or set of servers.
Want to take advantage of geo redundant storage but are unsure where to start? This article is for you. Below, we compare AWS replication across regions, Azure storage geo replication and the data replication features available on Google Cloud Storage.
The article’s goal is to help you understand which geo redundancy options are available from each of these three major cloud storage providers. Continue reading
Protecting your S3 buckets is a critical security measure when using AWS. There have been numerous bad stories about unprotected S3 buckets, from established contractors like Accenture and Booz Allen Hamilton, to huge companies like Verizon Wireless and Time Warner Cable.
In this article, we'll learn how and why to use pre-signed S3 URLs to provide secure, temporary access to objects in your S3 buckets. We will discuss generating pre-signed S3 URLs for occasional, one-off use cases as well as programmatically generating them for use in yourapplication code. There are multiple code examples for each use case. Continue reading
Apart from our website, CloudBerry Lab Products can be purchased on AWS marketplace. Read on to learn more about the pricing model and licensing details.