DEV Community

Venkatesh K
Venkatesh K

Posted on • Originally published at venkatesh111.hashnode.dev on

AWS S3 Security

All Buckets and objects are private by default. Only the resource owner, an AWS account that created it, can access the resource.

Access to S3 bucket and/or objects can be controlled via

  1. IAM Policies
  2. Bucket Polices
  3. Access Control Lists

image.png

IAM Policies, Bucket Polices, & ACLimage.png

IAM Policies Vs. Bucket Polices

IAM Policies are attached to IAM Entities such as User, Groups and Roles and they define What is allowed or denied ?

Bucket Polices are attached to S3 Buckets and define Who is allowed or denied

image.png

AWS S3 Block Public Access Block Public Access is applicable to only Public/Anonymous access Block public access settings can override ACLs and bucket policies public access You can apply block public access settings to individual buckets or to all buckets in your account

image.png

When to use What ?

image.png

AWS References:

https://aws.amazon.com/s3/security/

https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html

https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-iam-policies.html

https://docs.aws.amazon.com/AmazonS3/latest/userguide/acls.html

https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html

For More such simple notes on AWS, Follow me on

LinkedIn: https://www.linkedin.com/in/venkatesh111/

Twitter: https://twitter.com/venkatesh111

GitHub: https://venkateshk111.github.io/

Top comments (0)