Explore the options for S3 encryption in this video.
- [Narrator] For the encryption of data records, … stored in S3 buckets, we can protect the data in transit … we're connecting with SSL endpoints or VPC endpoints. … SSL endpoints, obviously, across the internet. … VPC endpoints, totally private. … Our traffic flow on the Amazon private network. … For protection of the data records at rest, … we have the choices of server-side or … client-side encryption. … The data encrypted at the object level, is going to be using … AES 256-bit encryption. … For S3 access, we can control that access with … ACLs Access Control Lists, bucket policies, … which are resource policies to finding … what users can actually access the bucket contents, … or specific IAM policies, which were assigned to the users. … For Server-Side Encryption, abbreviated SSE-S3, … server-side encryption with S3 is using managed keys. … Each object is encrypted with a unique data key, … which in-turn is encrypted with the customer master key. … We can also optionally, do server-side encryption …
Skill Level Intermediate
1. Infrastructure Security
2. Data Protection
3. Detective Controls
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.