New Training: Plan for S3 Confidentiality Data Security
| new skills - Team Nuggets

New Training: Plan for S3 Confidentiality Data Security

In this 6-video skill, CBT Nuggets trainer Bart Castle teaches you about critical S3 security best practices for ensuring confidentiality. Learn how to ensure that S3 object data isn’t publicly accessible, how to secure S3 object data by using AES encryption, and how to plan for the appropriate combination of client-side encryption, server-side encryption, and key management options. Watch this new AWS training.

Learn AWS with one of these courses:

This training includes:

  • 6 videos
  • 40 minutes of training

You’ll learn these topics in this skill:

  • S3 Confidentiality
  • S3 Client-Side Encryption
  • S3 Server-Side Encryption: Client Key
  • S3 Server-Side Encryption: S3 Keys
  • S3 Server-Side Encryption: KMS Keys
  • S3 Public Access Account Restrictions

How to Secure AWS S3 Data with Encryption At Rest

AWS S3 provides multiple tools for securing data with things like access control lists and policy restrictions. Another one of the mechanisms AWS offers to secure data is the ability to encrypt data before sending it to S3. Encrypting data before storing it in S3 is easy, too.

The AWS SDK offers encryption out of the box. Developers don't need to use other encryption methods to secure data before transporting it to S3. Instead, they can use the AWS SDK to encrypt data with either AES or RSA encryption schemes. This allows a way for developers to access native encryption functions without risking using libraries maintained by developers with whom they don't know.

To use AWS encryption functions, developers will need to create master keys, or private keys, stored with AWS's Key Management System. KMS is a service provided by AWS to secure and manage private API and encryption keys. It works similarly to IAM and can also be controlled through IAM policies as well.

For more information and examples on how to use encryption methods through the AWS SDK, visit the AWS knowledge base article titled Protecting data using client-side encryption.



Ultimate Security Cert Guide

A 62-page guide to every Palo Alto, Offensive Security, (ISC)2, Check Point, CompTIA, and Cisco certification, and how they fit into your career.

By submitting this form you agree that you have read, understood, and are able to consent to our privacy policy.


Learn anytime anywhere with our mobile apps.

I have read and understood the privacy policy and am able to consent to it.

© 2021 CBT Nuggets. All rights reserved. Terms | Privacy Policy | Accessibility | Sitemap | 1550 Valley River Drive, Eugene, OR 97401 | 541-284-5522
CBT Nuggets