AWS S3 Encryption and Access Logs

Build on your AWS S3 skills by learning about S3 encryption and access logs.

We'll cover the following

Encryption in S3
Access logs
Practical
Sample access log files

Encryption in S3

We can encrypt our objects in S3, which is a third-party server. This fulfills compliance and security requirements in organizations that need an extra layer of security in case these servers are compromised. S3 offers four types of encryption, and understanding them is essential for the exam.

We can encrypt our objects in S3 using server-side encryption (SSE). S3 offers three types of SSE:

SSE-KMS: Server-side encryption using AWS KMS keys.
SSE-C: Server-side encryption using client-provided encryption keys.
SSE-S3: Server-side encryption using keys fully managed by S3.

SSE-KMS

S3 encrypts data using encryption keys in the AWS KMS service.
Users can manage their keys in KMS and use them for S3 encryption.
To encrypt data using SSE-KMS, we must set the header “x-amz-server-side-encryption”: “aws:kms”.

Get hands-on with 1200+ tech skills courses.

Introduction

Getting Started with AWS

AWS IAM

AWS EC2

AWS Load Balancers and Auto Scaling Groups

AWS Storage Services

AWS Databases

AWS ElastiCache

AWS Elastic Beanstalk and CloudFront

AWS CloudFormation

AWS Monitoring

AWS VPC

AWS Route 53

AWS Security Services and Encryption

AWS Systems Manager

Important AWS Services

AWS SysOps Administrator Practice Exams

AWS S3 Encryption and Access Logs

Encryption in S3

SSE-KMS