S3 and S3 Glacier Security Policies
Understand how to secure AWS S3 and Glacier storage by managing access through IAM and bucket policies, ACLs, and using Vault Lock for compliance. Learn to implement least privilege permissions and enforce encryption for uploaded objects.
S3 policies
We can use two types of policies to control access to S3 buckets.
- User-based (IAM) policies: These are the policies that we can attach to IAM roles and users.
- Bucket policies: These are the resource-based policies attached to every bucket that controls access.
AWS combines these policies, so as long as either the bucket policy or IAM policy allows access, the user or principal has access to the bucket. An explicit ...