Protecting S3 Files

In this lesson, you will learn how to protect your files through encryption when you store them in S3.

We'll cover the following...

Encrypting files #

Users can now upload files, but they may rightly be concerned about security and privacy. You can encrypt the file contents to protect them. In a typical three-tier server application, an application server could receive user data and then encrypt it before saving it to S3. With a direct upload, you can’t control what is sent to S3, because you’ve removed the gatekeeper. You could try encrypting this on the client device before sending it​, but then you couldn’t use just a simple browser form. Plus, you’d have to somehow send your encryption keys to client devices, which can create a security nightmare. Because encryption was such a common need, AWS implemented it as part of the platform. With serverless architectures, most gatekeeper roles are passed onto the platform, not to a ...