Protecting S3 Files

Explore methods to protect files uploaded directly to Amazon S3 by implementing server-side encryption and configuring access policies. Understand how to leverage AWS tools like CloudFormation and SAM to enable encryption without altering client code, ensuring data privacy and security in serverless applications.

We'll cover the following...

Encrypting files

Encrypting files #

Users can now upload files, but they may rightly be concerned about security and privacy. You can encrypt the file contents to protect them. In a typical three-tier server application, an application server could receive user data and then encrypt it before saving it to S3. With a direct upload, you can’t control what is sent to S3, because you’ve removed the gatekeeper. You could try encrypting this on the client device before sending it, but then you couldn’t use just a simple browser form. Plus, you’d have to somehow send your encryption keys to client devices, which can create a security nightmare. Because encryption was such a common need, AWS implemented it as part of the platform. With serverless architectures, most gatekeeper roles are passed onto the platform, not to a ...

1.Getting Started

2.Setup Tools for Local Development

3.Creating a Web Service

Cloud Lab

4.Development and Troubleshooting

5.Core Features of AWS Lambda

6.Handling HTTP Requests

7.Using External Storage

8.Cheaper, Faster, Serverless

9.Handling Platform Events

10.Using Application Components

11.Managing Sessions and User Workflows

12.Designing Robust Applications

13.Deployment Options

Cloud Lab

Protecting S3 Files

Encrypting files #