Learning Notebook - David Rostcheck
Public View
learning_event details
Learning Event ID
Subject
Topic
Program
Length
Institution
Presenter
Format
Recorded Date
Completed Date
Notes
When it comes to securing access to your Amazon S3 buckets, AWS provides various options. You can utilize access control lists (ACLs), AWS Identity and Access Management (IAM) user policies, and S3 access policies. Even within S3 access policies, you have options to consider. You can use the Principal element, which allows you to utilize the default-deny capabilities of the policy language to grant access to, for example, a list of AWS accounts. There is also an often-overlooked “sibling” to the Principal element, the NotPrincipal element, which enables more-granular whitelisting. The NotPrincipal element allows you to ensure explicitly that no one—except a few select users—has access to a specific resource. In this blog post, I will demonstrate how to create an S3 access policy that uses the NotPrincipal element to whitelist access to sensitive S3 buckets.
Personal Notes
Link
Review
Return to
main screen