AWS launches new S3 encryption and security features

The new features include some for more secure cross-region replication.
Written by Stephanie Condon, Senior Writer

Video: AWS unveils P3 instances for faster machine learning

Amazon Web Services on Tuesday rolled out a series of new security and encryption features to its S3 cloud storage service. The features are available now for no additional charge. They follow the rollout of Macie, a data security service that uses machine learning to protect S3 content.

There are five new features available:

  • Default Encryption: Previously, to ensure that all objects in a bucket were encrypted, a user had to construct a bucket policy that rejected objects that were not encrypted. Now, a user can install a bucket encryption configuration to ensure unencrypted objects presented to S3 are encrypted using the specified method.
  • Permission Checks : The S3 Console now clearly labels which S3 buckets are publicly accessible:

  • Cross-Region Replication ACL Overwrite: In S3, developers can control the privacy settings of each block with an Access Control List (ACL). Now, when a user replicates objects across AWS accounts, they can specify that the object gets a new ACL, giving full access to the destination account.
  • Cross-Region Replication with Key Management Service (KMS): It's also easier now for users to establish a key policy for the destination bucket. During cross-region replication, encrypted objects are replicated to the destination over an SSL connection. The object remains in its original, encrypted form, and only the envelope containing the keys is changed.
  • Detailed Inventory Report: The S3 daily and weekly inventory reports can now include the encryption status of each object. The report itself can also be encrypted.

Previous and related coverage

AWS unveils P3 instances for faster machine learning

The new instances could help reduce the training time for deep neural networks.

Nokia partners with AWS on cloud migration, 5G and IoT strategies

Nokia and AWS will collaborate across the development of 5G and IoT strategies, while also working to accelerate and improve enterprise migration to cloud and use of SD-WAN services.

Salesforce platform now accessible through AWS Sydney

Telstra and icare are the first Australian customers to access the company's Customer Success Platform on local infrastructure.

Editorial standards