Book Image

Amazon S3 Cookbook (n)

By : Naoya Hashimoto
Book Image

Amazon S3 Cookbook (n)

By: Naoya Hashimoto

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Amazon S3 Cookbook (n)
Naoya Hashimoto
Aug, 2015 | 280 pages
No titles found
Table of Contents (19 chapters)
Amazon S3 Cookbook
Amazon S3 Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Managing Common Operations with AWS SDKs
Managing Common Operations with AWS SDKs
Introduction
Learning AWS SDK for Java and basic S3 operations with sample code
Learning AWS SDK for Node.js and basic S3 operations with sample code
Learning AWS SDK for Python and basic S3 operations with sample code
Learning AWS SDK for Ruby and basic S3 operations with sample code
Learning AWS SDK for PHP and basic S3 operations with sample code
2
Hosting a Static Website on Amazon S3 Bucket
Hosting a Static Website on Amazon S3 Bucket
Introduction
How to configure a static website on Amazon S3 bucket
How to configure S3 server access logging
How to configure a static website using a custom domain
How to configure a static website on Amazon S3 bucket with AWS CLI
3
Calculating Cost with the AWS Simple Monthly Calculator
Calculating Cost with the AWS Simple Monthly Calculator
Introduction
How to calculate and estimate S3 costs with the AWS calculator
How to annotate S3 billing by adding cost allocation tagging
4
Deploying a Static Website with CloudFormation
Deploying a Static Website with CloudFormation
Introduction
How to deploy a template of a static website with CloudFormation
How to deploy a template with AWS CLI
5
Distributing Your Contents via CloudFront
Distributing Your Contents via CloudFront
Introduction
How to configure a CloudFront distribution on the Amazon S3 bucket
How to measure throughput between S3 and CloudFront
How to compare costs for data transfer between S3 and CloudFront
6
Securing Resources with Bucket Policies and IAM
Securing Resources with Bucket Policies and IAM
Introduction
Walkthrough 1: To grant users bucket permissions
Walkthrough 2: To grant cross-account bucket permissions
Walkthrough 3: To grant cross-account bucket permissions to objects without ownership
Walkthrough 4: Bucket and user policy examples
7
Sending Authenticated Requests with AWS SDKs
Sending Authenticated Requests with AWS SDKs
Introduction
How to make requests using IAM user temporary credentials with AWS SDK
How to make requests using federated user temporary credentials with AWS SDK
8
Protecting Data Using Server-side and Client-side Encryption
Protecting Data Using Server-side and Client-side Encryption
Introduction
How to protect data using server-side encryption
How to protect data using client-side encryption
9
Enabling Cross-origin Resource Sharing
Enabling Cross-origin Resource Sharing
Introduction
Walkthrough 1: Enabling CORS through the S3 console
Walkthrough 2: Enabling CORS with AWS CLI
10
Managing Object Lifecycle to Lower the Cost
Managing Object Lifecycle to Lower the Cost
Introduction
How to apply the lifecycle policy through the S3 console
How to apply the lifecycle policy with AWS CLI
11
S3 Performance Optimization
S3 Performance Optimization
Introduction
How to optimize PUT requests
How to optimize GET requests
12
Creating Triggers and Notifying S3 Events to Lambda
Creating Triggers and Notifying S3 Events to Lambda
Introduction
How to create a sample policy to notify S3 events
How to enable S3 event notification with Lambda
Index
Index

How to protect data using client-side encryption

To protect data using client-side encryption with AWS KMS-managed Customer Master Key (CMK) and client-side master key, you can specify client-side encryption using AWS SDKs. You can choose two options to manage the encryption keys:

When using client-side encryption, AWS SDKs use Amazon S3 encryption client to encrypt data and the data is encrypted before sending to the S3 bucket. Amazon S3 just receives encrypted data and does not encrypt or decrypt the data. Client-side encryption has two options for using encryption keys.

AWS KMS-managed customer master key (CMK)

When using the Amazon S3 encryption client in the AWS SDK, the client calls AWS KMS to verify that the user is allowed to use the customer master key. If so, KMS returns two versions of the data encryption key; a plaintext data key and a cipher blob of the data key encrypted with the customer master key. The encryption client later encrypts the data using the plaintext key and removes...

Previous Section
End of Chapter 8
Next Chapter