Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Patterns in S3 Data Access: Protecting and Enhancing Access to Cloud Data Stores

fwd:cloudsec via YouTube

Overview

Learn advanced techniques for managing access to large-scale heterogeneous data sets in cloud storage through this 44-minute conference talk from fwd:cloudsec. Explore dynamic control plane implementation for flexible and auditable data access, focusing on AWS S3 and Google Cloud Storage. Discover just-in-time access provisioning methods, request signing mechanisms, and solutions for scenarios where traditional AWS IAM tools prove insufficient. Delve into topics including signed URLs, capability-based security, AWS request signing for non-AWS users, photo sharing applications, data lakes, permission boundaries, STS assume role configurations, proxy implementations, and object Lambda functions. Master practical approaches to reshaping data access patterns while maintaining least privilege principles and addressing common challenges like network latency and multipart requests.

Syllabus

Introduction
Agenda
Becky Weiss talk
Signed URLs
Capabilitybased security
Reenactment
The Big Idea
AWS Request Signing
NonAWS Users
Photo Sharing App
Photo Sharing Service
Complex Data
Data Lakes
Reshaping Data
Common Solutions
Permission Boundaries
Complexity
Limitations
Permissions
Proxy
STS Assume Role
STS Rate Limit
The Last Solution
Sign Requests
AWS Click
Can I change responses
List calls
Object Lambda
Why
Proxy recall
Multipart requests
Running as a Lambda
Network latency
Data Geekery
Questions

Taught by

fwd:cloudsec

Reviews

Start your review of Patterns in S3 Data Access: Protecting and Enhancing Access to Cloud Data Stores

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.