Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

RefItemLabelsProposalsDetails

User 2FA

security

MFA





filtering

S3 Object Lambda attached to S3 Object Lambda Access Point

For redacted or enriched views of base S3 object



Lambda code signingsecurity


Lambda API / User tracking

security

traceability

CloudTrail logs

Lambda VPC private subnet placementsecurityNATGW or VPC endpoint is required - note Cloudwatch is a public service

Long term storage

access

compliance

durability

finops

redundancy

retention

S3 Intelligent-Tiering
4 levels to S3 Glacier Deep Archive








compliance

standards

Macie for Personally Identifiable Information (PII) via ML in S3 buckets for HIPAA, GDPR

Encryption at rest

encryption

security

DynamoDB

RDS

EBS encryption via KMS 

Lambda environment variable encryption at rest








Encryption in transit



cloud always-free tier minimum cost - maximum coverage

Cloud#PublicCloudFreeTier