1. Home
  2. Training Library
  3. Storage (SAP-C02)

Server-Side Encryption with S3 Managed Keys (SSE-S3)

Contents

keyboard_tab
Course Introduction
1
Introduction
PREVIEW2m 16s
AWS Storage
2
Introduction to Amazon EFS
Amazon EC2
36
Amazon Elastic Block Store (EBS)
Optimizing Storage
40
41
AWS Backup
PREVIEW3m 50s
AWS Storage Gateway
Performance Factors Across AWS Storage Services
49

The course is part of this learning path

Server-Side Encryption with S3 Managed Keys (SSE-S3)
Overview
Difficulty
Intermediate
Duration
4h 13m
Students
41
Ratings
5/5
starstarstarstarstar
Description

This section of the AWS Certified Solutions Architect - Professional learning path introduces you to the core storage concepts and services relevant to the SAP-C02 exam. We start with an introduction to AWS storage services, understand the options available, and learn how to select and apply AWS storage services to meet specific requirements. 

Want more? Try a Lab Playground or do a Lab Challenge

Learning Objectives

  • Obtain an in-depth understanding of Amazon S3 - Simple Storage Service
  • Learn how to improve your security posture in S3
  • Get both a theoretical and practical understanding of EFS
  • Learn how to create an EFS file system, manage EFS security, and import data in EFS
  • Learn about EC2 storage and Elastic Block Store
  • Learn about the different performance factors associated with AWS storage services
Transcript

Server-Side Encryption with S3 Managed Keys, SSE-S3. The encryption process is as follows. Firstly, a client uploads Object Data to S3. S3 then takes this Object Data and encrypts it with an S3 Plaintext Data Key. This creates an encrypted version of the Object Data, which is then saved and stored on S3. Next, the S3 Plaintext Data Key is encrypted with an S3 Master Key. Which creates an encrypted S3 Data Key. This encrypted Data Key is then also stored on S3 and the Plaintext Data Key is removed from memory. The decryption process is as follows. A request is made by the client to S3 to retrieve the Object Data. S3 takes the associated encrypted S3 Data Key off the Object Data and decrypts it with the S3 Master Key. The S3 Plaintext Data Key is then used to decrypt the object data. This object data is then sent back to the client.

About the Author
Students
26715
Courses
21
Learning Paths
11

Danny has over 20 years of IT experience as a software developer, cloud engineer, and technical trainer. After attending a conference on cloud computing in 2009, he knew he wanted to build his career around what was still a very new, emerging technology at the time — and share this transformational knowledge with others. He has spoken to IT professional audiences at local, regional, and national user groups and conferences. He has delivered in-person classroom and virtual training, interactive webinars, and authored video training courses covering many different technologies, including Amazon Web Services. He currently has six active AWS certifications, including certifications at the Professional and Specialty level.