Amazon S3 bucket policies are used to secure access to objects within an S3 bucket. These bucket policies are put in place to only allow bucket access to users with appropriate permissions. As a project or team grows, these policies may require updates to the permissions, which means updating the S3 bucket policy.
Versioning allows teams to maintain a history of changes made to S3 bucket policies, with the added benefit of being able to restore previous policy versions if the need arises.
In this lab, you will create a backup and restore solution for Amazon S3 bucket policies. You will build a serverless architecture that utilizes Amazon EventBridge, Amazon DynamoDB, and AWS Lambda to register and restore S3 bucket policies whenever a new version is created.
Learning objectives
Upon completion of this beginner-level lab, you will be able to:
- Create an Amazon EventBridge rule to target an Amazon S3 management event
- Define an AWS Lambda function that registers S3 bucket policies in DynamoDB
- Define an AWS Lambda function that restores S3 bucket policy versions from DynamoDB
Intended audiences
- Candidates for AWS Certified Developer - Associate Certification
- Cloud Architects
- Software Engineers
Prerequisites
Familiarity with the following will be beneficial but is not required:
- Amazon EventBridge
- Amazon Simple Storage Service (S3)
- AWS Lambda
- Amazon DynamoDB
The following content can be used to fulfill the prerequisites:
Jun is a Cloud Labs Developer with previous experience as a Software Engineer and Cloud Developer. He holds the AWS Certified Solutions Architect and DevOps Engineer Professional certifications. He also holds the AWS Certified Solutions Architect, Developer, and SysOps Administrator Associate certifications.
Jun is focused on giving back to the growing cloud community by sharing his knowledge and experience with students and creating engaging content.