Tag Archives: deny

AWS: Prevent VPC Modifications

If you have a busy AWS environment accessed by multiple developers, you will have someone modify your some aspect of your core infrastructure inadvertently. In our case, we have our VPC-related infrastructure deployed using Cloudformation and maintained via CF stack … Continue reading

Posted in Amazon Web Services, DevOps | Tagged , , , , , , , , , | Leave a comment

AWS S3 Bucket Policy to Only Allow Encrypted Object Uploads

Amazon S3 supports two types of encryption (server-side-encryption or SSE) for security of data at rest — AES256, and AWS/KMS. AES256 is termed as S3-managed encryption keys [SSE-S3], whereas, KMS is termed, well, SSE-KMS where in the customer manages their … Continue reading

Posted in Amazon Web Services, Tech. | Tagged , , , , , , , , , , , | Leave a comment