-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathGlacier
48 lines (33 loc) · 1.02 KB
/
Glacier
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#################################
# By Ksanchez #
# Security+ | MGP | Ps. Auditor #
# @ksanchez_cld (Twitter) #
#################################
Amazon Glacier
- Amazon Glacier is low-cost storage service that is typically used for:
- archiving and backups.
- Files are archived in vaults.
- Vaults are stored in regions.
- Data at Rest are encypted using AES-256.
- Data in Transit are encrypted using SSL end-points.
- The retrieval time for data on Glacier is up to several hours.
- Archiving Solution.
- Lowest cost AWS object storage class.
- 99.99999999% of durability across 3 AZs.
- 3 retrieval options:
- Expedited (1-5 minutes).
- Standard (3-5 hours).
- Bulk (5-12 hours).
[AMAZON GLACIER VAULT LOCK]
- Create lock policies.
- Write Once, Read Many (WORM).
- Deny deletes.
- Contents cannot be modified once locked with a vault policy.
- VAULT ACCESS POLICY = ACCESS.
- VAULT LOCK POLICY = CONTENT.
- Amazon Glacier supports:
- PCI-DSS.
- HIPPA.
- ITAR.
- SOC3.
- ISO 27001.