AWS - Configure secure AWS cloud Storage S3 bucket
1. Control ownership of objects written to this bucket from other AWS accounts and the use of access control lists (ACLs), keep the "Object ownership disabled"
.png)
2. Enable "Block Public Access" to prevent buckets to be accessed publicly. Refer below screenshot.
.png)
3. Enable server-side encryption & Client-Side Encryption to encrypt objects at rest. Can be done using AWS Key Management Services keys or S3-managed keys. Refer below screenshot.
.png)
4. Use IAM Roles or IAM policies to define access permissions using roles.
5. Enable logging for S3 buckets using cloud watch to monitor S3 metrics or logging using API's