AWS Services:
Amazon Simple Storage Service (S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases, such as data lakes, websites, mobile applications, backup and restore, archive, enterprise applications. S3 is designed for 99.999999999% (11 9's) of durability, and stores data for millions of applications for companies all around the world.
Description:
Amazon S3 inventory is one of the tools Amazon S3 provides to help manage your storage. You can use it to audit and report on your objects' replication and encryption status for business, compliance, and regulatory needs. You can also simplify and speed up business workflows and big data jobs using Amazon S3 inventory, which provides a scheduled alternative to the Amazon S3 synchronous list API operation.
An inventory list file contains a list of the objects in the source bucket and metadata for each object. The inventory lists are stored in the destination bucket as a CSV file compressed with GZIP, as an Apache optimized row columnar (ORC) file compressed with ZLIB, or as an Apache Parquet file compressed with Snappy.
Affected Service Dependencies:
S3 bucket
Pre-requisites:
Need KMS keys for Encryption
Remediation Plan:
Current Status: (Check whether your s3 bucket has a Replication Rule exist)
Sign in to the AWS Management Console
Go to the Amazon S3 console at https://console.aws.amazon.com/s3/
In the bucket list available click on the bucket name you want to examine
Select the Management tab and click on create Inventory configuration
Implementation Steps:
Sign in to the AWS Management Console
Go to the Amazon S3 console at https://console.aws.amazon.com/s3/
In the bucket list available click on the bucket name you want to create Inventory configuration
Select the Management tab and check is there any inventory configuration exist under the Inventory configurations section
Give the Inventory configuration name
Choose an Inventory scope
Choose the destination Bucket, it may be in the same account or in a different account
Note: The destination bucket needs special permissions to allow Amazon S3 to place data in that bucket. You will get this from the Destination bucket permission section.Choose how often the report will be generated.
Choose an output format based on the number of objects
Choose whether the configuration will be enabled to publish inventory reports
You can enable the encryption to protect your data
Review the details filled and click on the create button
Status after Implementation:
Follow the Current status section steps you can see Inventory Configurations exist for the bucket you choose.
Backout Plan:
Sign in to the AWS Management Console
Go to the Amazon S3 console at https://console.aws.amazon.com/s3/
In the bucket list available click on the bucket name you want to Delete
Select the Management tab and click on create Inventory configuration
Select Inventory configuration you want to delete and click on Delete
References:
Amazon S3 inventory - Amazon Simple Storage Service