Subido por bolo_rubio

AWS SWIPO S3 Transparency Statement

Anuncio
51
HOW TO OPEN THIS ARTIFACT
d8
1
Please scroll through to next page to view the artifact downloaded. To access any supporting
attachments, click the paperclip icon in the left of this document and double click the file
you would like to open.
o
If you do not see a paperclip icon, right click and select “Show Navigation Pane Buttons”.
o
Use latest version of Adobe Acrobat Reader (Windows | Mac | Additional guidance)
a4
•
50
TERMS AND CONDITIONS
f-0
01
You hereby agree that you will not distribute, display, or otherwise make this document available to an
individual or entity, unless expressly permitted herein. This document is AWS Confidential Information
(as defined in the AWS Customer Agreement), and you may not remove these terms and conditions
from this document, nor take excerpts of this document, without Amazon’s express written consent.
You may not use this document for purposes competitive with Amazon.
e5
67
61
d7
-7
2c
1-
48
ba
-b
c2
You further (i) acknowledge and agree that you do not acquire any rights against Amazon’s Service
Auditors in connection with your receipt or use of this document, and (ii) release Amazon’s Service
Auditor from any and all claims or causes of action that you have now or in the future against Amazon’s
Service Auditor arising from this document. The foregoing sentence is meant for the benefit of Amazon’s
Service Auditors, who are entitled to enforce it. “Service Auditor” means the party that created this
document for Amazon or assisted Amazon with creating this document.
Amazon Web Services
d8
1
SWIPO Code of Conduct for Data Portability and Cloud Service Switching for IaaS Cloud Services
51
AMAZON CONFIDENTIAL
CSP Transparency Statement for Amazon Simple Storage Service (Amazon S3)
a4
Version 1.0
50
Date: 10 May 2021
f-0
01
This Transparency Statement is designed to assist AWS customers in anticipating their switching and
porting needs for Amazon Simple Storage Service (“S3”) and in conformance with applicable SWIPO
Code of Conduct for Data Portability and Cloud Service Switching for Iaas Cloud Services requirements.
References to defined SWIPO terms contained herein are used exactly as they appear in the SWIPO
Common Terminology (Version 2020, Date: 08-07-2020).
c2
At AWS, customers (“Cloud Service Customers” or “CSCs”) have full control over the switching and
porting process for S3, and as a result, have significant flexibility to adopt a plan best-suited for their
needs. Under the Shared Responsibility Model, Amazon S3 relies on receiving a CSC’s instructions before
acting on a CSC’s Infrastructure Artefacts.
Porting to and from S3
ba
1.1
-b
1. Procedural Requirements (PR01, PR02, PR03, PR06, PR07, SCR01, SCR02, FR01, FR02)
48
S3 has publicly available documentation that provides CSCs with in-depth information on the
features/configuration settings available to port Infrastructure Artefacts to and from S3. For a full list of
supported features, please see:
S3 User Guide:
https://docs.aws.amazon.com/AmazonS3/latest/dev/Introduction.html#overview
2c
1-
•
For documentation on specific switching and porting functionality, please see:
•
•
•
Downloading: https://docs.aws.amazon.com/AmazonS3/latest/user-guide/downloadobjects.html
Uploading: https://docs.aws.amazon.com/AmazonS3/latest/user-guide/upload-objects.html
API-based object retrieval:
https://docs.aws.amazon.com/AmazonS3/latest/dev/GettingObjectsUsingAPIs.html
Deleting: https://docs.aws.amazon.com/AmazonS3/latest/gsg/DeletingAnObjectandBucket.html
61
d7
-7
•
The documentation also provides information about mechanisms that can be used by the CSC to secure
the Infrastructure Artefacts both during transfer and at rest when using S3:
https://docs.aws.amazon.com/AmazonS3/latest/dev/security.html
e5
67

CSCs can also leverage S3’s API commands to download configuration and policy information pertaining
to their S3 assets. For more information about GET API, please see:
Page 1 of 4
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/index.html#cliaws-s3api
For additional porting considerations related to buckets and metadata, please see:
https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html
https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
a4


d8
1

51
AMAZON CONFIDENTIAL

50
S3 provides CSCs with the ability to configure storage classes based on their needs. For more
information, please see:
https://aws.amazon.com/s3/storage-classes/
https://aws.amazon.com/cloud-migration/
https://aws.amazon.com/cloud-migration/how-to-migrate/
f-0
•
•
01
AWS also offers other cloud migration solutions both online and offline that CSCs can leverage to port
their assets over from S3. For information on cloud migration options available, please see:
Charges Associated with Porting (PR04)
-b
1.2
c2
For details on the terms covering use of S3 (including intellectual property rights), please refer to the
AWS Customer Agreement located at: https://aws.amazon.com/agreement/.
ba
For a description of charges and terms associated with porting, please refer to AWS service-specific
pricing (e.g., for data transfer out), for example on our publicly available S3 pricing pages at:
https://aws.amazon.com/s3/pricing/
48
•
2c
1-
2. Portability Requirements (DP01, DP03, DP07, DP09, SCR01, SCR02)
61
d7
-7
Amazon S3 service is an object storage service that supports APIs that allow a CSC to handle CSC-tocloud-service and cloud-service-to-CSC use cases by uploading/downloading Infrastructure Artefacts
through secure connection channels. S3 provides public documentation that provides CSCs in-depth
information on the features/configuration settings available in the service for these purposes.
The S3 supports many connectivity options that a CSC can leverage to secure the channel for
communication. These are detailed in the service documentation. Additionally, S3 provides CSCs with
the ability to perform client-side encryption before uploading Infrastructure Artefacts to the cloud. CSCs
can leverage the publicly available documentation links below to learn more about the networking and
client-side encryption offered by S3. For details, please see:
https://docs.aws.amazon.com/AmazonS3/latest/dev/inter-network-traffic-privacy.html
https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html
e5
67


Page 2 of 4
51
AMAZON CONFIDENTIAL
d8
1
CSCs looking to transfer their Infrastructure Artefacts from one cloud service to another can download,
make transformations on the data as needed, and move Infrastructure Artefacts to the destination CSP
or download Infrastructure Artefacts from the source CSP, make transformations on the data as needed,
and upload to AWS. To facilitate porting, S3 CLI/APIs support input/outputs in both JSON and YAML
formats.
50
a4
S3 supports the REST API, and it is recommended that CSCs use either the REST API or the AWS SDKs. S3
is designed to be highly flexible. CSCs can store any type and amount of data they want; read the same
piece of data a million times or use the service only for emergency disaster recovery; build a simple FTP
application, or a sophisticated web application.
The functionality described above is supported by a set of clear documentation. For details, please see:
01
S3 Documentation: https://docs.aws.amazon.com/AmazonS3/latest/dev/index.html
S3 API Guide: https://docs.aws.amazon.com/AmazonS3/latest/API/Welcome.html
S3 Features: https://aws.amazon.com/s3/features/
SOAP API information: https://docs.aws.amazon.com/AmazonS3/latest/API/APISoap.html
f-0




c2
3. Planning Requirements (PLR01, PLR02, PLR03, PLR04, PLR05)

ba
-b
S3 has publicly available documentation (see links above) to help CSCs understand the capabilities of the
user, administrator, and business functions related to the service. With regard to interoperability, S3
supports multiple connection mechanisms that CSCs can leverage to connect to the service. For details,
please see:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/inter-network-traffic-privacy.html
https://docs.aws.amazon.com/AmazonS3/latest/dev/security-best-practices.html
https://docs.aws.amazon.com/AmazonS3/latest/dev/optimizing-performance.html
61
d7
-7


2c
1-
48
Under the Shared Responsibility Model, security and compliance responsibilities are divided between
AWS and the CSC. S3 has change management controls place and has regular testing and deployments,
to ensure that the APIs, console, and service features are operating effectively. The CSC has the
responsibility to implement necessary tests to ensure successful connectivity and porting of
Infrastructure Artefacts to/from S3. CSCs are responsible for managing their S3 Infrastructure Artefacts
in accordance with published best practices:
CSCs can also use information contained in the links below to validate the integrity and completeness of
their Infrastructure Artefacts stored/retrieved when using S3:


https://aws.amazon.com/premiumsupport/knowledge-center/data-integrity-s3/
https://docs.aws.amazon.com/cli/latest/topic/s3-faq.html
e5
67
CSCs can leverage the performance tuning guidance provided in the link above to manage effectively
their performance needs when using S3. The above link also describes other AWS services and S3
features that can be used by CSCs seeking faster transfer rates.
Page 3 of 4
51
AMAZON CONFIDENTIAL
d8
1
Finally, AWS offers other cloud migration solutions both online and offline (see links above) that can
handle larger volume of data. CSCs can evaluate and use these solutions based on the applicability to its
requirements.
4. Transparency Requirements (TR01, TR02, TR03, TR04, TR05, TR06)
https://aws.amazon.com/about-aws/whats-new/
https://aws.amazon.com/about-aws/whats-new/storage/?whats-new-content.sortby=item.additionalFields.postDateTime&whats-new-content.sort-order=desc
01
•
•
50
a4
AWS understands the importance of transparency in helping customers anticipate their switching and
porting needs and offers publically available information about new service-specific features along with
changes to existing features. For details, please see:
https://aws.amazon.com/blogs/aws/amazon_rss_feed/
e5
67
61
d7
-7
2c
1-
48
ba
-b
c2
•
f-0
CSCs can also elect to receive push notifications of news and changes by signing up for the Amazon RSS
Feed:
Page 4 of 4
Descargar