aws-s3
Configure S3 buckets, policies, and lifecycle rules. Implement versioning, replication, and security. Use when managing object storage on AWS.
Install
npx skillscat add bagelhole/devops-security-agent-skills/aws-s3 Install via the SkillsCat registry.
SKILL.md
AWS S3
Manage object storage with Amazon S3.
Create Bucket
aws s3api create-bucket \
--bucket my-bucket \
--region us-east-1
# Enable versioning
aws s3api put-bucket-versioning \
--bucket my-bucket \
--versioning-configuration Status=Enabled
# Block public access
aws s3api put-public-access-block \
--bucket my-bucket \
--public-access-block-configuration '{
"BlockPublicAcls": true,
"IgnorePublicAcls": true,
"BlockPublicPolicy": true,
"RestrictPublicBuckets": true
}'Bucket Policy
{
"Version": "2012-10-17",
"Statement": [{
"Sid": "EnforceHTTPS",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::my-bucket",
"arn:aws:s3:::my-bucket/*"
],
"Condition": {
"Bool": {"aws:SecureTransport": "false"}
}
}]
}Lifecycle Rules
aws s3api put-bucket-lifecycle-configuration \
--bucket my-bucket \
--lifecycle-configuration '{
"Rules": [{
"ID": "Archive old objects",
"Status": "Enabled",
"Filter": {"Prefix": "logs/"},
"Transitions": [{
"Days": 30,
"StorageClass": "GLACIER"
}],
"Expiration": {"Days": 365}
}]
}'Best Practices
- Enable versioning
- Block public access
- Use encryption (SSE-S3 or SSE-KMS)
- Implement lifecycle policies
- Enable access logging
Related Skills
- terraform-aws - IaC deployment
- aws-iam - Access policies
Install
npx skillscat add bagelhole/devops-security-agent-skills/aws-s3 Install via the SkillsCat registry.