Menu
We store some sensitive stuff on S3 and on our instance filesystems on AWS. Is there a way to securely wipe it?
319
To close your AWS accountOpen the AWS Management Console at https://console.aws.amazon.com/ . Go to the Account Settings page at https://console.aws.amazon.com/billing/home?#/account . The following two steps will permanently delete all of the data you've stored in all AWS services across all AWS Regions.
If you no longer need to store the file you've uploaded to your Amazon S3 bucket, you can delete it. Within your S3 bucket, select the file that you want to delete, choose Actions, and then choose Delete. In the confirmation message, choose OK.
The safest way to permanently delete files from your hard drive is through a process called “zero fill.” When you zero fill a storage device, you're overwriting your entire drive contents with zeroes so that data on that drive can no longer be recovered by others.
To delete the object, select the object, and choose delete and confirm your choice by typing delete in the text field. On, Amazon S3 will permanently delete the object version. Select the object version that you want to delete, and choose delete and confirm your choice by typing permanently delete in the text field.
The short answer is no, there is no wipe utility. If you delete the file permanently, the file is gone and it cannot be recovered (unless you have snapshots or other items that might keep the file stored). However, there is not a way to wipe the disk. Don't forget, though, that AWS uses server virtualization so that your disk storage does not necessarily correspond to one physical disk platter. Instead, it is a virtual storage system spread over many drives. When your file is deleted, it is gone from public access. Then Amazon designates that area of disk for write-only operations so that your data gets overwritten quickly.
Here is a quote from an Amazon document about their data security:
When an object is deleted from Amazon S3, removal of the mapping from the public name to the object starts immediately, and is generally processed across the distributed system within several seconds. Once the mapping is removed, there is no external access to the deleted object. That storage area is then made available only for write operations and the data is overwritten by newly stored data.
Retrieved from: http://aws.amazon.com/whitepapers/overview-of-security-processes/
94
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
