This integration provides customers with data access control and security across storage and compute platforms using Amazon S3 Access Grants, a Amazon S3 access control feature that enables customers to manage data permissions at scale for user identities managed by corporate directories. Amazon S3 is an object storage service from AWS that offers durability, scalability, availability, and security, enabling data and security teams to unlock even more value from their Amazon S3 data, reduce costs, and increase efficiency.
It stores more than 350 trillion objects with over 100 million requests per second to process a multitude of workloads including AI and data analytics. Organizations need a simple, scalable, centralized solution that consistently enforces access control and protects data across data stacks, while maintaining compliance with internal and external regulations. With Immuta’s Data Security Platform and Amazon S3’s Access Grants feature, users can centralize access control management, and leverage attribute-based access controls (ABAC) to grant permissions for objects in Amazon S3 storage. The firm builds on Amazon S3 controls, increasing efficiencies with fewer policies and lower manual effort, reducing operational costs and opening up new revenue streams. The Amazon S3 integration also helps US government agencies protect sensitive data hosted in the AWS GovCloud (US) regions.
“The amount of data Amazon S3 can store and retrieve is truly impressive. So is the number of platforms that manage and analyze data from Amazon S3 every day – from Databricks and Snowflake, to Amazon Redshift and Amazon EMR. Because of this, Amazon S3 access control is paramount due to the sheer amount of data that moves through the service,” said Steve Touw, CTO, Immuta. “Immuta helps simplify data access and security for data stored in Amazon S3 so users can more safely leverage that data for their analytics and AI initiatives. This, paired with Immuta’s ‘write once, apply everywhere’ policy approach, helps customers democratize and increase data usage while still adhering to global regulations.”
Click to enlarge
As part of integration, joint customers have access to following key features:
- Plain-language policy builder reduces the need to manually code AWS Identity and Access Management (IAM) policies and Amazon S3 access controls.
- Scalable attribute-based access control supports more use cases and users, and includes a metadata-driven approach to policy logic management to further boost efficiency.
- Consistent access controls and policies across expanding data stacks includes support for Amazon S3, Amazon Redshift, Snowflake, Databricks, and Starburst (Trino).
- Access to Apache Spark for Amazon EMR, and other AWS services through Amazon S3 Access Grants provides scalable, attribute-based access control for file reads and table access in Spark jobs.
“By leveraging this new release from Immuta that integrates with Amazon S3 Access Grants, we envision a single control plane for Booking.com data owners and governors to manage access at scale for all Amazon S3 resources ingested into our data lake (both structured and unstructured),” said Luca Falsina, principal software engineer, Booking.com. “Moreover, as this integration is based on a new Amazon S3 native access control capability, it gives us confidence that controls will be enforced consistently, no matter which technology data consumers will choose to access the data.“
Blog: How Immuta’s Native Integration Supports Amazon S3 Security
It enables organizations to unlock value from their cloud data by protecting it and providing secure access. Its Data Security platform provides sensitive data discovery, security and access control, data activity monitoring, and has deep integrations with the leading cloud data platforms. The company is now trusted by Fortune 500 companies and government agencies around the world to secure their data. Founded in 2015, the company is headquartered in Boston, MA.