When granting permissions, according to AWS (2019d), one has to decide who is getting what Best practice rules for Amazon S3 AWS Simple Storage Service (S3) is a storage device for the Internet. They offer recommendations in 5 categories; one of the crucial features is security. If objects are PUT using a multipart upload, it’s a good practice to GET them in the same part sizes (or at least aligned to part boundaries) for best performance. The SDKs provide a simpler API for taking advantage of Amazon S3 from within an application and are regularly updated to follow the latest best practices. Amazon S3 provides a number of security features to consider as you develop and implement your own security policies. It has a web service that makes storage and retrieval simple at any time, from anywhere on the web, regardless of the amount of data. The following best practices are general guidelines and don’t represent a complete security solution. GET requests can directly address s3-bucket-public-read-prohibited , and s3-bucket-public-write-prohibited managed AWS Config Rules. Since Feb 2018, AWS alerts you when the S3 buckets are made to be publicly accessible. Amazon Web Services Best Practices Design Patterns: Optimizing Amazon S3 Performance Page 3 Typical sizes for byte-range requests are 8 MB or 16 MB. AWS Trusted Advisor is a built-in feature that is used to analyze the AWS resources within your account and recommends the best practices.. Listen to AWS Trusted Advisor. For example, the SDKs include logic to automatically retry requests on HTTP 503 errors and are investing in code to respond and adapt to slow connections. Security Best Practices for Amazon S3.