The Secure Asset "Dead Drop": Zero-Trust File Sharing
In business environments, sharing sensitive files (like proprietary 3D models or financial documents) via email attachments is a major security risk. This project is a serverless "Dead Drop"—a zero-trust file transfer system where assets are encrypted at rest and can only be accessed via ephemeral, expiring links.
The Architecture Flow
[ Authorized User ] → (Request Download) → [ API Gateway ]
↑ ↓
(Download File) [ AWS Lambda ]
↑ ↓
[ Amazon S3 (Private) ] ← (Generate Presigned URL) ← [ AWS KMS ]
1. Encryption at Rest (SSE-KMS)
All files uploaded to the S3 bucket are automatically encrypted using Server-Side Encryption with AWS Key Management Service (SSE-KMS). I configured a Customer Managed Key (CMK) so that even if a bad actor gained access to the raw S3 bucket, the data would be cryptographically shredded without the specific IAM permissions to use the key.
2. Ephemeral Access via Presigned URLs
The S3 bucket absolutely blocks all public access. When an authorized user requests a file, API Gateway triggers a Lambda function. The function verifies the user's identity, decrypts the object reference using KMS, and generates an S3 Presigned URL.
3. Strict Time-to-Live (TTL)
The generated Presigned URL is hard-coded with a 15-minute expiration window. Once the 15 minutes have passed, the cryptographic signature becomes invalid, and any attempt to use the link results in an immediate 403 Access Denied error.
Understanding the difference between SSE-S3 (Amazon manages the keys) and SSE-KMS (You manage the keys and auditing) is a critical concept for the SAA-C03 exam regarding data governance.