• S3 server access logs at scale - Nurdan Almazbekov, Infrastructure Security - Sep 26, 2025 Introduction Yelp heavily relies on Amazon S3 (Simple Storage Service) to store a wide variety of data, from images, logs, database backups, and more. • Since data is stored on the cloud, we need to carefully manage how this data is accessed, secured, and eventually deletedâboth to control costs and uphold high standards of security and compliance. • One of the core challenges in managing S3 buckets is gaining visibility into who is accessing your data (known as S3 objects), how frequently, and for what purpose. • Without robust logging, itâs difficult to troubleshoot access issues, respond to security incidents, and ensure we are retaining only data that is actually necessary. • This is a challenge faced by many companies using S3. • Historically, enabling S3 server access logging (SAL) wasnât straightforward.
Article Summaries:
- Yelp has implemented comprehensive S3 server access logging (SAL) across its Amazon S3 buckets to improve visibility, security, and cost control. Historically, enabling SAL was costly and complex, with limited support for date‑partitioning until November 2023. By directing raw logs to a dedicated S3 bucket and leveraging new AWS features, Yelp now captures object‑level access events, enabling troubleshooting of permission issues, identification of unused data for cleanup, and assurance of compliance with third‑party audits. The team reports minimal log loss (<0.001 %) and has learned best practices for storing, querying, and managing large‑scale access logs, enhancing overall data security posture.
Sources: