This Guidance helps customers create a single aggregation point for either an enterprise or a disparate collection of AWS accounts that host Amazon Simple Storage Service (Amazon S3) object data. Currently, customers cannot view object-level metadata across an entire organization or search for objects across S3 buckets or accounts. This architecture aggregates object PUT, DELETE, and GET calls into a searchable interface, so customers can search based on object tags, accounts, bucket names, and prefixes. With this search functionality, customers can identify which objects are not encrypted, find S3 buckets that have been inactive for a long period, search object tags, and see read requests on an object level.
