Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Simple Storage Service

S3 is an Object-Based Storage. Store data as objects rather then in file systems or data block.

Basics

  • The total number of objects and the number of data is unlimited
  • S3 objects can be from 0 bytes up to 5 terabytes
  • Store files in Buckets (similar to folders)

All AWS accounts share the same namespace and each S3 bucket must be globally unique (https://<bucket-name>.s3.<region>.amazonaws.com/<key-name>).

S3 is a key-value store, and it stores a key, value, version ID and metadata (e.g. content-type, last-modified, team-name, etc..).

Availability

S3 is an highly available (99.95% - 99.99% depending on the S3 tier) and highly durable (11 9's durability) service.

Secure your data

By default every bucket is private (no public access by default). So by default only the owner can read, delete and update files into a bucket.

You can enable server side encryption on the buckets.

You can define Bucket Policies to define which actions a user can take on the buckets.

You can protect the access using Access Control Lists (ACLs) to define which AWS account can access each resource.

Encryption Exams Tips

  • Encryption in Transit: it can use encryption in transit with SSL/TSL or HTTPS
  • Encryption at Rest (server side encryption SSE)
    • SSE-S3: enabled by default, the keys are provided and managed by AWS
    • SSE-KMS: the keys are provided by AWS and managed by you
    • SSE-C: the keys are provided and managed by you
  • Client Side Encryption is when you encrypt the file by yourself before uploading it
  • CORS resource sharing can be allowed to enable a bucket to access resources that are allocated to another S3 bucket

Tiers

S3 Standard

Is a highly available and highly durable storage. Designed for frequent access and suitable for most workloads.

It's stored in at least 3 different Availability Zone.

S3 Standard-Infrequent Access (S3-IA)

Designed for infrequently access data, so data that you may access a few times a month, but not on a daily bases.

Great for long term storage, backups and disaster recovery files.

It provides Rapid Access, you pay to access the data (low per-GB storage price and a per-GB retrieval fee).

It's stored in at least 3 different Availability Zone.

S3 One Zone-Infrequent Access (S3-IA)

Same as the S3-IA but it's available only in one AZ, but costs 20% less then a regular S3-IA.

Glacier and Glacier Deep Archive

There are 2 Glacier Options: Glacier and Glacier Deep Archive.

They are both very cheap and designed for data that needs to be accessed once per year, so good for archiving data.

To access data from the normal one it can take from 1 minute to 12 hours, while for the second has a default retrieval time of 12 hours.

S3 - Intelligent Tiering

Automatically moves you data on the most cost-effective tier based on how often you access the data.