AWS - Simple Storage Service (S3)

  December 09, 2018 Editor   No comments

  • Remember that S3 is Object-based: i.e. allows you to upload files.
  • Files can be from 0 bytes to 5TB.
  • There is unlimited storage
  • Files are stored in buckets.
  • S3 is a universal namespace. That is, names must be unique globally.
  • Valid URL: https://s3-<region-name>.amazonaws.com/<bucket-name>
  • For website buckets: https//<bucket-name>.s3-website-<region-name>.amazonaws.com
  • Read after write consistency for PUTS of new Objects.
  • Eventual consistency for overwrite PUTS and DELETES (Can take some time to propagate across multiple AZs)
  • S3 Storage Classes/Tiers:
    • S3 - Standard (durable, immediately available, frequently accessed): 99.99% availability, 99.999999999% (11-nines) durability, stored redundantly acroos multiple devices in multiple facilities, and is designed to sustain loss of 2 facilities concurrently.
    • S3 - IA  (Infrequently Accessed) (durable, immediately available, infrequently accessed): For data that is accessed less frequently, but requires rapid access when needed. Lower fee than S3 but you are charged a retrieval fee.
    • S3 One Zone - IA (even cheaper than IA, but only in one availability zone): want a lower cost option for infrequently accessed data, but do not require multiple AZ data resilience.
    • Glacier - Archived data, where you can wait 3-5 hours before accessing. Very cheap but used for archival only. Expedited, Standard or bulk. A standard retrieval time takes 3-5 hours.
  • Remember to core fundamentals of an S3 object:
    • Key (name)
    • Value (data)
    • Version ID
    • Metadata
    • Subresources
      • ACL - Access control list
      • Torrent
  • Object-based storage only (for files)
  • Not suitable to install an operating system or applications.
  • Buckets are a Universal Name Space.
  • Upload an object to S3 bucket receives a 200 HTTP status code.
  • You can upload files to S3 much faster by enabling multi-part upload.
  • S3, S3-IA, S3 Reduced redundancy storage.
  • Encryption:
    • Client Side Encryption
    • Server Side Encryption
      • SSE-S3: With Amazon S3 managed keys
      • SSE-KMS: Using Amazon KMS
      • SSE-C: Using customer provided keys.
  • Control access to buckets using using bucket ACL or policies.
  • By default buckets are private and all objects stored in them are private.



0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)