Open in app

Sign in

Write

Sign in

AWS Certified Solution Architect — Associate : S3 Bucket

김영석
4 min readJan 13, 2018

Amazone S3 Bucket

What is S3?

S3 is the one of the oldest fundamentals in Amazone Web Services, so it comes a lot not only in architect certification exam but also in others.

Basically the reason behind this is that S3 has been around for very long time, so it’s one of the backbones of AWS.

S3 provides developers and IT teams with secure, durable, highly-scalable object storage. Amazone S3 is easy to use, with a simple web services interface to store and retrieve any amount of data from anywhere on the web.

The Basics

  • S3 is a safe place to store your files.
  • It is Object based storage.

*What does it mean by Object based storage?

Object is simple like a videos or photos or pdf documents

This is simply opposite concept of Block Based Storage.

  • The data is spread across multiple devices and facilities.
  • Files can be from 0 Bytes to 5 TB
  • There is unlimited storage
  • Files are stored in Buckets(sort of folders)
  • S3 is a universla namespace, that is, names must be unique globally
  • DNS address rule: https://s3-eu-west-1.amazoneaws.com/bucketname
  • when you upload a file to S3 you will receive a HTTP 200 code if the upload was successfull
  • 99.99 % availability for the S3 platform
  • Guarantee 99.9% availability
  • 99.999999999% durability for S3 information
  • Tierd Storage Available
  • Lifecycle Management
  • Versioning
  • Encryption
  • Access control lists and Bucket Policies
  • Not suitable to install an OS on

Data Consistency Model For S3

reader after Write consistency for PUTS of new Objects

Eventual Consistency for overwrite PUTS and DELETS(can take some time to propagate)

Simple Key, Value Store

  • S3 Objects consist of the following:
  • Key(the name of the object)
  • Value(the data and a sequence of bytes)
  • Version ID ( used for versioning)
  • Metadata ( data about the data you are storing)
  • Subresources — Access Control Lists, Torrent

Storage Tiers/Classes

  • S3 : 99.99% availability, 99.999999999% durability, stored redundantly across multiple devices in muliple facilities and is designed to sustain the loss of 2 facilities concurrently.
  • S3 IA(Infrequently Accessed) : For data that is accessed less frequently, but requires rapid access when needed. Lower fee than S3, but you are charged a retrieval fee.
  • Reduced Redundancy Storage : Designed to provide 99.99% durability and 99.99% availability of objects over a given year.
  • Glacier : very cheap, but used for archival only. It takes 3 to 5 hours to restore from Glacier.
Storage Tiers Comparisons

What is Glacier?

Glacier is an extremely low-cost storage service for data archival. Amazone Glacier stores data for as little as $0.01 per gigabyte per month, and is optimized for data that is infrequenctly accessed and for which retrieval times of 3 to 5 hours are suitable.

Charges?

you are going to be charged for

  • Storage
  • Requests
  • Storage Managment Pricing
  • Data Transfer Pricing
  • Transfer Acceleration : enables fast, easy, and secure transfers of files over long distances between your end users and and S3 bucket. Transfer Acceleration takes advantage of Amazone CloudFront’s globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazone S3 over an optimized network path.

When creating a bucket

  • Buckets are a universal name space
  • Encription provided : Client side, Server side
  • Control access by ACL or Bucket Policies
  • By Default, buckets are private and all objects stored inside them are private.

Versioning

  • Stores all verions of an object(including all writes and even if you delete an object)
  • Greate backup tool
  • Once enabled, Versioning cannot be disabled, only suspended.
  • Integrates with lifecycle rules
  • Versioning’s MFA Delete capability which uses multifactor authentication, can be used to provide an addional layer of security.

Cross Region Replication

  • Versioning must be enabled on both the source and destination buckets
  • Regions must be unique
  • Files in a existing bucket are not replicated automatically. All subsequent updated files will be replicated automatically
  • You cannot replicated to multiple buckets or use daisy chanining
  • Delete markers are replicated
  • Deleting individual versions or delete markers will not be replicated

Lifecycle Management

  • can be used in conjunction with versioning
  • can be applied to current versions and previous versions
  • Following actions can be done :
  1. Transition to the Standard Infrequent Access Storage Class ( 30days after the creation date)
  2. Archive to the Glacier Storage Class (30 days after the IA)
  3. Permanently Delete

Security & Encryption

In Transit : SSL/TLS

At Rest :

  1. Serverside Encryption

1) S3 Managed Keys — SSE-S3

2) AWS Key Management Service, Managed Keys — SSE-KMS

3) Serverside Encryption With CustomerProvided Keys — SSE-C

2. ClientSide Encryption

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

AWS
Solution Architect
S3
Exam
Certification

김영석
김영석

Written by 김영석

251 Followers
281 Following

I love problem solving and hate repetition of tedious tasks. I like automating, streamlining, optimizing, things.

No responses yet

Write a response

What are your thoughts?

More from 김영석

See all from 김영석

Recommended from Medium

Lists

Robot hand touching human hand

Natural Language Processing

1977 stories1620 saves
See more recommendations

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams