AWS Simple Storage Service (S3) - Quick Notes


Bhaskar S 05/20/2017


Introduction

AWS Simple Storage Service, also referred to as S3, is the storage for the cloud. One can store and retrieve an unlimited amount of data.

The following is the summary of the various features/capabilities of S3:

Objects stored in a S3 bucket consist of:

Storage Classes

S3 offers different storage classes (or tiers) as follows:

S3 (Standard)

S3-IA (Infrequent Access)

S3-RRS (Reduced Redundancy Service)

Glacier

Access Control

There are four methods of controlling access to S3 buckets and objects - identity and access management (IAM) policies, bucket policies, access control lists (ACLs), and query string authentication.

The following are some of the notable points about access control:

Versioning

Enabling versioning on a bucket allows one to preserve, retrieve, and restore every version of any object stored in the same bucket.

The following are some of the notable points about versioning:

Lifecycle Management

Enables one to specify the lifecycle management of object(s) in a bucket. Data objects have a natural lifecycle - starting from frequently accessed (hot), to less frequently accessed (warm), and finally to archive or backup (cold).

The following are some of the notable points about lifecycle management:

Data Encryption

Enables one to encrypt object(s) stored in a bucket (data at rest). There are four ways of encrypting an object stored in a bucket - three methods using Server-side Encryption SSE-S3, SSE-KMS, SSE-C, and one method using Client-side Encryption.

The following are some of the notable points about data encryption:

SSE-S3

SSE-KMS

SSE-C

Client Side Encryption

Cross Region Replication

Enables one to automatically replicate every object updated in a source bucket in one AWS region to a target bucket in another AWS region.

The following are some of the notable points about cross region replication:

References

Official AWS S3 Documentation

Official AWS S3 FAQs