Amazon S3 data can be encrypted using server-side or client-side encryption, and encryption keys can be managed with Amazon KMS. Versioning and MFA Delete can be used to protect against accidental deletion. Cross-region replication can be used to automatically copy new objects from a source bucket in one region to a target bucket in another region. Server access logs can be enabled on a bucket to track requestor, object, action, and response.
Amazon Glacier can be used as a standalone service or as a storage class in Amazon S3. Amazon Glacier stores data in archives, which are contained in vaults. You can have up to 1, vaults, and each vault can store an unlimited number of archives. Amazon Glacier vaults can be locked for compliance purposes. Exam Essentials Know what amazon s3 is and what it is commonly used for.
Amazon S3 is secure, durable, and highly scalable cloud storage that can be used to store an unlimited amount of data in almost any format using a simple web services interface. Common use cases include backup and archive, content storage and distribution, big data analytics, static website hosting, cloud-native application hosting, and disaster recovery. Understand how object storage differs from block and file storage.
Block storage manages data at the operating system level as numbered addressable blocks using protocols such as SCSI or Fibre Channel. Understand the basics of Amazon S3. Amazon S3 stores data in objects that contain data and metadata. Objects are identified by a user-defined key and are stored in a simple flat folder called a bucket.
Know how to create a bucket; how to upload, download, and delete objects; how to make objects public; and how to open an object URL.
Understand the durability, availability, and data consistency model of Amazon S3. Amazon S3 standard storage is designed for 11 nines durability and four nines availability of objects over a year. Other storage classes differ. Amazon S3 is eventually consistent, but offers read-after-write consistency for PUTs to new objects. Know how to enable static website hosting on Amazon S3. To create a static website on Amazon S3, you must create a bucket with the website hostname, upload your static content and make it public, enable static website hosting on the bucket, and indicate the index and error page objects.
Know how to protect your data on Amazon S3. Enable versioning to keep multiple versions of an object in a bucket. Enable MFA Delete to protect against accidental deletion. Use pre-signed URLs for time-limited download access.
Use cross-region replication to automatically replicate data to another region. Know the use case for each of the Amazon S3 storage classes. Standard is for general purpose data that needs high durability, high performance, and low latency access. Standard- IA is for data that is less frequently accessed, but that needs the same performance and availability when accessed. RRS offers lower durability at lower cost for easily replicated data. Amazon Glacier is for storing rarely accessed archival data at lowest cost, when three- to five- hour retrieval time is acceptable.
Know how to use lifecycle configuration rules. Lifecycle configuration rules define actions to transition objects from one storage class to another based on time. Know how to use Amazon S3 event notifications. Know the basics of amazon glacier as a standalone service.
Data is stored in encrypted archives that can be as large as 40TB. Vaults are containers for archives, and vaults can be locked for compliance.
You will use this bucket in the following exercises. Choose an appropriate region, such as US West Oregon. Navigate to the Amazon S3 console. Notice that the region indicator now says Global. Remember that Amazon S3 buckets form a global namespace, even though each bucket is created in a specific region. Start the create bucket process. When prompted for Bucket Name, use mynewbucket.
Choose a region, such as US West Oregon. Try to create the bucket. You almost surely will get a message that the requested bucket name is not available.
Remember that a bucket name must be unique globally. You should now have a new Amazon S3 bucket. You will then make this object public and view the object in your browser. You will then rename the object and finally delete it from the bucket. Upload an Object 1. Load your new bucket in the Amazon S3 console. Select Upload, then Add Files. Locate a file on your PC that you are okay with uploading to Amazon S3 and making public to the Internet.
We suggest using a non-personal image file for the purposes of this exercise. Select a suitable file, then Start Upload. You will see the status of your file in the Transfers section. After your file is uploaded, the status should change to Done. The file you uploaded is now stored as an Amazon S3 object and should be now listed in the contents of your bucket.
Now open the properties for the object. The properties should include bucket, name, and link. Paste the URL in the address bar of a new browser window or tab. Even though the object has a URL, it is private by default, so it cannot be accessed by a web browser.
Make the Object Public 9. Your public image file should now display in the browser or browser tab. Rename Object In the Amazon S3 console, select Rename.
Rename the object, but keep the same file extension. You should see the same image file. Delete the Object In the Amazon S3 console, select Delete. Select OK when prompted if you want to delete the object. The object has now been deleted. Enable Versioning 1. In the Amazon S3 console, load the properties of your bucket. Enable versioning in the properties and select OK to verify. Your bucket now has versioning enabled. Note that versioning can be suspended, but not turned off. Create Multiple Versions of an Object 3.
Create a text file named foo. Save the text file to a location of your choosing. Upload the text file to your bucket. This will be version 1. After you have uploaded the text file to your bucket, open the copy on your local computer and change the word blue to red. Save the text file with the original filename. Upload the modified file to your bucket. Select Show Versions on the uploaded object. You will now see two different versions of the object with different Version IDs and possibly different sizes.
Delete an Object 1. Open the bucket containing the text file for which you now have two versions. Select Hide Versions. Select Delete, and then select OK to verify. Your object will now be deleted, and you can no longer see the object. Select Show Versions. Both versions of the object now show their version IDs. Restore an Object 6. Open your bucket. Select the oldest version and download the object. Note that the filename is simply foo.
Upload foo. Select Hide Versions, and the file foo. To restore a version, you copy the desired version into the same bucket. In the Amazon S3 console, this requires a download then re-upload of the object. Select your bucket in the Amazon S3 console. Under Properties, add a Lifecycle Rule. Explore the various options to add lifecycle rules to objects in this bucket. It is recommended that you do not implement any of these options, as you may incur additional costs.
After you have finished, click the Cancel button. Most lifecycle rules require some number of days to expire before the transition takes effect. This makes it impractical to create a lifecycle rule and see the actual result in an exercise. In the Properties section, select Enable Website Hosting.
For the index document name, enter index. Use a text editor to create two text files and save them as index. In the index. Make the two objects public. Copy the Endpoint: link under Static Website Hosting and paste it in a browser window or tab.
You should now see the phrase "Hello World" displayed. You should now see the phrase "Error Page" displayed. To clean up, delete all of the objects in your bucket and then delete the bucket itself. Amazon S3 stores data in fixed size blocks. Objects are identified by a numbered address.
Objects can be any size. Objects contain both data and metadata. Objects are stored in buckets. Storing web content B. Storing backups for a relational database D. Primary storage for a database E. Storing logs for analytics 3. All objects have a URL. Amazon S3 can store unlimited amounts of data. Objects are world-readable by default. You must pre-allocate the storage in a bucket. Enable static website hosting on the bucket.
Create a pre-signed URL for an object. Use a lifecycle policy. Use an Amazon S3 bucket policy. Your application stores critical data in Amazon Simple Storage Service Amazon S3 , which must be protected against inadvertent or intentional deletion. How can this data be protected? Use cross-region replication to copy data to another bucket automatically. Set a vault lock. Use a lifecycle policy to migrate data to Amazon Glacier. Enable MFA Delete on the bucket.
Most documents are used actively for only about a month, then much less frequently. However, all data needs to be available within minutes when requested. How can you meet these requirements? Migrate the data to Amazon Glacier after 30 days. Turn on versioning, then migrate the older version to Amazon Glacier. Data is automatically replicated within a region.
To have a record of who accessed your Amazon Simple Storage Service Amazon S3 data and from where, you should do what? You want a backup of your data in case of accidental deletion. You have a set of users or customers who can access the second bucket with lower latency. For compliance reasons, you need to store data in a location at least miles away from the first region. Your data needs at least five nines of durability.
Your company requires that all data sent to external storage be encrypted before being sent. Client-side encryption with customer-managed keys D.
You expect the access to be very read-intensive, with expected request rates of up to GETs per second from many clients. How can you increase the performance and scalability of Amazon S3 in this case? Turn on cross-region replication to ensure that data is served from multiple locations.