๐ชฃ AWS S3 - Basics
Amazon S3 (Simple Storage Service) is a highly scalable, durable, and secure object storage service provided by AWS. You can store and retrieve any amount of data, from anywhere, at any time.
- 99.999999999% (11 9โs) durability
- Scales automatically to petabytes
- Accessible via web interface, SDKs, or APIs
๐ผ Use Cases
| Use Case | Description |
|---|---|
| ๐ Static Website Hosting | Host static HTML/CSS/JS websites |
| ๐ Backup and Archiving | Long-term storage of data and snapshots |
| ๐ Big Data & Analytics | Store data lakes for processing |
| ๐ธ Media Hosting | Image, video, and document storage |
| ๐ Software Distribution | Deliver apps or files to users |
| ๐งช Machine Learning Training | Store datasets used by ML models |
๐ชฃย Buckets in S3
A bucket is a top-level container for storing objects (files).
- Each bucket has a globally unique name
- You define the region of the bucket
- Permissions, policies, and lifecycle rules are set at the bucket level
๐ Example: certifikation-assets
๐ฆ Objects in S3
- An object is a file and its metadata.
- Stored inside a bucket
- Identified by a unique key (like a file path)
- Can include any file type: PDF, JPG, ZIP, etc.
๐งฉ Structure: Bucket โ Object Key โ Data + Metadata
๐ Security in S3
| Security Feature | Description |
|---|---|
| IAM Policies | Control access via users/roles |
| Bucket Policies | Define who can do what at the bucket level |
| ACLs (Access Control Lists) | Legacy way to set permissions (less used) |
| S3 Block Public Access | Global setting to prevent public exposure |
| Server-side Encryption (SSE) | Encrypt data using AWS-managed keys or KMS |
๐ย Bucket Policies
- Written in JSON
- Define allow/deny rules for access
- Example: Allow public read, deny delete, allow only a specific IP range
๐ Example policy:
๐ Static Website Hosting
S3 can host static websites:
- Upload
.html,.css,.jsfiles - Enable "Static Website Hosting" in bucket properties
- Set an index document and optionally an error page
- URL:
http://your-bucket.s3-website-<region>.amazonaws.com
โ ๏ธ Requires bucket policy to allow public read access
๐ Versioning
- Allows multiple versions of the same object
- Helps recover from accidental deletes or overwrites
- Can be enabled per bucket
- Each version gets a unique
versionId
๐งฌ Example: resume.pdf has version v1, v2, v3...
๐ Replication
Enables automatic copying of objects between buckets
| Type | Description |
|---|---|
| CRR (Cross-Region) | Copy to a bucket in another AWS region |
| SRR (Same-Region) | Copy to a different bucket in same region |
ย
Used for:
- Disaster recovery
- Compliance
- Data localization
๐ง Storage Classes
| Class | Use Case | Cost |
|---|---|---|
| S3 Standard | Frequently accessed data | ๐ฐ๐ฐ๐ฐ |
| S3 Intelligent-Tiering | Auto-moves data based on usage | ๐ฐ๐ฐ |
| S3 Standard-IA | Infrequent access, quick retrieval | ๐ฐ |
| S3 One Zone-IA | Infrequent access, one AZ | ๐ฐ |
| S3 Glacier | Archival, retrieval in minutes/hours | ๐ต |
| S3 Glacier Deep Archive | Long-term backup, slowest access | ๐ช |
| S3 Reduced Redundancy (deprecated) | Was used for non-critical data |
โ Summary
| Feature | Purpose |
|---|---|
| Buckets | Top-level containers for objects |
| Objects | Files with metadata |
| Security | IAM, policies, ACLs, encryption |
| Website Hosting | Host static sites directly from S3 |
| Versioning | Preserve all object versions |
| Replication | Automatic cross-bucket data copying |
| Storage Classes | Cost-optimized data storage tiers |