-
S3 is Object based i.e. allows you to upload flat files.
-
Files can be from 0 Bytes to 5TB.
-
Unlimited storage.
-
S3 is universal namespace (must be unique globally).
-
Read after Write consistency for PUTs of new objects.
-
Eventual Consistency for overwrite PUTs and DELETEs.
-
S3 - Securing
- By default, they are PRIVATE
- Access control can be changed through Bucket Policies or Access Control List
- S3 buckets can be configured to create access logs (log all requests made to S3 bucket, can be done to another bucket or even account)
-
S3 - Encryption
- In transit -> SSL/TLS
- At Rest
- Server Side Encryption
- S3 Managed Keys - SSE-S3
- AWS Key Management Service, Managed Keys - SSE-KMS
- Server Side Encryption With Customer Provided Keys - SSE-C
- Server Side Encryption
- Client Side Encryption
-
S3 - Versioning
- Stores all versions of an object (including writes and deletes)
- Great backup tool
- Once enabled, cannot be disabled (only suspended)
- Versiosning MFA DELETE capability (additional level of security)
- Cross Region replication requires versioning enabled on the source bucket
-
S3 - Lifecycle Management
- Can be used in conjuction with versioning
- Can be applied to current and previous versions
- Actions can be done:
- Transition to the Standard - Infrequent Access Storage Class (128Kb and 30 days after creation date)
- Archieve to the Glacier Storage Class (30 days after IA, if relevant)
- Permanently Delete
-
CloudFront
- Edge Locations - content will be cached (not to mix up with AWS region/AZ), not only for reading (writing possible)
- Objects are cached for the life of TTL (time to live), you can clear cache, but you will be charged
- Origin = origin of the files that the CDN will distribute (can be S3 Bucket, EC2 instance, ELB or Route53)
- Distribution = CDN which consists of a collection of EDGE Locations:
- Web Distribution - typically for websites
- RTMP - Media Streaming
-
Storage Gateway
- File Gateway -> flat files, stored directly on S3
- Volume Gateway
- Stored Volumes - entire dataset is stored on site and async-ly backed up to S3
- Cached Volumes - entire dataset is stored on S3 and the most frequently accessed data is cached on site
- Tape Gateway or Virtual Tape Library (VTL) - used for backup and uses popular backup applications like NetBackup, Backup Exec, Veeam etc.
-
S3 Static Websites -> serverless, very cheap, scales automatically
-
You can speed up uploading to S3 by enabling multipart upload