Simple Storage Service

S3 Object Storage Classes

  • Standard

  • Standard-IA

  • One Zone-IA

  • Glacier - Instant

  • Glacier - Flexible

  • Glacier Deep Archive

  • Intelligent-Tiering

S3 Lifecycle Configuration

S3 Replication

  • S3 has two replication features which allow objects to be replicated between a SOURCE and DESTINATION buckets in the same or different AWS accounts

  • Cross-Region Replication (CRR) is the process used when Source and Destination are in different AWS regions

  • Same-Region Replication (SRR) is used when the buckets are in the same region.

Options

Considerations

Why use replication..?

S3 Object Encryption

S3 Server-Side Encryption

SSE-C

SSE-S3 (AES256)

SSE-KMS

S3 Bucket Keys

  • Amazon S3 Bucket Keys reduce the cost of Amazon S3 server-side encryption using AWS Key Management Service (SSE-KMS).

  • Bucket-level keys for SSE can reduce AWS KMS request costs by up to 99 percent by decreasing the request traffic from Amazon S3 to AWS KMS.

S3 w/o Bucket Keys

S3 w/ Bucket Keys

S3 Presigned URLs

S3 Select & Glacier Select

S3 and Glacier Select allow you to use a SQL-Like statement to retrieve partial objects from S3 and Glacier.

S3 Access Points

  • Amazon S3 Access Points, a feature of S3, simplifies managing data access at scale for applications using shared data sets on S3.

  • Access points are unique hostnames that customers create to enforce distinct permissions and network controls for any request made through the access point.

S3 Object Lock

  • You can use S3 Object Lock to store objects using a write-once-read-many (WORM) model.

  • It can help you prevent objects from being deleted or overwritten for a fixed amount of time or indefinitely.

  • You can use S3 Object Lock to meet regulatory requirements that require WORM storage, or add an extra layer of protection against object changes and deletion.

Last updated