Scribd
Upload
85 views

AWS Solutions Architect Lesson 6

Uploaded by

krishna
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
85 views

AWS Solutions Architect Lesson 6

Uploaded by

krishna
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 129

AWS Solutions Architect—Associate Level

Lesson 6: Amazon Simple Storage Service (S3)

©Simplilearn. All rights reserved 1


What You’ll Learn

Overview of S3

Know what an Amazon S3 bucket is

Different storage types

S3 version control and lifecycle management

How S3 integrates with CloudFront and CDNs

How to secure and encrypt your data on S3

How to get your data into and out of S3

AWS recommended best practices for S3

Costs associated with S3

©Simplilearn. All rights reserved 2


Amazon S3 Overview
Overview of Amazon S3 concepts

©Simplilearn. All rights reserved 3


Simple Storage Service (S3)
Amazon Simple Storage Service (S3) provides developers and IT teams with secure, durable, and
highly-scalable cloud storage.

Amazon S3

©Simplilearn. All rights reserved 4


Durable
Amazon Simple Storage Service (S3) provides developers and IT teams with secure, durable, and
highly-scalable cloud storage.

Data

S3

Availability Availability Availability


Zone Zone Zone

©Simplilearn. All rights reserved 5


Available
Amazon S3 is designed for 99.99% availability. You can choose the AWS region to store your data to
optimize latency, minimize costs, or address regulatory compliance.

Region

User Data Amazon S3 Region

Region

©Simplilearn. All rights reserved 6


Cost Efficient
You can store large amounts of data at a very low cost. You have to pay for what you use and you are
charged for GB per month usage. S3 offers a variety of different storage classes based on which you can
categorize your data.

RedShift RDS DynamoDB CloudFront

©Simplilearn. All rights reserved 7


Secure
Amazon S3 offers numerous security options.
SSL Certificate

Permissions Encryption

IAM
©Simplilearn. All rights reserved 8
Scalable
Amazon S3 allows you to store as much data as you want. The storage is elastic, so you can scale up and
down as required.

Data
Storage

©Simplilearn. All rights reserved 9


Notifications
You can configure notifications to be sent when objects are loaded to Amazon S3 using SQS or SNS.

Email
SQS Notification

SNS Email
Data Amazon S3 Notification

Email
Lambda Notification

©Simplilearn. All rights reserved 10


High Performance
Multi-part uploads maximize network throughput and resilience. Amazon S3 Transfer Acceleration allows
you to make use of Edge Locations to increase upload and download times.

Amazon S3

Edge
Locations

Data

©Simplilearn. All rights reserved 11


Integrated
S3 is integrated with many AWS products such as CloudFront, CloudWatch, RDS, EBS, and Lambda.

Amazon S3

CloudFront CloudWatch RDS EBS Lambda

©Simplilearn. All rights reserved 12


Easy to Use
S3 has multiple connectivity options: Simple web-based console, AWS CLI, mobile app, and API/SDK access.

Web Console

User Mobile Amazon S3

Internet

©Simplilearn. All rights reserved 13


Backup and Archiving
Amazon S3 is ideal for backing up and archiving critical data. You can store unlimited amount of
data if required.

User Data Amazon S3 Data Archive

©Simplilearn. All rights reserved 14


Elastic Web-Scale Computing
Amazon S3 is an object-based store and is accessible via a web interface, so you can store and retrieve
your data anywhere on the web from anywhere in the world.

Amazon S3

Internet

Users Mobile Web Console Users

©Simplilearn. All rights reserved 15


Content Storage and Distribution
You can offload your entire storage infrastructure to the cloud to minimize costs. You can distribute your
content directly from S3 to end users, or use S3 as a source to deliver content to Amazon CloudFront edge
locations.

Data Center Data Amazon S3

Edge Users
Locations

©Simplilearn. All rights reserved 16


Big Data
Amazon S3 is designed to be used as a Big Data object store for things like photos, videos, and
financial data.

Financial Data

Amazon S3
Images Files

Videos
©Simplilearn. All rights reserved 17
Static Website Hosting
Amazon S3 allows you to host your entire static website at a low cost. It provides you with a highly available
hosting solution.

Website Amazon S3 User

©Simplilearn. All rights reserved 18


Disaster Recovery
Amazon S3 offers a robust disaster recovery solution. All data stored on S3 is automatically replicated to a
different Availability Zone, and you can copy it to other regions using Cross-Region Replication.

Data
Data

Data Center Data Data Center

©Simplilearn. All rights reserved 19


Amazon S3 Buckets
Details about Amazon S3 Buckets

©Simplilearn. All rights reserved 20


Buckets
All Amazon S3 data is stored in “buckets.” A bucket is a folder from which you can read, write, and
delete objects.

Videos

Files
Images Bucket

Financial Data
©Simplilearn. All rights reserved 21
Buckets (contd.)
You can store as many objects as you want in a bucket, but objects are limited in size to 5TB and the
largest PUT operation is 5GB.

5TB 5TB 5TB 5TB

Objects Bucket

©Simplilearn. All rights reserved 22


Bucket Security
You can control access to each bucket action: create, delete, and retrieve objects.

User User

Retrieve Retrieve

Bucket
User User
Region

User User

©Simplilearn. All rights reserved 23


Create Bucket
You can create buckets using the web console or AWS CLI.

ABC.Bucket XYZ.Bucket

AWS Console

©Simplilearn. All rights reserved 24


Bucket Names
Follow the listed bucket-naming conventions to avoid errors.

Bucket names must be between 3 and 63 characters long.

Bucket names must be a series of one or more labels.

AWS recommends separating labels with a single period (.).

Bucket names can contain lowercase letters, numbers, and hyphens.

Each label must start and end with a lowercase letter or a number.

©Simplilearn. All rights reserved 25


Bucket Restrictions
Buckets have the following restrictions attached to them:

You can create a maximum of 100 buckets in each of your AWS accounts.

You can’t transfer the ownership of a bucket.

You can store an unlimited number of objects in a bucket.

You can’t create a bucket within another bucket.

©Simplilearn. All rights reserved 26


Amazon S3 Storage Classes
Amazon S3 comes in the following range of storage classes:

Amazon S3 Standard

Amazon S3 Standard—Infrequent Access

Amazon S3 Reduced Redundancy Storage

Amazon Glacier

©Simplilearn. All rights reserved 27


Amazon S3 Standard
Following are the features of Amazon S3 Standard:

01 Designed for high availability and durability

02 Used to store frequently accessed data

03 Designed for 11 9’s of durability

04 Designed for 99.99% availability

05 Low latency and high throughput

©Simplilearn. All rights reserved 28


Amazon S3 Standard Uses
You can use Amazon S3 for the following:

Dynamic Websites Mobile Applications Uploads

Cloud Applications File Storage Access in Real-time

©Simplilearn. All rights reserved 29


Amazon S3 Standard—Infrequent Access
Following are the features of Amazon S3 Standard—Infrequent Access:

01 Designed for objects that are accessed less frequently

02 Demands rapid access

03 Designed for 11 9’s of durability, high throughput, and low latency

04 Lower cost per GB but has a per GB retrieval fee

©Simplilearn. All rights reserved 30


Amazon S3 Standard—Infrequent Access Uses
Amazon S3 Standard—Infrequent Access is used for data not required very often, for example, database
backups taken earlier in the month but which might be required at a moment’s notice.

©Simplilearn. All rights reserved 31


Amazon S3 Reduced Redundancy Storage
Following are the features of Amazon Reduced Redundancy Storage:

01 Designed to store noncritical data at lower costs

02 Designed for noncritical objects

03 Designed for objects that are reproducible

04 Designed for lower durability

05 Designed for lower availability

©Simplilearn. All rights reserved 32


Amazon S3 Standard Reduced Redundancy Storage Uses
A cost-effective solution for distributing data that is easily reproducible and has been durably
stored elsewhere.

Thumbnails

Transcoded media

Processed data that can be easily


reproduced

©Simplilearn. All rights reserved 33


Amazon Glacier
Following are the features of Amazon Glacier:

01 Designed for archiving rarely accessed data

Provided only longer file retrieval time but now provides a retrieval option to
02 pay more and get files quickly

03 Designed for durability of 11 9’s

04 Provides a secure vault lock feature

05 Provides the lowest cost availability

©Simplilearn. All rights reserved 34


Amazon Glacier Uses
Amazon Glacier is used for database backups, compliance data, or audit log files that are rarely accessed
but need to be available when required.

Database backups Compliance data

Amazon Glacier
Uses

Audit log files

©Simplilearn. All rights reserved 35


Amazon Retrieval Options
The following table presents the retrieval options:

EXPEDITED STANDARD BULK


Retrieval 1-5 minutes 3-5 hours 5-8 hours
Time
Retrieval Charge per Charge per 1000 Lowest charge per
Requests request requests 1000 requests +

Data Retrieval Charge per GB Lower charge per Lowest charge per
GB GB

©Simplilearn. All rights reserved 36


Amazon S3 Storage Comparison
The following table presents the comparisons between the four storage options:

STANDARD STANDARD - IA GLACIER RRS

Durability 99.999999999% 99.999999999% 99.999999999% 99.99%

Availability 99.99% 99.99% N/A 99.99%

Min Storage N/A 30 days 90 days N/A


Duration
Retrieval Fee N/A Per GB retrieved Per GB retrieved N/A

First Byte milliseconds milliseconds Minutes-hours Milliseconds


Latency

©Simplilearn. All rights reserved 37


Access Amazon S3 from the Internet
You can easily host static websites from Amazon S3. You can configure buckets for static website hosting
and then upload your website code to your bucket. It will become accessible from the URLs.

The naming convention is: <bucket-name>.s3-website-<AWS-region>.amazonaws.com

<bucket-name>.s3-website-<AWS-region>.amazonaws.com

S3 Bucket

©Simplilearn. All rights reserved 38


URL Access from Amazon S3
You can provide URL access to the objects stored in your bucket by enabling website hosting. For example,
the following URL will request the photo.jpg object, which is stored at the root level in a bucket.

http://<bucket-name>.s3-website-<AWS-region>.amazonaws.com /photo.jpg

You can also provide URL access to the objects without enabling website hosting as long as you set up
appropriate information in the URL. The following URL requests access to the healthcheck.html file that is
stored in a bucket named “simplilearn.”

https://s3.amazonaws.com/simplilearn/health_check.html

©Simplilearn. All rights reserved 39


New Amazon S3 Console

Enhances security by showing the number of objects affected before operation initiation

©Simplilearn. All rights reserved 40


New Amazon S3 Console

Object operation status is now reported in a progress bar

©Simplilearn. All rights reserved 41


Demo 1: Create and access an Amazon S3 Bucket
Demonstrate how to create and access an Amazon S3 Bucket.

©Simplilearn. All rights reserved 42


Knowledge Check

©Simplilearn. All rights reserved 43


KNOWLEDGE
CHECK
Amazon S3 bucket names have to be _____.

a. unique in each region

b. unique in each Availability Zone

c. unique across all regions

d. more than 63 characters long

©Simplilearn. All rights reserved 44


KNOWLEDGE
CHECK
Amazon S3 bucket names have to be _____.

a. unique in each region

b. unique in each Availability Zone

c. unique across all regions

d. more than 63 characters long

The correct answer is c.

Amazon S3 bucket names have to be unique globally and between 3 and 63 characters in length.

©Simplilearn. All rights reserved 45


Version Control
Details of Amazon S3 Version Control

©Simplilearn. All rights reserved 46


Version Control
Versioning is used to preserve, retrieve, and restore earlier versions of every object you store in
your S3 buckets.

Preserve V.01
V.01

V.02 Retrieve V.02

V.03 Restore V.03

Bucket

©Simplilearn. All rights reserved 47


Version Control (contd.)
Versioning helps you recover your files from accidental deletion or overwrite.

ID = 121212

Key = photo.gif
ID= 121212 Request
Key = photo.gif
ID= 111111
User
Versioning Enabled

©Simplilearn. All rights reserved 48


Restoring a Previous Version
There are two approaches to restore a previous version:

1. Copy the previous version of the object into the bucket


2. Delete the current version of the object

GET PUT
Key = photo.gif Key = photo.gif
ID= 111111 ID= 121212

Key = photo.gif
Key = photo.gif
ID= 111111
ID= 111111

Key = photo.gif COPY ID= 111111 Key = photo.gif Key = photo.gif


ID= 121212 DELETE ID= 121212
ID= 121212 ID= 121212
Key = photo.gif Key = photo.gif Key = photo.gif
Key = photo.gif
ID= 111111 ID= 101010 ID= 111111 Key = photo.gif
ID= 111111
ID= 111111
Versioning Enabled Versioning Enabled Versioning Enabled Versioning Enabled

©Simplilearn. All rights reserved 49


Version Control States
Buckets can be in one of the three states: unversioned (the default), versioning-enabled, or
versioning-suspended.

Key = photo.gif
ID= 121212
Key = photo.gif Key = photo.gif Key = photo.gif
ID= 121212 ID= 111111 ID= Null

Unversioned Versioning Enabled Versioning Suspended

©Simplilearn. All rights reserved 50


Cross-Region Replication
Cross-region replication is a bucket-level feature that enables automatic, asynchronous copying of objects
across buckets in different AWS regions. You need to enable versioning on both the source and destination
buckets.

Region Region

Source Destination
Versioning Enabled Versioning Enabled

©Simplilearn. All rights reserved 51


MFA Delete
Amazon S3 allows you to protect your data by enabling Multi-Factor Authentication, or MFA, delete.

Key = photo.gif
Delete Request Access Granted ID= 121212
Key = photo.gif
ID= 111111

User

©Simplilearn. All rights reserved 52


Demo 2: Amazon S3 Version Control
Demonstrate the Version Control functionality.

©Simplilearn. All rights reserved 53


Knowledge Check

©Simplilearn. All rights reserved 54


KNOWLEDGE
CHECK
Which of the following is NOT an Amazon S3 version control state?

a. Unversioned

b. Versioning-enabled

c. Versioning-disabled

d. Versioning-suspended

©Simplilearn. All rights reserved 55


KNOWLEDGE
CHECK
Which of the following is NOT an Amazon S3 version control state?

a. Unversioned

b. Versioning-enabled

c. Versioning-disabled

d. Versioning-suspended

The correct answer is c.

Versioning cannot be disabled; it can only be enabled or suspended.

©Simplilearn. All rights reserved 56


Amazon S3 Lifecycle Management
Details of Amazon S3 Lifecycle Management

©Simplilearn. All rights reserved 57


Lifecycle Management
S3 allows you to define how Amazon manages objects during their lifetime. You can configure S3 to move
your data between the various storage classes on a defined schedule.

30 Days 60 Days

S3 Standard S3 – Infrequent Glacier


Access

©Simplilearn. All rights reserved 58


Lifecycle Management (contd.)
You can configure Lifecycle configuration rules such as:

Automatically delete files after a certain period of time, for


example, log files that you might only need for a week.

Certain files might only need to be accessed for a limited period


of time and then they can be archived.

Files kept only for regulatory or compliance reasons can be


archived and stored for longer terms.

©Simplilearn. All rights reserved 59


Lifecycle Management Benefits
Lifecycle Management allows you to move your objects to cheaper storage platforms as the files get older
and are less frequently required.

30 Days 60 Days

S3 Standard S3 – Infrequent Glacier


Access

©Simplilearn. All rights reserved 60


Lifecycle Management Rules
Following are the Lifecycle management rules:

You can configure as many as 1000 lifecycle rules


per bucket.

You can define a rule for all objects or a subset of objects


in the bucket.

You can disable a rule temporarily.

©Simplilearn. All rights reserved 61


Standard/RRS to Standard—IA
The listed rules required to be followed while moving objects from Standard/RRS to Standard—IA are
as follows:

Objects must be larger than 128KB.

Objects must be stored at least 30 days in Standard/RRS.

Versioned objects must also be at least


30 days old.

©Simplilearn. All rights reserved 62


Standard/RRS/Standard—IA to GLACIER
The listed rules required to be followed while moving objects from Standard/RRS/Standard—IA
to Glacier are as follows:

Glacier stored objects are not available in


real time.

To access an archived object in Glacier, you first need to restore


a temporary copy of it.

The restored object is only available for the duration you


specify during the restore request.

Glacier requests can take up to 5 hours.

©Simplilearn. All rights reserved 63


Other Restrictions
The following restrictions are associated with the movement of objects between the different
storage options:

You cannot transition from Standard—IA to Standard or


Reduced Redundancy.

You cannot transition from Glacier to any other storage class.

You cannot transition from any storage class to


Reduced Redundancy.

©Simplilearn. All rights reserved 64


Demo 3: Amazon S3 Lifecycle Management
Demonstrate how to configure and use Lifecycle Management.

©Simplilearn. All rights reserved 65


Knowledge Check

©Simplilearn. All rights reserved 66


KNOWLEDGE
CHECK
Which of the following Lifecycle Management rules is possible?

a. Glacier to Standard

b. Standard IA to Standard

c. Glacier to RRS

d. Standard to Standard IA

©Simplilearn. All rights reserved 67


KNOWLEDGE
CHECK
Which of the following Lifecycle Management rules is possible?

a. Glacier to Standard

b. Standard IA to Standard

c. Glacier to RRS

d. Standard to Standard IA

The correct answer is d.

Standard to Standard IA is a supported Lifecycle Management rule, as is RRS to Standard IA, RRS to Glacier,
and Standard IA to Glacier.

©Simplilearn. All rights reserved 68


CloudFront and CDNs
Details of how Amazon S3 integrates with CloudFront

©Simplilearn. All rights reserved 69


Amazon CloudFront
Amazon CloudFront is a global Content Delivery Network (CDN) service which provides a way to distribute
content to end users with low latency, high data transfer speeds, and no minimum usage commitments.

Regions and
Availability Zones

New regions coming


soon

©Simplilearn. All rights reserved 70


CloudFront and S3
Amazon S3 can be used as an “origin” server to store original versions of your files. An origin server is the
location of the definitive version of an object.

S3
CloudFront User

©Simplilearn. All rights reserved 71


CloudFront Origin Servers
When users request for particular files, "CloudFront distributions" notify CloudFront about the origin
servers from which to retrieve the files.

London Edge Location U.K. Users

CloudFront Distribution
CloudFront

New York Edge Location U.S. East Coast Users

Bucket

©Simplilearn. All rights reserved 72


CloudFront Distributions
CloudFront gives you a domain name which you can use in your web pages or application. When end users
request an object using this domain name, they are automatically routed to the nearest edge location so
that your content is delivered with low latency.

Domain Name

User Edge Location

©Simplilearn. All rights reserved 73


Web Distribution vs. RTMP
Following is the difference between Web distribution and RTMP:

Web Distribution is used to deliver content such as html, CSS, image files
over HTTP or HTTPS

RTMP is used for media streaming using Adobe Media server and Adobe
Real-Time Messaging Protocol

©Simplilearn. All rights reserved 74


CloudFront Rules
Following are the CloudFront rules:

Edge locations are not just read-only; you can also


write to them.

Objects are cached for the life of the TTL (time to live).

You can clear cached objects, but you’ll be charged for them.

©Simplilearn. All rights reserved 75


Demo 4: Amazon CloudFront
Demonstrate how to use Amazon CloudFront and Amazon S3.

©Simplilearn. All rights reserved 76


Knowledge Check

©Simplilearn. All rights reserved 77


KNOWLEDGE
CHECK
What is the purpose of Amazon CloudFront?

a. To provide disaster recovery for objects stored in your S3 buckets

b. To distribute content to end users with low latency

c. To reduce the costs of running a web site or media streaming service

d. To host your web site source code

©Simplilearn. All rights reserved 78


KNOWLEDGE
CHECK
What is the purpose of Amazon CloudFront?

a. To provide disaster recovery for objects stored in your S3 buckets

b. To distribute content to end users with low latency

c. To reduce the costs of running a web site or media streaming service

d. To host your web site source code

The correct answer is b.

Amazon CloudFront is a way to distribute content to end users with low latency and high data transfer
speeds.

©Simplilearn. All rights reserved 79


Security and Encryption
Details about Amazon S3 security and encryption features

©Simplilearn. All rights reserved 80


Security Methods
All data stored in Amazon S3 is secure by default as only bucket and object owners have access to the
Amazon S3 resources they create.

Bucket Owner Bucket Users

©Simplilearn. All rights reserved 81


Bucket Policies
Bucket policies are created to add or deny permissions across some or all of the objects within an S3
bucket. You can define access by creating and keeping Access Control Lists up-to-date.

User User User

Bucket
©Simplilearn. All rights reserved 82
IAM Policies

IAM policies can be created to allow roles to inherit specific permissions to access S3 buckets or objects.

Admin User

Users Users Users

Read only

Simplilearn Bucket

©Simplilearn. All rights reserved 83


Query String Authentication

You can use Query string authentication to share Amazon S3 objects through URLs that are valid for a
specified period of time.

©Simplilearn. All rights reserved 84


Encryption—Data Transfer

Using Amazon S3 SSL-encrypted endpoints that use the HTTPS protocol you can securely upload or
download your data.

©Simplilearn. All rights reserved 85


Encryption—Data at Rest

Amazon S3 can automatically encrypt your data using the following key management options:

01 Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)

02 Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS)

03 Server-Side Encryption with Customer-Provided Keys (SSE-C)

©Simplilearn. All rights reserved 86


Logging

You can log requests made against your Amazon S3 resources by configuring your Amazon S3 bucket to
create access log records.

Request Access

User Bucket Access Logs

©Simplilearn. All rights reserved 87


Events

Event notifications can be configured to be sent via SNS or SQS whenever objects are uploaded or stored in
Amazon S3.

User Object Bucket


SNS

Email Notification

©Simplilearn. All rights reserved 88


Demo 5: Security and Encryption
Demonstrate how to configure the Security and Encryption features of Amazon
S3.

©Simplilearn. All rights reserved 89


Knowledge Check

©Simplilearn. All rights reserved 90


KNOWLEDGE
CHECK
Which of the following is NOT a method of securing access to Amazon S3 buckets?

a. Query String Authentication

b. IAM policies

c. Bucket Policies

d. Encryption

©Simplilearn. All rights reserved 91


KNOWLEDGE
CHECK
Which of the following is NOT a method of securing access to Amazon S3 buckets?

a. Query String Authentication

b. IAM policies

c. Bucket Policies

d. Encryption

The correct answer is d.

Encryption protects the objects stored in Amazon S3, but it doesn’t provide secured access to the objects.

©Simplilearn. All rights reserved 92


Amazon Import/Export Snowball
Details about Amazon Import/Export Snowball

©Simplilearn. All rights reserved 93


Import/Export Snowball

Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts
of data into and out of the AWS Cloud. Snowball removes the need to transfer large amounts of data over
the Internet.

INTERNET

Data
User

©Simplilearn. All rights reserved 94


Import/Export Snowball (contd.)

Snowball is a TB appliance that AWS ships to you to transfer your data.

Create a job in the AWS Connect it to your Once the files are
Management console hardware and run the transferred, ship the
Snowball Client to Snowball appliance to
establish the connection AWS and track its progress
and encrypt the data to online.
transfer it at high speed.

©Simplilearn. All rights reserved 95


AWS Snowball Edge

It is an updated version of Snowball with on-board storage and compute power


01 for select AWS capabilities.

02 It is a 100 TB device.

In addition to transferring day-to-day data, it can also undertake local processing


03 and Edge computing workloads.

AWS Snowball Edge

©Simplilearn. All rights reserved 96


AWS Snowmobile

It is an Exabyte scale data transfer service used to move extremely large amounts
01 of data to AWS.

02 It can be used to transfer up to 100PB.

03 It is semi-trailer truck that can used to move entire data centers to AWS.

AWS Snowmobile

©Simplilearn. All rights reserved 97


Import/Export Snowball Uses

Following are the uses of Import/Export Snowball:

Cloud Migration

Disaster Recovery

Datacenter Decommission

Content Distribution

©Simplilearn. All rights reserved 98


Amazon S3 Transfer Acceleration

Amazon S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances
between your client and your Amazon S3 bucket.

©Simplilearn. All rights reserved 99


Knowledge Check

©Simplilearn. All rights reserved 100


KNOWLEDGE
CHECK
What is the capacity of AWS Snowball?

a. 70 Terabytes

b. 50 Petabytes

c. 80 Terabytes and 50 Terabytes

d. 80 Terabytes and 40 Terabytes

©Simplilearn. All rights reserved 101


KNOWLEDGE
CHECK
What is the capacity of AWS Snowball?

a. 70 Terabytes

b. 50 Petabytes

c. 80 Terabytes and 50 Terabytes

d. 80 Terabytes and 40 Terabytes

The correct answer is d.

AWS Snowball is now available in 80 Terabytes and 50 terabytes. It was earlier available in only 80
Terabytes. To Achieve Petabyte scale transfers, you need to send multiple snowball appliances.

©Simplilearn. All rights reserved 102


Amazon S3 Best Practices
Overview of AWS S3 Best Practices

©Simplilearn. All rights reserved 103


AWS S3 Best Practices

Versioning and Lifecycle


Management 1. Enable versioning to protect your data and configure lifecycle policies
to move your old versions to Glacier to save storage costs.

Encryption 2. Configure old versions to be deleted at a suitable time in the future.

Detailed Billing Reports

Restrict Deletes

Maximize Performance

©Simplilearn. All rights reserved 104


AWS S3 Best Practices (contd.)

Versioning and Lifecycle


Management 1. SSE with Amazon S3 managed keys—check the box to encrypt your
data at rest.

Encryption 2. SSE with customer provided keys—you manage keys and provide
them for PUTS and GETS.
3. SSE with AWS KMS—the keys are managed centrally by AWS KMS.
Detailed Billing Reports

Restrict Deletes

Maximize Performance

©Simplilearn. All rights reserved 105


AWS S3 Best Practices (contd.)

Versioning and Lifecycle


Management 1. They provide objects counts, storage GB, requests, and data
transfer usage down to the bucket level.

Encryption 2. You can turn the reports on via the preferences page in the Billing
and Costs Management console.
3. They can be delivered to an S3 bucket of your choice.
Detailed Billing Reports

Restrict Deletes

Maximize Performance

©Simplilearn. All rights reserved 106


AWS S3 Best Practices (contd.)

Versioning and Lifecycle


Management 1. Remove delete permissions from the bucket policy.
2. Enable MFA for deletes.

Encryption

Detailed Billing Reports

Restrict Deletes

Maximize Performance

©Simplilearn. All rights reserved 107


AWS S3 Best Practices (contd.)

Versioning and Lifecycle


Management 1. Multipart upload provides parallelism; it is encouraged for objects
larger than 100MB.

Encryption 2. Transfer acceleration enables fast, easy, and secure transfers of


files over long distances.

Detailed Billing Reports

Restrict Deletes

Maximize Performance

©Simplilearn. All rights reserved 108


Amazon S3 Costs
Details about costs associated with Amazon S3

©Simplilearn. All rights reserved 109


Amazon S3 Costs

The following costs are associated with Amazon S3:

01 Storage costs per storage type

02 Discounts per GB as the amount of storage you use increases

Cost per 1000 requests for PUT, COPY, POST, LIST, and lifecycle
03 transitions into Standard—IA

04 Cost per 10000 GET requests

05 Data transfer out to Internet

06 Data transfer between AWS regions

©Simplilearn. All rights reserved 110


Amazon S3 Costs (contd.)

The following cost is associated with AWS Transfer Acceleration:

Data in/out to Internet and between AWS Regions

©Simplilearn. All rights reserved 111


Amazon S3 Costs (contd.)

The following costs are associated with AWS CloudFront:

01 Data transfer out to Internet/Origin

02 Cost per 10000 requests

©Simplilearn. All rights reserved 112


Key Takeaways

©Simplilearn. All rights reserved 113


Key Takeaways

• Amazon S3, provides developers and IT teams with secure, durable, highly-scalable cloud storage.
• All Amazon S3 data is stored in “buckets.”
• Amazon S3 provides different storage options with various features.
• There are two ways you can access Amazon S3 from the Internet:
• Enabling static website hosting
• Giving permission to files to be open to the Internet
• Buckets can be in one of the three states: unversioned (the default), versioning-enabled, or
versioning-suspended.
• S3 allows you define how Amazon manages objects during their lifetime.

©Simplilearn. All rights reserved 114


Key Takeaways (contd.)

• Amazon CloudFront is a global content delivery network (CDN) service which provides a way to
distribute content to end users with low latency, high data transfer speeds, and no minimum usage
commitments.
• All data stored in Amazon S3 is secure by default as only bucket and object owners have access to the
Amazon S3 resources they create.
• Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large
amounts of data into and out of the AWS cloud.

©Simplilearn. All rights reserved 115


Practice Assignment: Create an Amazon S3 bucket
Set up an S3 bucket to use versioning and be cost efficient using Lifecycle
Management

©Simplilearn. All rights reserved 116


Create an Amazon S3 Bucket

Your client wants to move all its data to Amazon S3. The company
has categorized its data into the following:

1. Frequently accessed critical data – This data needs to be always


available and needs to be protected against accidental deletes.
2. Limited period critical data – This data is critical only for the first
30 days, then it is only accessed periodically for another 60 days.
After that, it is rarely accessed.
3. Archive data – This data is older and needs to be archived for
auditing purposes.

Create three buckets for each of the data categories and configure
Versioning and Lifecycle Management where appropriate.

©Simplilearn. All rights reserved 117


Quiz

©Simplilearn. All rights reserved 118


QUIZ
Which object encryption is NOT available in Amazon S3?
1

a. Server-side encryption using customer keys

b. Server-side encryption using Amazon keys

c. Client-side encryption using customer keys

d. Cloud HSM

©Simplilearn. All rights reserved 119


QUIZ
Which object encryption is NOT available in Amazon S3?
1

a. Server-side encryption using customer keys

b. Server-side encryption using Amazon keys

c. Client-side encryption using customer keys

d. Cloud HSM

The correct answer is d

Explanations: CloudHSM is not a valid encryption method for Amazon S3.

©Simplilearn. All rights reserved 120


QUIZ
What could be the cause of an error while creating a bucket called "productionbucket"?
2

a. You need to try creating it in a different region.

b. The bucket name needs to contain a "."

c. The bucket name needs to contain a number.

d. The bucket name is being used by someone else.

©Simplilearn. All rights reserved 121


QUIZ
What could be the cause of an error while creating a bucket called "productionbucket"?
2

a. You need to try creating it in a different region.

b. The bucket name needs to contain a "."

c. The bucket name needs to contain a number.

d. The bucket name is being used by someone else.

The correct answer is d

Explanations: Bucket names need to be unique; this bucket name is probably already taken.

©Simplilearn. All rights reserved 122


QUIZ
Which of the following will be the URL for a bucket called "simplilearn" that was created in the US-
EAST-1 region?
3

a. https://s3-us-east-1.amazonaws.com/simplilearn

b. https://s3-us-west-1.amazonaws.com/simplilearn

c. https://s3-simplilearn-us-west-1.amazonaws.com

d. https://s3-simplilearn.amazonaws.com/us-east-1

©Simplilearn. All rights reserved 123


QUIZ
Which of the following will be the URL for a bucket called "simplilearn" that was created in the US-
EAST-1 region?
3

a. https://s3-us-east-1.amazonaws.com/simplilearn

b. https://s3-us-west-1.amazonaws.com/simplilearn

c. https://s3-simplilearn-us-west-1.amazonaws.com

d. https://s3-simplilearn.amazonaws.com/us-east-1

The correct answer is a

Explanations: The correct format is s3-.amazonaws.com/

©Simplilearn. All rights reserved 124


QUIZ
Your company needs to migrate 60TB of data to AWS. What is the quickest way to do this?
4

a. Transfer over your existing 10Mbps Internet connection.

b. Transfer the data using AWS import/export Snowball.

c. Transfer the data to tapes and send them to AWS.

d. Make use of Cross Region Replication between S3 and your data center.

©Simplilearn. All rights reserved 125


QUIZ
Your company needs to migrate 60TB of data to AWS. What is the quickest way to do this?
4

a. Transfer over your existing 10Mbps Internet connection.

b. Transfer the data using AWS import/export Snowball.

c. Transfer the data to tapes and send them to AWS.

d. Make use of Cross Region Replication between S3 and your data center.

The correct answer is b

Explanations: AWS import/export Snowball is the fastest and most cost-effective way to transfer data to AWS.

©Simplilearn. All rights reserved 126


QUIZ
Which Amazon S3 storage type is most suitable to store audit data cost effectively for compliance
purposes?
5

a. Glacier

b. Standard

c. Standard - IA

d. RRS

©Simplilearn. All rights reserved 127


QUIZ
Which Amazon S3 storage type is most suitable to store audit data cost effectively for compliance
purposes?
5

a. Glacier

b. Standard

c. Standard - IA

d. RRS

The correct answer is a

Explanations: Amazon Glacier is the lowest cost-storage solution, but it has a recovery period of 5 hours.

©Simplilearn. All rights reserved 128


This concludes “Amazon S3.”
The next lesson is “Route 53.”

©Simplilearn. All rights reserved 129

You might also like