AWS Developer Associate

Source: https://docs.aws.amazon.com/
Amazon Storage Services
 Learning Objectives

By the end of the lesson, you will be able to:

Create an Amazon S3 bucket

Implement version control in Amazon S3

Configure an S3 bucket for Static Website Hosting

Implement S3 Select and S3 Glacier Select

Configure a new CloudFront distribution with an S3 bucket

Introduction to Amazon S3
 What is Amazon S3?

Amazon Simple Storage Service (Amazon S3) is a web-based storage service offered by AWS for
online backup and archiving of data. Users can store and retrieve any amount of data, at any
time, and from anywhere on the internet.
What is Amazon S3?
 Features of Amazon S3

The following are some of the features of Amazon S3:

01 02 03
Availability Scalability Durability

04 05 06
Performance Cost-efficiency Security
 Features of Amazon S3: Availability

Amazon S3 offers 99.99% availability. Users can optimize latency and minimize
costs by choosing the required region to store data.

01 02 03
Availability Scalability Durability

04 05 06
Performance Cost-efficiency Security
 Features of Amazon S3: Scalability

Amazon S3 allows users to store data and scale up or down as required.

01 02 03
Availability Scalability Durability

04 05 06
Performance Cost-efficiency Security
 Features of Amazon S3: Durability

Amazon S3 stores data redundantly across multiple facilities and multiple devices in
each facility making it extremely durable.

01 02 03
Availability Scalability Durability

04 05 06
Performance Cost-efficiency Security
 Features of Amazon S3: Performance

Amazon S3 supports multipart uploads, which maximizes network throughput and

resilience.

01 02 03
Availability Scalability Durability

04 05 06
Performance Cost-efficiency Security
 Features of Amazon S3: Cost-efficiency

Amazon S3 uses a pay-per-use model that allows users to store large data sets at a
very low cost.

01 02 03
Availability Scalability Durability

04 05 06
Performance Cost-efficiency Security
 Features of Amazon S3: Security

Amazon S3 supports SSL (Secure Sockets Layer) data transfer and encrypts uploaded
data.

01 02 03
Availability Scalability Durability

04 05 06
Performance Cost-efficiency Security
Components of Amazon S3
 Components of Amazon S3

Buckets:
01 Buckets are containers for storing and organizing data
of any format in Amazon S3.

Keys:
02 Keys are unique identifiers for each piece of data
stored in Amazon S3 buckets.

Regions:
03 Regions are geographical locations where Amazon
stores the S3 buckets created by its users.
 Components of Amazon S3

More about Amazon S3 buckets:

01 Buckets can be used to store text files,

images, videos, and so on. User
Any number of objects can be stored in a
02 bucket, given that the total bucket size is Retrieve
5TB.
User
Access to each bucket action can be
03
controlled by the user.

User
Creating an Amazon S3 Bucket
Assisted Practice
Creating an Amazon S3 Bucket

Duration: 15 Min.

Problem Statement:

Create an Amazon S3 bucket by using the Amazon console

 Assisted Practice: Guidelines

Steps to perform to create an Amazon S3 bucket:

1. Navigate to your Amazon console

2. Open the Amazon S3 dashboard

3. Click the Create bucket button

4. Enter the details about the bucket

5. Skip to the review page and click the Create bucket button
Version Control in Amazon S3
 Version Control

Versioning is used to keep and maintain multiple variants of an object in the same bucket. It is
used to preserve, retrieve, and restore earlier versions of objects stored in Amazon S3
buckets.

Preserve V.01
V.01

V.02 Retrieve V.02

V.03 Restore V.03

Bucket
 Version Control

User can use Version Control to recover files from accidental deletion or overwrite.

ID = 121212

Request

Versioning-enabled User
 Version Control States

S3 buckets versions can be in one of the three states such as unversioned, versioning-
enabled, and versioning-suspended.

Key
Key == photo.gif
photo.gif
ID= 121212
ID= 121212
Key = photo.gif
Key = photo.gif Key = photo.gif ID= Null
ID= 111111

Unversioned Versioning-enabled Versioning-suspended

 Restoring a Previous Version

There are two options to restore the previous version of an object.:

1. Copy the previous version of the object into the bucket

Versioning-enabled Versioning-enabled

Source: https://docs.aws.amazon.com/AmazonS3/latest/dev/RestoringPreviousVersions.html
 Restoring a Previous Version

2. Delete the current version of the object

Versioning-enabled Versioning-enabled

Source: https://docs.aws.amazon.com/AmazonS3/latest/dev/RestoringPreviousVersions.html
 Cross-region Replication

Cross-region replication is a bucket-level feature that enables automatic, asynchronous copying of

objects between buckets that are stored across AWS regions.
For successful cross-region replication, you must enable versioning on both source and destination
buckets.

Region Region

Source Destination
Versioning-enabled Versioning-enabled
 MFA Delete

Amazon S3 allows users to protect data by enabling Multi-Factor Authentication (MFA) delete.
This provides additional authentication for operations such as changing the versioning state of a bucket
permanently and deleting an object version.

Key = photo.gif
Delete Request Access Granted ID= 121212
Key = photo.gif
ID= 111111
User
Versioning-enabled
Assisted Practice
Configure an S3 Bucket for Versioning

Duration: 5 Min.

Problem Statement:

Configure an S3 bucket for versioning by using Amazon S3 console

 Assisted Practice: Guidelines

Steps to perform to configure an S3 bucket for versioning:

1. Go to your Amazon Console

2. Open the Amazon S3 dashboard
3. Create a bucket
4. Select the bucket, and then select the Properties tab
5. Click the Enable versioning button
Static Web Hosting
 Static Web Hosting

Amazon S3 allows users to host static websites at low cost by providing a highly available hosting
solution. A static website contains web pages with static content and client-side scripts.

Website Amazon S3 User

<bucket-name>.s3-website-<AWS-region>.amazonaws.com is the naming

convention used for hosting static websites.
 Static Web Hosting

Code files such as HTML, 1

CSS, and JavaScript

Amazon S3

2
Authentication

Web Browser Amazon Cognito

User Pool
4
Dynamic API calls 3
over HTTP

Amazon API Gateway AWS Lambda Amazon

DynamoDB
 Static Web Hosting

To configure an Amazon S3 bucket for static website hosting in the Amazon S3 console, follow
the steps mentioned below:

1. Enable static website hosting 2. Modify block public access settings

 Static Web Hosting

{
"Version": "2012-10-17",
"Statement": [
{
<html xmlns="http://www.w3.org/1999/xhtml" >
"Sid": "PublicReadGetObject",
<head>
"Effect": "Allow",
<title>My Website Home Page</title>
"Principal": "*",
</head>
"Action": [
<body>
"s3:GetObject"
<h1>Welcome to my website</h1>
],
<p>Now hosted on Amazon S3!</p>
"Resource": [
</body>
"arn:aws:s3:::example.com/*"
</html>
]
}
]
}

3. Add a bucket policy in the bucket policy editor 4. Configure an index document
Amazon S3 Policies
 Amazon S3 Policies

An S3 bucket policy is a resource-based AWS Identity and Access Management (IAM) policy that
grants other AWS accounts or IAM users access to the objects in an S3 bucket.

Amazon S3 bucket policy

Object permissions apply only to the objects created by the bucket owner. S3 policies
supplement, and in many cases, replace Access Control List(ACL)-based access policies.
 Amazon S3 Policies

Bucket Admin User User

Policy Policy

S3 bucket User

Bucket owner grants permissions to users through bucket policies.

 Amazon S3 Policies

Sign in to the AWS Management Console

1 and open the Amazon S3 console at
https://console.aws.amazon.com/s3/

Choose a bucket name from the Bucket

2 name list for which the bucket policy is to
be created

Choose Permissions, and then select

3
Bucket Policy

Source: https://docs.aws.amazon.com/AmazonS3/latest/user-guide/add-bucket-policy.html
 Amazon S3 Policies

In the Bucket policy editor, add a new

bucket policy or edit an existing policy.
4
Add a valid JSON to the policy, and then
click Save to save the bucket policy

Source: https://docs.aws.amazon.com/AmazonS3/latest/user-guide/add-bucket-policy.html
Assisted Practice
Configure an S3 Bucket for Static Website Hosting

Duration: 20 Min.

Problem Statement:

Configure an S3 bucket for static website hosting by using the Amazon S3 console.
 Assisted Practice: Guidelines

Steps to perform to configure an S3 bucket for static website hosting:

1. Go to your Amazon Console

2. Open the Amazon S3 dashboard
3. Create a bucket
4. Select the bucket and navigate to the Static website hosting tab
5. Upload the HTML files to the bucket
6. Edit Block access and Bucket policies
Amazon S3 Storage Classes
 Amazon S3 Storage Classes

Amazon S3 offers the following storage classes:

Amazon S3 Standard

Amazon S3 Intelligent-Tiering

Amazon S3 Standard-Infrequent Access

Amazon S3 One Zone-Infrequent Access

Amazon S3 Glacier

Amazon S3 Glacier Deep Archive

 Amazon S3 Standard

Features of Amazon S3 Standard

● Offers frequent access, high availability and durability

● Low latency and high throughput performance

● Backed by the Amazon S3 Service Level Agreement for availability

● Recommended for dynamic websites, cloud and mobile applications, and file
storage

● S3 lifecycle management for automatic transition of objects among various S3

storage classes
 Amazon S3 Intelligent-Tiering

Features of Amazon S3 Intelligent-Tiering

● Designed to optimize cost for data with varying access patterns

● Stores objects in four access tiers: 2 low latency access tiers(frequent and
infrequent access), 2 opt - in archive access(rare access)

● Offers high availability of 99.99% and durability of 99.999999999%

● Same low latency and high throughput performance of S3 Standard

● Small monthly monitoring and auto-tiering fee

● Ideal for long-lived data with unpredictable access patterns

● Automatically moves objects between access tiers based on varying access

patterns
 Amazon S3 Standard-Infrequent Access

Features of Amazon S3 Standard-Infrequent Access

● Designed for infrequently accessed data

● Offers high availability of 99.99% and durability of 11 9’s

● Same low latency and high throughput performance of S3 Standard

● Supports SSL for data in transit and encryption for data in rest

● Ideal for long-term storage, backups, and as a data store for disaster recovery
files
 Amazon S3 One Zone-Infrequent Access

Features of Amazon S3 One Zone-Infrequent Access

● Designed for the data that is infrequently accessed, but require rapid access
when needed

● Stores data in a single availability zone and costs 20% less than S3 Standard-IA

● Supports SSL for data in transit and encryption for data in rest

● Ideal for customers who want lower-cost options for infrequently accessed data

● Good for storing secondary backup copies of on-premise data

 Amazon S3 Glacier

Features of Amazon S3 Glacier

● Secure, durable, and low-cost storage class for archiving data

● Provides three retrieval options, varying from minutes to hours

● Supports SSL for data in transit and encryption for data in rest

● Offers a secure vault lock feature that enforces compliance

● Data is resilient in case of an entire availability zone destruction

 Amazon S3 Glacier Deep Archive

Features of Amazon S3 Glacier Deep Archive

● Lowest-cost storage class supporting long-term retention and digital preservation

● Designed for data that may be accessed once or twice in a year

● Used for backup and disaster recovery

● Data replicated and stored in at least three geographically-dispersed AZs

● Data retrieval time is within 12 hours

● Good for customers from highly-regulated industries who retain data for 7-10 years
 Performance Chart

Performance across S3 storage classes

Source: https://aws.amazon.com/s3/storage-classes/
 Performance Chart

Performance across S3 storage classes

Source: https://aws.amazon.com/s3/storage-classes/
Amazon S3 Pricing
 Amazon S3 Pricing

Amazon S3 charges a user only for what they use. A user pays for storing objects, requests made
against S3 bucket and object, data transferred in from the internet, replicating storage, other storage
management analytics, and so on.

Amazon S3 pricing

Source: https://aws.amazon.com/pricing/
 Amazon S3 Pricing

The following are the four cost components to consider when deciding on which
S3 storage class best fits the data profile:

Request and data

Storage pricing
retrieval pricing

Data transfer and Data management

acceleration features and
pricing replication pricing
 Amazon S3 Pricing

● Data transfer and acceleration pricing

involves the fee paid by users for bandwidth
Data transfer and utilized in Amazon S3. It excludes the
acceleration pricing following:

○ Data transferred in from the internet

Storage pricing
Request and data
retrieval pricing
Data management
features and replication ● User pay for any data transferred through
pricing
○ Data transferred out to an Amazon EC2
instance, when the instance is in the
same AWS Region
○ Data transferred out to Amazon
CloudFront
the Amazon S3 Transfer Acceleration
feature.
 Amazon S3 Pricing

Data transfer and acceleration pricing for Asia-Pacific region

Source: https://aws.amazon.com/s3/pricing/
 Amazon S3 Pricing

Data transfer and

acceleration pricing
● Storage pricing involves the fee paid by
users to store objects in S3 buckets.
Storage Pricing
● A monthly monitoring and automation fee
per object is charged for objects stored in
the S3 Intelligent-Tiering storage class.
Request and data
retrieval pricing ● Per-request ingest fee is also charged
while using PUT, COPY, or lifecycle rules to
move data into any S3 storage class.
Data management
features and replication
pricing
 Amazon S3 Pricing

Storage pricing for Asia-Pacific region

Source: https://aws.amazon.com/s3/pricing/
 Amazon S3 Pricing

Storage pricing for Asia-Pacific region

Source: https://aws.amazon.com/s3/pricing/
 Amazon S3 Pricing

● Requests and data retrieval pricing involves

Data transfer and
acceleration pricing the fee paid by users for requests made
against the S3 buckets and objects.

Storage Pricing ● Storage browsing charges in Amazon S3

console are also paid by the user.

● Charges are accrued for each request made

using the API/SDK.
Request and data
retrieval pricing
● DELETE and CANCEL requests are free, but
LIST requests for any storage class are
Data management charged at the same rate as S3 Standard
features and replication
PUT, COPY, and POST requests.
pricing
 Amazon S3 Pricing

Request and data retrieval pricing for Asia-Pacific region

Source: https://aws.amazon.com/s3/pricing/
 Amazon S3 Pricing

Data transfer and ● Data management features pricing involves

acceleration pricing
Storage Pricing
● Replication pricing is the fee paid by the
Request and data
retrieval pricing
Data management
features and replication
pricing
the fee paid by users for storage
management features that are enabled on
their account’s buckets.
users for S3 Replication, which includes:
○ S3 charges for storage in the selected
destination S3 storage class
○ Storage charges for the primary copy
○ Charges for replication PUT requests
and applicable infrequent access
storage retrieval fee
 Amazon S3 Pricing

Data transfer and

acceleration pricing ● For Cross-Region Replication, users pay a
fee for inter-region Data Transfer OUT
from S3 to their destination region.
Storage Pricing
● For S3 Replication Time Control, users pay
a Replication Time Control Data Transfer
fee and S3 Replication Metrics charges.
Request and data
retrieval pricing ● For the replicated copy, Storage and PUT
request pricing is based on the
Data management destination AWS region.
features and replication
pricing
 Amazon S3 Pricing

Data management features and replication pricing for Asia Pacific region

Source: https://aws.amazon.com/s3/pricing/
 AWS Free Tier

AWS offers a free tier to new users upon sign up to get started with Amazon S3 for free. It
provides free, hands-on experience with the AWS platform, products, and services.

The free tier offers the following types of access, based on the feature usage:

Always free 12-months free Trials

 Amazon S3 Free Tier Offerings

AWS free tier offers new users with the following monthly benefits for a year on the Amazon
Simple Storage Service:

● 5 GB of Amazon S3 storage in the S3 Standard storage class

● 20,000 GET Requests

● 2,000 PUT, COPY, POST, or LIST requests

● 15 GB of Data Transfer Out

 AWS Pricing Calculator

AWS pricing calculator estimates the cost for a storage solution. Users can configure a cost
estimate that fits business or personal requirements with Amazon S3.

Workflow of AWS Pricing Calculator

Source: https://calculator.aws/#/
Amazon S3 Select and S3 Glacier Select
 Amazon S3 Select

Amazon S3 Select allows applications to fetch only a subset of data from an object by using
simple SQL expressions that help users achieve drastic performance increases.

Data fetching using Amazon S3 Select

Source: https://aws.amazon.com/blogs/aws/s3-glacier-select/
 Amazon S3 Glacier Select

● Amazon S3 Glacier Select allows users to filter data in a Glacier object by using
standard SQL statements.

● To perform select queries, S3 Glacier provides three data access tiers: expedited,
standard, and bulk. A user can choose a tier based on how quickly they need the
data to be available.

● S3 Glacier Select can be used with AWS SDKs, the S3 Glacier REST API and the
AW CLI.

● Glacier is priced based on:

○ Gigabytes of Data Scanned
○ Gigabytes of Data Returned
○ Number of Select Requests

image source: https://aws.amazon.com/

Sharing an S3 Bucket among Multiple Accounts
 Sharing an S3 Bucket among Multiple Accounts

Depending on the type of access that a user want to provide, the following methods can be
used to grant cross-account access for sharing objects between multiple accounts:

● Resource-based policies and AWS IAM policies

● Resource-based Access Control List (ACL) and IAM policies

● Cross-account IAM roles

 Steps to Share an S3 Bucket Between Multiple Accounts

1. Account A admin user attaches a bucket policy to provide cross-account permissions

to Account B.

2. Account B admin user attaches a user policy authorizing the permissions received
from Account A.

3. User in Account B verifies the permissions by accessing the bucket owned by Account
A.

Source: https://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-access-example2.html
AWS DataSync and AWS Backup
 AWS DataSync

AWS DataSync is an online data transfer offering by AWS that simplifies, automates, and
accelerates, transfer of large amount of data between on-premise storage system and AWS
storage services.

Workflow of AWS DataSync

Source: https://aws.amazon.com/blogs/storage/protect-your-file-and-backup-archives-using-aws-datasync-and-amazon-s3-glacier/
 AWS DataSync

● AWS DataSync ensures data security by providing end-to-end encryption and data
integrity validation.

● It directly moves the on-premises cold data to durable and long-term storage such as S3
Glacier that helps free up on premises storage capacity.

● A huge amount of data can be transferred rapidly over network using DataSync.

● It helps to reduce operational cost with the per-gigabyte pricing and saves on script
development, deployment and maintenance cost.
 AWS Backup

AWS Backup provides centralized and automated data backup across AWS resources. It can be
used to centrally configure backup policies and monitor backup activities.

Working of AWS Backup

Source: https://aws.amazon.com/backup/
 Amazon S3 Replication

Amazon S3 Replication is an elastic, fully managed and low cost feature that enables automatic,
asynchronous copying of objects across Amazon S3 buckets by providing great flexibility and
functionality in cloud storage.

Working of S3 Replication

Source: https://aws.amazon.com/s3/features/replication/
 Why Use Replication?

Replication allows you to:

Manage data redundancy

Replicate objects while retaining metadata

Replicate storage across different cost-effective storage classes

Maintain object copies under different accounts

Store object across multiple AWS regions

Replicate objects and storage within 15 minutes

 Types of S3 Replication

Amazon S3 Amazon S3
Cross-Region Same-Region
Replication Replication

Amazon
Replication
Time Control
 Types of S3 Replication

Amazon S3 Cross-Region Replication (CRR)

● With CRR, a user can replicate objects, their respective metadata, and object
tags for reduced latency, compliance, security, and disaster recovery

● CRR can be configured from a single-sourced S3 bucket to replicate the object

to multiple destinations and region

● User can set up replication data at the bucket-level, shared prefix level, or object
level by using S3 object tags

● CRR provides lower-latency data access across various geographic regions

 Types of S3 Replication

Amazon S3 Same-Region Replication (SRR)

● Automatically replicates data between buckets within the same AWS Region

● Replicates data at bucket level, a shared prefix level, or object level by using S3
object tags

● Addresses data sovereignty and compliance requirements by keeping a copy of

data in a separate AWS account

● Changes account ownership for the replicated objects to protect accidental data
deletion

● Collects logs from various S3 buckets for in-region processing, or configures live
replication
 Types of S3 Replication

Amazon Replication Time Control

● Replicates 99.99% of new objects stored in Amazon S3 within 15 minutes

● Helps Users meet compliance or business requirements for data replication

and provides visibility into S3 Replication activity

● Provides S3 Replication metrics that monitor:

○ The total number of S3 API operations that are pending replication
○ The total size of objects pending replication
○ The maximum replication time to the destination AWS Region
Amazon CloudFront
 Amazon CloudFront

Amazon CloudFront is a global content delivery network (CDN) service that securely delivers
content to the end-users with low latency and high transfer speeds.

Amazon CloudFront
 Amazon CloudFront

Amazon CloudFront Points of Presence (POPs)

Source: https://aws.amazon.com/blogs/aws/200-amazon-cloudfront-points-of-presence-price-reduction/
 Content Delivery Using CloudFront

Steps to setup a CloudFront distribution to deliver content:

1. Specify origin servers

2. Upload data files to the origin servers

3. Create a CloudFront distribution

CloudFront assigns a domain name to the new distribution and sends the
distribution's configuration to all of its edge locations
 Content Delivery Using CloudFront

Steps to set up a CloudFront distribution to deliver content

Source: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html
Assisted Practice
Configure an Amazon CloudFront Distribution

Duration: 15 Min.

Problem Statement:

Configure an Amazon CloudFront distribution to serve a static website hosted on Amazon S3.
 Assisted Practice: Guidelines

Steps to perform to configure an Amazon CloudFront distribution:

1. Go to your Amazon Console

2. Open the CloudFront Management Console
3. Click the Create distribution button
4. Enter the distribution details
5. On review page, click the Create distribution button
 Key Takeaways

Amazon S3 is a web-based storage service for online backup and

archiving of data.

The three versioning states are Unversioned, versioning-enabled,

and versioning-suspended.

An S3 bucket policy is a resource-based AWS IAM policy that

grants other AWS accounts or IAM users access to the objects in
an S3 bucket.

The storage classes offered by Amazon S3 are Amazon S3

Standard, Intelligent-Tiering, Standard-IA, One Zone-IA, Glacier,
and Glacier Deep Archive.
 Key Takeaways

Amazon S3 Select allows applications to fetch only a subset of data

from an object by using simple SQL expressions.

AWS DataSync allows fast transfer of data online between on-

premises storage and Amazon storage services.

The three type of Amazon S3 Replication are Amazon S3 Cross-

Region Replication, Same-Region Replication, and Amazon
Replication Time Control.

Amazon CloudFront is a global CDN service that offers fast and

secure content delivery to end-users.
 Host a Static Website on Amazon S3

Problem Statement:
You are asked to create a static HTML webpage, upload it in S3 bucket and
generate a sharable domain endpoint for website hosting

Tools required:
AWS S3, Visual Studio Code/ Notepad++

Expected Deliverables:
Screenshots for every steps