Amazon S3

Simple Storage Service

Agenda
• What is S3?
• Benefits.
• Common Scenarios.
• Concepts of S3.
• Working with S3.
• Protecting Data.
• Hands On.
• DeepDive into Buckets.
Agenda
• CloudFront.
• Pricing.
• Summary.
• Questions.
What is S3?

Storage for the Internet

What is S3?
Benefits.
• No Setup or Upfront cost, Pay as you go.
• Highly scalable : Unlimited Storage.

• Reliable : 99.999999999% Durability and 99.99% Availability.

• Regional Service : Data won’t leave a region.

• Infrastructure that Amazon uses to run its own global network
of web sites.
Common Scenarios
• Backup and Storage
• Application Hosting
• Media Hosting / Streaming
• Software Delivery
• Request Rerouting
Concepts of S3
• Buckets
• Objects
• Keys
• S3 Storage Classes
• Amazon S3 Data Consistency Model
Buckets
• Container for objects
• Names are globally unique
• Accessed via bucketname .s3.amazonaws.com (if permitted)
• Bucket Name : aws.s3.bootcamp
• http://aws.s3.bootcamp.s3.amazonaws.com/
• Here listing is allowed for everyone.
Buckets
Buckets
Buckets
Objects
• Objects consist of the raw object data and metadata.
• Object size can range from 1 byte to 5 gigabytes each.
• Objects are stored and retrieved using a developer-assigned
key.
• Data are kept secured from unauthorised access through
authentication mechanism.
Objects
Objects
Keys
• Unique identifier for an object.
• Object in a bucket has exactly one key.
Storage Classes
Storage Classes
Storage Classes
Storage Classes
Data Consistency Model

• Amazon S3 achieves high availability by replicating data across

multiple servers within Amazon's data center.
• Read after Write Consistency
• For example, if you PUT to an existing key, a subsequent read
might return the old data or the updated data, but it will never
write corrupted or partial data.
• If a PUT request is successful, your data is safely stored
Data Consistency Model
● A process writes a new object to Amazon S3 and immediately attempts to read it. Until the change is
fully propagated, Amazon S3 might report "key does not exist."

● A process writes a new object to Amazon S3 and immediately lists keys within its bucket. Until the
change is fully propagated, the object might not appear in the list.

● A process replaces an existing object and immediately attempts to read it. Until the change is fully
propagated, Amazon S3 might return the prior data.

● A process deletes an existing object and immediately attempts to read it. Until the deletion is fully
propagated, Amazon S3 might return the deleted data.

● A process deletes an existing object and immediately lists keys within its bucket. Until the deletion is
fully propagated, Amazon S3 might list the deleted object.
Protecting Data

Data needs protection while

• In-transit
• SSL
• Client-side encryption

You request Amazon S3 to encrypt your object before saving it on disks in its
data centers and decrypt it when you download the objects.
Protecting Data

Data needs protection while

• At rest
• Server-side encryption

You request Amazon S3 to encrypt your object before saving it on disks in its
data centers and decrypt it when you download the objects.

• Client-side encryption

You can encrypt data client-side and upload the encrypted data to Amazon S3.
Hands On (CLI)

• List Buckets
aws s3 ls

• Making a bucket
aws s3 mb s3://{unique-bucket-name}

• List content of Bucket

aws s3 ls s3://s3://{unique-bucket-name}

• Upload file to S3
aws s3 cp filename s3://{unique-bucket-name}/
aws s3 cp filename s3://{unique-bucket-name}/{destination-file-name}
Hands On (CLI)

• Renaming a file
aws s3 mv s3://{unique-bucket-name}/{old-name} s3://{unique-bucket-name}/
{new-name}

• Remove file from S3

aws s3 rm s3://{unique-bucket-name}/{file-name}

• Sync a folder
aws s3 sync folder-name s3://{unique-bucket-name}/{folder-name}

• Removing bucket
aws s3 rm s3://{unique-bucket-name}
Deepdive into Buckets
• Permissions
• Static Website Hosting
• Events
• Versioning
• LifeCycle
• Tags
• Requester Pays
Permissions
Permissions
Permissions
Permissions
Permissions
Permissions
Permissions

• Lets create a policy

Static Website Hosting

• Enabling website hosting

• Setting up default doc
• Setup Error Page

• Website addressing
• {bucket-name}.s3-website-{region}-amazonaws.com
Website Hosting

• Rerouting requests
Events

• Send alerts or trigger workflows based on certain actions.

• Notifications can be sent via
• Amazon Simple Notification Service (SNS)
• Amazon Simple Queue Service (SQS)
• Lambda function (depending on the bucket location).
Versioning

• Keeps different versions of all the objects

• Even deleted objects are stored in history
• Once enabled cannot be disabled.
• Lets See in Action.
 Lifecycle

S3 -> expire -> Permanently Delete

S3 -> Glacier
 Lifecycle

S3 -> Glacier
LifeCycle

•
Tags

• Key, value pair that can be used for billing and query purposes.
Requester Pays

• Default : Creator is the owner of bucket

• Owners pay for all
• Storage
• Data transfer costs
• Requesters pays
• Cost of the request
• Data download.
Requester Pays

• Anonymous access to that bucket is not allowed.

• Example
• Making large data sets, such as zip code directories,
reference data, geospatial information.
• Implemented using : Amazon S3 Requester Pays with DevPay.
CloudFront

• Can be easily integrated with CloudFront

• Delivery from Global edge locations
• Static Files : image,css,js,html
• Streaming : Serve RTMP directly from S3 bucket
Pricing

• No Minimum Fee
• Pay As You Go Model
• Charges for using S3 is based on the location
• Billed for
• storage(average),
• data transfer in and out and the
• number of requests per month.
Summary
• No need for capacity planning.
• No upfront cost.
• Data Protection.
• Unlimited Storage.
• Designed to provide 99.999999999% Durability and 99.99%
Availability
• You are fast, CLI is Faster
Questions
1. What is maximum size of object that can be stored on S3.
2. Create a bucket (CLI).
3. Add Objects to Bucket (CLI).
4. Add folders to Bucket (CLI).
5. Add objects within folder (CLI).
6. Make a file publically available for download.
7. Delete Couple of Objects (CLI).
8. Delete Folder (CLI).
9. Enable Versioning for Bucket.
10. Overwrite objects and try retrieving the older version.
11. Delete objects and try retrieving them.
12. Add Couple of HTML files to Bucket.
13. Serve added HTML pages (added in step 7) directly from S3 Bucket.
14. Create another bucket, enable Website hosting and redirect all request to previous bucket.
15. Create a bucket policy that allows only EC2 Servers to access files in bucket.
16. Create a bucket policy where user only has read-only access.
17. Create a bucket policy where user can only add objects but not delete.
18. Create a situation where only one of two users is able to access bucket and other is only able to read.