AWS S3 (Simple Storage Service)

• Problems S3 Solves
• Benefits
• Key Concepts
  • Buckets
  • Objects
• Storage Classes
• Security Features
  • Access Control
  • Encryption
• Website Hosting
• Best Practices
• Cost Estimation
• CLI Examples
  • Create a bucket
  • Upload a file
  • List objects in a bucket
  • Enable website hosting
• Common Use Cases
• My Implementation

Amazon S3 is an object storage service offering industry-leading scalability, data availability, security, and performance.

Problems S3 Solves

• No capacity planning: You don't need to estimate storage space requirements. Add as many files as needed - S3 scales automatically
• High availability: Files uploaded to S3 are replicated across multiple availability zones to ensure data availability

Benefits

• Complete package: S3 offers scalability, performance, availability, and durability that you can easily use to build cloud-native apps
• Start small, scale big: Since S3 is serverless, it's highly scalable. Start small and grow as your app needs without compromising performance and reliability

Key Concepts

Buckets

• Bucket: A container for objects stored in S3
• Naming Rules:
  • Globally unique across all of AWS
  • 3-63 characters long
  • Can contain lowercase letters, numbers, dots, and hyphens
  • Must start with a letter or number
  • Cannot be formatted as an IP address

Objects

• Object: The fundamental entity stored in S3
• Components:
  • Key: The name of the object (filename)
  • Value: The actual data content
  • Version ID: For versioned buckets
  • Metadata: Additional information about the object
  • Subresources: Access control information, torrent information

Storage Classes

Storage Class	Use Case	Durability	Availability	Retrieval Fee
Standard	Frequently accessed data	99.999999999%	99.99%	None
Intelligent-Tiering	Data with unknown or changing access patterns	99.999999999%	99.9%	None
Standard-IA	Infrequently accessed data	99.999999999%	99.9%	Per GB retrieved
One Zone-IA	Infrequently accessed, non-critical data	99.999999999%	99.5%	Per GB retrieved
Glacier	Long-term archive, retrieval time in minutes to hours	99.999999999%	N/A	Per GB retrieved
Glacier Deep Archive	Long-term archive, retrieval time in hours	99.999999999%	N/A	Per GB retrieved

Security Features

Access Control

• IAM Policies: Attach to users, groups, or roles
• Bucket Policies: JSON documents attached to buckets
• ACLs (Access Control Lists): Legacy method for controlling access
• Presigned URLs: Temporary access to objects

Encryption

• Server-Side Encryption:
  • SSE-S3: AWS managed keys
  • SSE-KMS: AWS KMS managed keys
  • SSE-C: Customer-provided keys
• Client-Side Encryption: Encrypt data before uploading

Website Hosting

S3 can host static websites with custom domain names:

{
  "IndexDocument": {
    "Suffix": "index.html"
  },
  "ErrorDocument": {
    "Key": "error.html"
  },
  "RoutingRules": [
    {
      "Condition": {
        "KeyPrefixEquals": "docs/"
      },
      "Redirect": {
        "ReplaceKeyPrefixWith": "documents/"
      }
    }
  ]
}

Best Practices

Best Practice

Always enable versioning on important buckets to protect against accidental deletion or overwrites.

Security Note

Never make your S3 bucket public unless you specifically intend the contents to be accessible to everyone on the internet.

Cost Alert

Glacier retrieval fees can add up quickly. Be sure to understand the pricing model before storing large amounts of data in Glacier.

1. Use versioning to protect against accidental deletion
2. Enable MFA Delete for sensitive buckets
3. Use bucket policies instead of ACLs when possible
4. Enable server-side encryption by default
5. Use lifecycle policies to automatically transition objects between storage classes
6. Enable access logging for audit purposes
7. Use CloudFront with S3 for better performance and reduced costs

Cost Estimation

S3 pricing is based on:

• Amount of data stored
• Number of requests
• Data transfer out
• Additional features (like Intelligent-Tiering)

S3 Cost Estimator

Storage (GB): 100

Requests (per month): 10000

Data Transfer Out (GB): 50

Estimated monthly cost: $6.80

This is a simplified estimate. For accurate pricing, use the AWS Pricing Calculator.

For more accurate pricing, use the AWS Pricing Calculator.

CLI Examples

Create a bucket

aws s3 mb s3://my-bucket-name

Upload a file

aws s3 cp local-file.txt s3://my-bucket-name/

List objects in a bucket

aws s3 ls s3://my-bucket-name/

Enable website hosting

aws s3 website s3://my-bucket-name/ --index-document index.html --error-document error.html

Common Use Cases

• Static Website Hosting: As implemented in my portfolio site
• Data Backup and Storage: Reliable, durable storage for backups
• Data Lakes: Store and analyze large amounts of data
• Content Distribution: Store and distribute media files
• Software Delivery: Host software packages and updates

My Implementation

For my portfolio site, I use S3 with the following configuration:

• Private bucket with CloudFront distribution
• Origin Access Identity for secure access
• Versioning enabled for rollback capability
• Server-side encryption with Amazon S3-managed keys (SSE-S3)
• Lifecycle rules to expire old versions after 30 days