Features of Amazon S3?
Amazon Simple Storage Service is an object storage service that all types of industries can use to store and protect the data such as data lakes, backup and restore, big data analysis, etc. Amazon S3 also provides the management features that you can optimize, organize, and configure access to the data to meet the specific used case in your industry.
Amazon S3 offers different storage classes for different use cases.
For frequently accessed data:
- S3 standard: Frequently accessed data (more than once a month) with millisecond access
- RRS (not recommended): Noncritical, frequently accessed data with millisecond access
For infrequently accessed data:
- S3 standard IA: Long-lived, infrequently accessed data (once a month) with millisecond access
- S3 one zone-IA: Recreatable, infrequently accessed data (once a month) with millisecond access
For changing accessed data:
- S3 intelligent tiers: Data with unknown, changing, or unpredictable access patterns. it contains 2 low-latency access tiers and 2 opt-in archive access tires
For archive data accessed:
- S3 Glacier Instant Retrieval: Long-lived, archive data accessed once a quarter with millisecond access
- S3 Glacier Flexible Retrieval: Long-lived archive data accessed once a year with retrieval times of minutes to hours
- S3 Glacier Deep Archive: Long-lived archive data accessed less than once a year with retrieval times of hours
Amazon S3 provided four features that you can manage costs, meet regulatory requirements, reduce latency, and save multiple distinct copies of your data to meet your requirements.
- S3 lifecycle: You can configure your lifecycle policy, manage, store, transition on your object. You also can expire your object when it reaches the end of the lifecycle policy.
- S3 object locked: If you want to follow the mechanism “write once read many”, you can lock an object in storage by not allowing it to have any changes, copy, and delete.
- S3 recomplicate object: If the object has overload access that can cause some problems like spending a long time to access. You can copy the objects and their respective metadata and object tags to one or more destination buckets in the same or different AWS Regions to help solve latency, security, compliance, etc.
- S3 batch operations: Now you can scale, copy, remove, invoke million/billion objects with a few clicks on the AWS console because the batch operation will perform all processes by sequence.
Amazon S3 provides permission for you to audit and manage access to buckets and objects.
- Block public access: By default, the public access had been blocked.
- AWS identity and access management (IAM): Create the user IAM account for your AWS account to manage access to Amazon S3 resources. You can use IAM with Amazon S3 to control the type of access a user or group of users has to an S3 bucket that your AWS account owns.
- Bucket policies: Use IAM-based policy language to configure resource-based permissions for your S3 buckets and the objects in them.
- Access control lists (ACLs): By default, when another AWS account uploads an object to your S3 bucket, it means your account is the owner of this object and can access it, and can give other users access to it through ACLs. But it is not recommended to use except when you need to control access for each object individually.
- S3 object ownership: When you disable ACLs, you can easily maintain a bucket with objects uploaded by different AWS accounts because the bucket owner, owns all the objects in the bucket and can manage access to them using policies.
- Access analyzer for S3: Evaluate and monitor your S3 bucket access policies, ensuring that the policies provide only the intended access to your S3 resources.
To transform data and trigger workflows to automate a variety of other processing activities at scale, you can use the following features.
- S3 object Lambda: To modify and process data as you want to return to the application, you can add your own code to Amazon S3 GET request. Powered by AWS Lambda functions, your code runs on infrastructure that is fully managed by AWS, eliminating the need to create and store derivative copies of your data or to run proxies, all with no changes required to applications. For more detail https://docs.aws.amazon.com/AmazonS3/latest/userguide/transforming-objects.html
- Event notifications: Notify when having change or event happened in your S3 bucket.
Storage Logging and monitoring
Amazon S3 provides logging and monitoring tools that you can use to monitor and control how your Amazon S3 resources are being used.
Automate monitor tools:
- Amazon CloudWatch metrics for Amazon S3: It is a notification sent to an Amazon Simple Notification Service (Amazon SNS) topic or Amazon EC2 Auto Scaling policy when the performance reaches a user-defined threshold. CloudWatch alarms do not invoke actions simply because they are in a particular state. It can help you understand and improve the performance of applications that use Amazon S3. For more detail https://docs.aws.amazon.com/AmazonS3/latest/userguide/monitoring-automated-manual.html
- AWS cloud trails: Record actions taken by a user, a role, or an AWS service in Amazon S3. CloudTrail logs provide you with detailed API tracking for S3 bucket-level and object-level operations.
Manual monitor tools:
- Server access logging: Get detailed records for the requests that are made to a bucket. You can use server access logs for many use cases, such as conducting security and access audits, learning about your customer base, and understanding your Amazon S3 bill.
- AWS trust advisor: Evaluate your account by using AWS best-practice checks to identify ways to optimize your AWS infrastructure, improve security and performance, reduce costs, and monitor service quotas. You can then follow the recommendations to optimize your services and resources.
Analytics and Insights
- Amazon S3 storage lens: Understand, analyze, and optimize your storage. S3 Storage Lens provides 29+ usage and activity metrics and interactive dashboards to aggregate data for your entire organization, specific accounts, AWS Regions, buckets, or prefixes.
- Storage classes analysis: Analyze storage access patterns to decide when it’s time to move data to a more cost-effective storage class.
- S3 inventory with inventory reports: Audit and report on objects and their corresponding metadata and configure other Amazon S3 features to take action in Inventory reports. For example, you can report on the replication and encryption status of your objects. For a list of all the metadata available for each object in Inventory reports.
Amazon S3 provides strong read-after-write consistency for PUT and DELETE requests of objects in your Amazon S3 bucket in all AWS Regions. This behavior applies to both writes of new objects as well as PUT requests that overwrite existing objects and DELETE requests. In addition, read operations on Amazon S3 Select, Amazon S3 access control lists (ACLs), Amazon S3 Object Tags, and object metadata (for example, the HEAD object) are strongly consistent. For more information.
If this story has a mistake in the information, please message me because it is the first time that I write about Amazon S3. Thank you 😊