marc:linux:aws:solutionsarchitect
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| marc:linux:aws:solutionsarchitect [2023/03/02 09:57] – [S3 Basics] marcv | marc:linux:aws:solutionsarchitect [2023/03/02 11:20] (current) – [S3 Characteristics] marcv | ||
|---|---|---|---|
| Line 288: | Line 288: | ||
| * Availability: | * Availability: | ||
| * Durability: 99.999999999% (9 decimal places) **durability** for data stored in S3 (meaning data will be stored safely) | * Durability: 99.999999999% (9 decimal places) **durability** for data stored in S3 (meaning data will be stored safely) | ||
| + | |||
| + | ==== S3 Characteristics ==== | ||
| + | |||
| + | * Tiered Storage: S3 offers a range of storage classes designed for different use cases | ||
| + | * Lifecycle Management: Define rules to automatically transition objects to a cheaper storage tier or delete objects that are no longer required after a set period of time | ||
| + | * Versioning: with versioning, all versions of an object are stored and can be retrieved, **including deleted objects** | ||
| + | * Securing your data: | ||
| + | - Server-Side Encryption: You can set default encryption on a bucket to encrypt all **new** objects when they are stored in the bucket | ||
| + | - Access Control Lists (ACLs): define which AWS accounts or groups are granted access **AND** the type of access. You can attach S3 ACLs **only to individual objects within a bucket!** | ||
| + | - Bucket Policies: S3 bucket policies specify what actions are allowed or denied, e.g. allow user Alice to **PUT** but not **DELETE** objects in the bucket. These buckets are (like IAM policies) written in JSON and attached to buckets. They function on the **whole bucket!** For finer grained permissions you use the ACLs | ||
| + | - Strong Read-After-Write Consistency: | ||
| + | - After a successful write of a new object (PUT) or an overwrite of an existing object, any subsequent read request immediately receives the latest version of the object | ||
| + | - Strong consistency for list operations, so after a write you can immediately perform a listing of the objects in a bucket with all changes reflected | ||
| + | |||
| + | |||
| + | ==== Object Policies vs ACLs ==== | ||
| + | |||
| + | Object policies are given on the **bucket level**; all objects in the buckets get the same Object Policy and its permissions | ||
| + | |||
| + | ACLs are given on *individual objects**. Giving an ACL on 1 object in a bucket does not affect the other object in the same bucket. | ||
| + | |||
| + | :!: To make objects publically available, you need to configure both Object Policies and ACL on each object! | ||
| ==== S3 Tiers ==== | ==== S3 Tiers ==== | ||
| Line 297: | Line 319: | ||
| * 99.999999999% durability (11 9's) | * 99.999999999% durability (11 9's) | ||
| * Designed for Frequent Access; perfect for frequently accessed data | * Designed for Frequent Access; perfect for frequently accessed data | ||
| - | * Suitable for most workloads | + | * Suitable for most workloads: |
| + | * The default storage class | ||
| + | * Use cases include websites, content distribution, | ||
| + | |||
| + | |||
| + | |||
| + | ==== S3 Exam tips ==== | ||
| + | |||
| + | * S3 is object based which allows you to upload files | ||
| + | * Files up to 5Tb | ||
| + | * Not OS or DB storage | ||
| + | * Unlimited storage | ||
| + | * S3 is a Universal Namespace! | ||
| + | * Successful CLI or API uploads generate an HTTP 200 status code | ||
| + | * S3 objects consist of | ||
| + | - KEY (object name) | ||
| + | - VALUE (data itself) | ||
| + | - Version ID | ||
| + | - Meta data | ||
marc/linux/aws/solutionsarchitect.1677747470.txt.gz · Last modified: (external edit)
