In the previous post, we talked about What is Amazon S3? In this post we will highlight some of the features of Amazon S3 and how can we utilise them to be beneficial in day to day operations.
Bucket Policy allows you to set some permissions on the bucket using IAM policies on AWS. One example can be to deny access to the bucket based on the user role. If a user does not have a specific role defined for them, deny them access to the bucket. The policies are also utilised to give the public access to the bucket or giving access to a specific service to perform actions on the data stored in the bucket.
Amazon S3 allows you to handle the lifecycle of an object stored in it. There are two events allowed for handling various operations using the lifecycle of an object.
- Transition Action: This action is helpful when you want to move objects to another storage class. You can configure S3 to move your data to a different storage class on a defined schedule. Let's assume you have data stored in an S3 bucket. You can define a rule stating that if the data is not accessed frequently for 60 days, move to a different storage class like infrequent access. If the objects are still not accessed for another 60 days after they have been moved to an infrequent access class, move them to an archival class like Glacier. This allows you to auto roll and changes the storage class of the objects which are not utilised and save cost on storage. One important point to note is that this action applies to the current version of the object if versioning is enabled.
- Expiration Action: This action is helpful when you want to remove the object after a period of time. Any objects which are marked as expired will no longer be available for access. Similar to the above action, the deletion of the object will be dependent on the versioning setup of the bucket. If the bucket has no versioning setup, the object will be deleted.
Amazon S3 also has some in-built features which can be used for data protection. Some of them are:
- Cross-region Replication: This feature allows you to auto-replicate the data stored in one region of the Amazon S3 to another region in AWS. The redundancy in data protects it from the region or any other failures which can have a bad effect on the business.
- Versioning: As I mentioned above, the versioning can be enabled on the bucket to version objects and store them with all the changes. Only the latest version of the object is available for access. Problems like unintentional erase to overwriting an object can be solved using versioning as you will always have a previous version stored in the bucket.
- Data Encryption: Data stored in the Amazon S3 can be encrypted using Amazon KMS keys. Once a key is generated, the server-side encryption will make sure only you can access the objects if you own the key which is utilised in encrypting them.
Amazon S3 can be utilised to configure the hosting of the static sites using its hosting property. You can save a website or any compiled web app built in react or angular and with the combination of Amazon Cloudfront, they can be used using Amazon S3 only.
These are some of the features of Amazon S3 which are widely used. There are other features that we have not covered and can be utilised in some of the use cases depending on the app you are building. I will keep on posting some of the usages of Amazon S3 in various architecture or deployment strategies.