AWS Certified Cloud Practitioner CLF-C01 S3

Cloud Native type. Amazon S3 is ont of the main building blocks of AWS (무한확장 storage).

S3 Use cases

• Backup and storage
• Disaster Recovery
• Archive
• Hybrid Cloud storage
• Media hosting
• Data lakes & big data analytics
• Software delivery
• Static website
  S3는 global unique name이어야 하지만, 버킷(directory)은 지역에서 만들어진다.

모든 objects(files)은 키가 있고, 키는 기본적으로 prefix + object name으로 이루어져 있다.

s3://my-bucket/my_folder/another_folder/my_file.txt
디렉토리가 존재하는 것이 아닌 그저 '/'가 붙은 긴 형태의 키이다. 최대 사이즈는 5TB이고, 5GB이상 업로드 시, "multi-part upload"를 해야한다.

S3 Security

• User based : iam polices
• Resource Based : bucket policies, object access control list(ACL)

S3 Bucket Policies

1. JSON based policies
2. Grant public access to the bucket
3. Force objects to be encrypted at upload
4. Grant access to another account

S3 Versioning

• version my files in Amazon S3
• it is enabled at the bucket level
• same key overwrite will increment the version 1,2,3
• protext against unintended deletes
• easy roll back to previous version

S3 Replication

• must enable versioning
• Cross Region Replication, Same Region Replication, Buckets can be in different accounts.
• must give proper IAM permissions to S3

S3 Storage Classes

• Amazon S3 Standard-General Purpose : Big Data analytics, mobile & gaming applications, content distribution
• Amazon S3 Standard-Infrequent Access : Disaster Recovery, backups (rapic access when needed but less frequently accessed)
• Amazon S3 One Zone-Infrequent Access: : data is lost when AZ is destroyed. Storing secondary backup copies of on-premise data
• Amazon S3 Glacier Instant Retrieval:
  low-cost object storage. Pricing for storage+object retrieval cost.
• Amazon S3 Glacier Flexible Retrieval: Expedited(1-5min), Standard(3-5h), Bulk(5-12h)(free). Minimum storage duration of 90 days.
• Amazon S3 Glacier Deep Archive:
  long term storage. Standard(12h), Bulk(48h). Minimum storage duration of 180days.
• Amazon S3 Intelligent Tiering:
  small monthly monitoring and auto-tiering fee. No retrieval charges in S3 Intelligent-Tiering

S3 Encryption

• No Encryption
• Server-Side Encryption
• Client-Side Encrtpyion

AWS Snow Family

Highly-secure, portable devices to collect and process data at the edge, and migrate data into and out of AWS.

• Data Migration: Snowcone,Snowball,Snowmobile
• Edge Computing: Snowcone,Snowball
  If it takes more than a week to transfer over the network, use Snowball devices!

OpsHub

desktop application to manage Snow Family devices.

Hybrid Cloud for Storage-Amazon Storage Gateway

온 프레미스 + 클라우드
S3 is a proprietary storage technology, unlike EFS/NFS. So we have to use AWS Storage Gateway.