Creating S3 Buckets

Amazon S3 is a web service that provides object storage to enable you to store flat files on the Amazon Cloud.  In part 2 of this series, we give you a demo on how to create a bucket and the various configuration options available when doing so.  Amazon S3 allows you to store data in ‘Buckets’ which are essentially folders or directories that contain your data. An important point to note here is that each ‘Bucket’ you create must have a unique name globally across the Amazon AWS Platform.

Login to your AWS Account

AWS Account

  • Under Storage & Content Delivery, select S3
  • If you have never set up an S3 bucket before, you will be presented with the ‘Welcome to Amazon Simple Storage Service’ screen with the option to create a Bucket.
  • Click on the ‘Create Bucket’ button, you will then be presented with a dialogue box to enter the ‘Bucket’ name and choose the region where you want to host the bucket.
  • Click CreateCreate an S3 Bucket

 

Bucket Properties

When you create a bucket, you are able to set a number of properties on the bucket as follows:

S3 Bucket Properties

 

  • Permissions – You can add permissions to a bucket such as making it publicly available, or you specify who is allowed access to the objects in a bucket and what actions they can perform on those objects. For example, one person might have only read permission while another might have read and write permissions.  When creating permissions, you have the option of granting permissions to ‘Everyone‘ which means that the bucket is available to the public to access.  There are also built-in groups such as  Log Delivery, which grants write access to your bucket when the bucket is used to store server access logs.
  • Static Website Hosting – You can host your static website on Amazon S3, where all your content is accessible to web browsers via the Amazon S3 website endpoint for your bucket.  Note that you cannot host any dynamic content like server-side scripting.  Key Points to Note:
    • When you configure an Amazon S3 bucket for website hosting, you essentially upload your website content to the bucket and configure an Index.HTML and Error.HTML pages for the site.  This ensures that you have standard a standard website workflow in place.  The Error.html enables a failure point to be presented to the visitor in case the index.html is not available. The website is then available at the region-specific website endpoint of the bucket:
      • <bucket-name>.s3-website-<AWS-region>.amazonaws.com
    • You can use a custom domain as well as your root domain to point to the S3 Bucket hosting your website and index.html page.  If your root domain is mycompany.com and you want to serve requests for both https://mycompany.com and https://www.mycompany.com you can create two buckets named mycompany.com and www.mycompany.com.  You must then host the website content in only one bucket, for example, mycompany.com and configure the other bucket to redirect all requests to the mycompany.com bucket,
    • You must make all your content publicly readable in a bucket in order to effectively use it as a website endpoint. You can create bucket policy or an ACL on an object to grant the necessary permissions.Important Note – If you are setting up Requester Pays buckets or DevPay buckets, you cannot access buckets via a website endpoint. Any request to such a bucket will receive a 403 Access Denied response.
    • Website Re-Direct – With S3 Website Hosting, it is possible to redirect requests for one object to another object in the same bucket or to an external URL. You can set the redirect by adding the x-amz-website-redirect-location property to the object metadata. The website then interprets the object as 301 redirects.  When you configure a bucket for website hosting, it actually has both the website endpoint and the REST endpoint. A request for a page that is configured as 301 redirect results in either of the following depending on the endpoint of the request:
    • Region-specific website endpoint – Amazon S3 redirects the page request according to the value of the x-amz-website-redirect-location property

    • REST endpoint – Amazon S3 does not redirect the page request. It returns the requested object.

  • Logging – You can log all actions that are created to the bucket.  It is recommended that you create your logs in a separate bucket from the one being logged.
  • Event – You can trigger events based on actions carried out in your bucket, such as a ‘Put’ or ‘Delete’ event.  You can then perform an action based on the event that occurred.  Events can be either an SNS or SQS event or a Lambda function.  For example, you can create an event where if you add new content to the bucket, an event will be triggered and SNS can notify you of the event, such as send you a message.  Lambda can perform various functions on the content that you have just added.  For example, you can create a Lambda function to update a database when new objects are added to an S3 Bucket.
  • Versioning – Versioning allows you keep previous versions of an object which can be later restored.  This provides an additional level of protection by providing a means of recovery for accidental deletion. Versioning-enabled buckets store all versions of your objects by default.
  • Lifecycle – Lifecycle rules enables you to automatically transition objects in your bucket based on set parameters such as time.  For example, you can automatically move an object from S3 to Glacier after 180 days which would indicate that the content is being archived and does not need to be frequently accessed. To archive the bucket to Amazon Glacier after 180 days, you would select bucket, then click Lifecycle under the Properties tab and click Add RuleLifecycle Rules
    • Under Choose Rule Target, click on Whole Bucket or Prefix and then Select Configure Rule
    • Lifecycle rules can help you reduce storage costs and you can select to move buckets and/or objects to other storage classes.  In the next section, set the Action on Object to Archive to the Glacier Storage Class and set the ‘Days after the object’s creation date’ to 180 Days.action-on-storage-object
    • Click Review
    • Set a Rule Name, Check the Rule Configuration and then click the ‘Create and Activate Rule’ buttonactivate-rule
    • Important Note – Versioning and Lifecycle Rules can work for hand on hand in that a versioning-enabled bucket can have many versions of the same object, one current version and zero or more previous versions. You can add lifecycle rules to buckets that have object versioning enabled or disabled. Using a lifecycle configuration, you can define actions specific to current and previous object versions
    • Exam Summary Points – Lifecycle Management without versioning
      • Transition to the Standard – Infrequent Access Storage Class is recommended for objects that have a minimum size of 128KB.  Files below this size will be charged at the same rate as files of 128KB
      • Transition to the Standard – Infrequent Access Storage Class has a 30-day minimum retention period
      • Transition to Glacier has a minimum of 1 Day retention period
      • In a non-versioning mode, you cannot recover objects once the Permanent Delete Action has been performed.
      • Also, Selecting Permanently Delete will not remove incomplete multipart uploads. You must select ‘End and Clean up Incomplete Multipart Uploads’ as shown in the next step to have incomplete multipart uploads removedmulti-part-uploads
      • It is possible to transition to Infrequent Access Storage Class for 30 days from creation and then move that same data to Glacier.  Later you can choose the permanently delete the object
      • To learn about how versioning and lifecycle rules can be integrated, check Part 3 of this series of S3 Exam Tips.
  • Cross-Region Replication  – This enables you to replicate every future upload of every object in one bucket to another bucket in a different region. Cross-Region Replication is designed for use in conjunction with Versioning and so only works if you have versioning enabled on both the source and target buckets. You can replicate all or a subset of the objects in a bucket based on key name prefixes. Replicated objects to target buckets are the exact replica as the source including all metadata. Amazon S3 will encrypt all data in transit using SSL. Cross-Region Replication is particularly useful in scenarios such as:
    • Compliance Requirements such as the requirement to store data in two separate regions
    • Minimise Latency by making content available to nearer to those who need it geographically
    • Operational reasons such as have compute clusters across regions which need access to local copies of the data
  • Tags – Tags enable you better manage your Amazon S3 bills.  You can aggregate by tags in your AWS Cost Allocation Report.
  • Requester Pays – Requester Pays is a very good feature to ensure that the person requesting the data pays for the data transfer from his/her own AWS Account.  Note that while Requester Pays is enabled, you cannot have anonymous access to the bucket.
  • Transfer Acceleration – Amazon S3 Transfer Acceleration is a new feature that makes data transfers into and out of Amazon S3 buckets as much as 300% faster, and only charges if there is a performance improvement

 

Adding Objects to Buckets

You can upload objects into your bucket from within the S3 web console itself.  To upload objects, click on your bucket and you will be presented with the bucket view.

bucket-view

 

  • Click Upload
  • In the pop-up box, click Add Files
  • In the next box that pops up, select the file(s) you want to upload from your computerUpload Data to S3
  • You can then click Start Upload.  However, before doing this, you can also set specific details on your object.  Click Set Details to choose between Standard Storage, Reduced Redundancy Storage, and Standard – Infrequent Access Storage.  You can also set server side encryptionset-details-on-object-upload
  • Next, you click on Set Permissions. You can then set permissions for everyone, built-in groups, users or any other groups you set up.
  • Click Start Upload to start uploading the objects to your bucket
  • Once the upload is complete, you will be able to click on the object and view its propertiesObject Properties
    Note that each object will have a unique link.  Also, note that you need to set permissions to all new objects uploaded to the bucket.  By default, no permissions are set and if you don’t set permissions on objects when you try to access the link, you will get an error.
  • Permissions – Click on the Permissions link if you did not set previously, specify a user or group and then set the required permissionsobject-permissions
    Once you have set the permissions, click Save.  You will then be able to open the file from the link.
  • Details – Here you can set the storage class on the object itself, which can be different from your Bucket.  So your bucket can be set to S3 Standard, but specific objects can be set to Reduced Redundancy should you not require the extra durability on a specific object.  You also set server side encryption.

 

Additional Exam Tips

 

180 Practice Exam Questions – Get Prepared for your Exam Day!

Our Exam Simulator with 180 practice exam questions comes with comprehensive explanations that will help you prepare for one of the most sought-after IT Certifications of the year.  Register Today and start preparing for your AWS Certification.