S3 - Simple Storage Service

S3 is an object based storage.

Files stored in s3 can be from 0 Byte to 5 TB.

Storage is unlimited in S3.

Files are created in buckets.

Whenever an S3 bucket is created, a web uri is created. That's why S3 bucket names are universally unique.

Read after Write consistency for PUTs of new objects.

Eventual Consistency for overwrite PUTs and DELETEs.

S3 provides: Tiered Storage, Lifecycle Management, Versioning, Encryption

S3 Storage Tiers:

S3 Standard

S3 Intelligent Tiering

S3 Standard-IA(Infrequent Access)

S3 One Zone-IA

S3 Glacier

S3 Glacier Deep Archive

S3 is billed based on:

Storage

Request

Storage Management

Data Transfer

Transfer Acceleration

Cross Region Replication

S3 transfer acceleration lets users to upload files to edge locations and then aws uses its backbone network to upload it to an S3 region.

S3 bucket access can be controlled by:

Bucket Policies

Object Policies

IAM Policies for Users and Groups

S3 objects can be encrypted individually or at bucket level.

S3 versioning stores all versions of an object - all writes and deletes.

Versioning cannot be disabled, only suspended.

S3 Lifecycle Management enables moving objects between different storage tiers based on time. It can be used along with versioning of objects and can be applied to current and previous versions.

S3 Object Lock is used to lock objects using Write Once, Read Many(WORM) model.

S3 Object Locks come in Governance Mode and in Compliance Mode. Object locks can applied on an object or on a bucket.

In Governance Mode, users can't overwrite or delete object version or alter its lock settings unless they have special permissions. But, some users can still be granted permission to alter the retention settings or delete the object if necessary.

In Compliance Mode, a protected object version cannot be overwritten or deleted by any user, including the root user of the account. Also, the retention mode can't be changed and its retention period cannot be shortened.

Retention Period is the time frame for which the object version is protected. After the retention period, an object can be overwritten or deleted, unless a legal hold is placed on the object version.

Legal hold prevents an object from being overwritten or deleted. But, legal hold doesn't have any associated retention period and remains in effect until removed. Legal hold can be placed or removed by any user who has the s3:PutObjectLegalHold permission.

S3 Glacier Vault Lock allows users to enable compliance controls for individual S3 Glacier vaults with a Vault Lock Policy.

S3 Prefix is the path between the bucket name and the file name.

High number of requests can be achieved based on how many prefixes are being used.

3,500 PUT/COPY/POST/DELETE and 5,500 GET/HEAD requests per second per prefix.

SSE-KMS can limit the speed of uploading and downloading data.

KMS api requests are region specific and can be any of 5,500, 10,000 or 30,000 requests per second.

Quota increase is not allowed for KMS.

Multipart upload increases performance while uploading large files to S3. It should be used for any file over 100 MB and must be used for any file over 5 GB.

S3 byte-range fetches increases the performance when downloading files from S3.