S3 and Storage Classes
Amazon S3 (Simple Storage Service) is one of the most widely used cloud services. It provides object storage with virtually unlimited capacity, 99.999999999% durability, and multiple storage classes optimized for different access patterns.
S3 Storage Classes
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Storage Class β Use Case β Retrieval β
ββββββββββββββββββββββββΌββββββββββββββββββΌβββββββββββββββ€
β S3 Standard β Frequently β Instant β
β β accessed data β β
ββββββββββββββββββββββββΌββββββββββββββββββΌβββββββββββββββ€
β S3 Standard-IA β Infrequent β Instant β
β (Infrequent Access) β but rapid accessβ β
ββββββββββββββββββββββββΌββββββββββββββββββΌβββββββββββββββ€
β S3 One Zone-IA β Re-creatable β Instant β
β β infrequent data β β
ββββββββββββββββββββββββΌββββββββββββββββββΌβββββββββββββββ€
β S3 Glacier Instant β Archive, ms β Milliseconds β
β Retrieval β retrieval β β
ββββββββββββββββββββββββΌββββββββββββββββββΌβββββββββββββββ€
β S3 Glacier Flexible β Archive, hours β Minutes-hoursβ
β β retrieval β β
ββββββββββββββββββββββββΌββββββββββββββββββΌβββββββββββββββ€
β S3 Glacier Deep β Archive, rare β Up to 48hrs β
β Archive β access β β
ββββββββββββββββββββββββ΄ββββββββββββββββββ΄βββββββββββββββ
S3 Key Features
Versioning: Keep multiple versions of an object. Protects against accidental deletion and overwrites.
Lifecycle Policies: Automatically transition objects between storage classes. Example: move to Glacier after 90 days, delete after 365 days.
Static Website Hosting: Host entire websites directly from S3 buckets with CloudFront for global delivery.
Event Notifications: Trigger Lambda functions, SNS topics, or SQS queues when objects are created or deleted.
Bucket Policies
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowPublicRead",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-public-bucket/*"
}
]
}
Common patterns:
- Public website hosting (allow * to GetObject)
- Cross-account access (allow specific AWS accounts)
- Deny non-SSL access (require HTTPS)
Best Practices
Enable versioning on important buckets. Use lifecycle policies to optimize costs. Enable access logging for security audits. Use S3 Transfer Acceleration for global uploads. Implement bucket policies with least privilege. Enable server-side encryption for sensitive data.