What is Amazon Simple Storage Service (AWS S3)?

What is Amazon S3?

Amazon Simple Storage Service (Amazon S3) is a safe, secure place to store files that exist on the internet. Web-scale computing is made easier with this AWS S3.

The S3 web services interface allows you to store and retrieve any amount of data almost anywhere on the web, and is available at any time. With high scalability, reliable, fast, and affordable data storage, AWS enables all developers to use the same dependable, scalable, fast, and inexpensive data storage architecture that Amazon uses to operate its own worldwide network of web sites.

Why Amazon S3?

Amazon S3 is a storage utility that provides ease of use from anywhere a customer needs to be.  Data is available to be stored, withdrawn, or transferred over to another instance when you need it.  It frees up developers’ attention by letting them focus on innovation rather than whether or not their data is safe.

Scalable, durable, and available

Data under S3 storage reaches 99.99999999999% of data durability because copies of your data are automatically made and placed onto other availabilities relatively local to the original instance.  Additionally, S3 provides strong read-after-write consistency without putting a damper on performance or availability.  If you’re interested in specifics, more information can be found here.

Cost-effective storage classes

Classes offer different access levels at corresponding rates.  To maximize efficiency, S3 Storage Class Analysis can be used to sort out data that should be moved to lower-cost storage based on the frequency of use.  With further tiering, it’s easy to establish an automated cycle from which data can be cycled in and out of lower-cost storage whenever it’s needed.  For further details, look here for how to optimize costs and here for specifics on individual S3 classes.

Security and Auditing

Amazon S3 comes with a battery of security, encryption, and access management tools.  S3 maintains compliance with a number of security standards such as FedRAMP and FISMA, and can encrypt at the bucket level.  Amazon Macie helps with identifying sensitive data and encrypting it.  For more information on Amazon Macie, you can read it here.  Details on security and S3’s security compliance can be found here and here respectively.

Query-in-place and process on-request

Integral with the storage is a number of tools meant for data analysis and managing specific substs of the data set.  These tools can be further adjusted to your personal preference using S3 Object Lambda.

Heavily supported

The AWS Partner Network (APN) is a collective of consultants and technology service providers that can provide assistance in anything from the migration process to disaster recovery.  Alternatively, solutions can be purchased directly from the AWS Marketplace.

Amazon S3 features

S3 comes with a multitude of tools aimed at assisting your goals and streamlining the storage bucket so that it remains cost-efficient and secure.

S3 Object Lambda

Object Lambda allows users to insert their own code into S3 GET requests to modify and access data when it is returned to an application.  More information can be found here.

S3 Storage Lens

The Storage Lens is a cloud analytics solution that offers insight organization-wide on a variety of solutions and best practices for running the storage bucket more efficiently and safely.  More information can be found here.

S3 Intelligence Tiering

Intelligence Tiering automatically moves objects to lower-cost buckets based on the relative frequency with which the information is accessed.  Such objects are then moved to lower-tier buckets where they can save upward of 40% on storage costs.  More information can be found here.

S3 Access Points.

Access Points are unique hostnames you establish to apply permissions and controls within your network.  They can also be scaled for a variety of applications that utilize and varying data types.  More information can be found here.

S3 Batch Operations

Batch Operations is the means by which you will be micromanaging tasks in parallel.  Starting with a list of objects, jobs are given a set of parameters to specify the type of operation and actions to perform.  In the meantime, operations will log and file reports of the changes made.  More information can be found here.

S3 Block Public Access

This ensures objects in the bucket are not given public access permissions.  If you want these permissions granted, Block Public Access can be toggled off at any time.  More information can be found here.

Object Storage Classes

 There are a plethora of bucket classes on offer that differ in pricing, functionality, and features.  For more specific details, all the listed classes are explained in full here.

Standard

This is the most basic offering, featuring all of the security and backup features the other classes have.  It is highly available, resilient against failures in other availability zones, objects can be automatically rotated to other class buckets, and is set to a low latency with high throughput.  It is good for general situations.

Intelligence-Tiering

This class will automatically sort objects into different tier buckets based on the frequency of use.  At the low price of a tiering fee and monitoring cost, objects will be placed into one of four tiers where storage costs will be significantly lower.  This is good for when access patterns for certain objects are relatively unpredictable.

Standard Infrequency Access (Standard-IA)

This class follows its namesake and stores objects with a lower per-GB storage fee and lower retrieval fee.  With low cost and high performance, this is most ideal for long-term storage, backups, and disaster recovery.

One Zone-Infrequent Access (One Zone-IA)

This class is for objects that are accessed less frequently but will require rapid access when needed.  Unlike most other classes, One Zone-IA stores objects in a single class and saves up to 20% compared to Standard-IA.  This class is most ideal for objects that are not frequently used but don’t require the resilience of Standard or Standard-IA.

Glacier

 This class is optimized for data archiving, putting it equivalent to or cheaper than on-site storage.  Retrieval times can be configured to be from a few minutes to hours.

Glacier Deep Archive

This class is the lowest-priced storage class, designed for objects that will only be accessed only a few times a year.  Furthermore, it is meant to replace traditional on-site data libraries.  Ideally, this is meant for customers within highly regulated industries where long-term storage of certain data sets is mandatory.

Outpost

The outpost is a locally deployable instance while still retaining all of its ease of use and security features.  This class is meant for customers who have local data residency requirements, and applications that perform better when the data is on-site.

Amazon S3 Security

S3 offers several security utilities to control how public your data is, who gets access, and providing monitoring while helping you to meet regulatory requirements (see: S3 Block Public Access).

Object Lock

This blocks objects from being deleted during a time period of your definition.  This is good as either an additional layer of security or for meeting regulatory requirements.

AWS Trusted Advisor

AWS automatically inspects your environment and provides recommended courses of action for adjustments to your security and opportunities.

AWS Macie

As mentioned earlier, Macie works akin to a secretary, giving you insight into your inventory and constantly evaluating your storage’s security.  Furthermore, Macie was designed with the intent of sorting out potential loopholes - such as unprotected personal information - and provides you with steps to handle such issues.

Identity and Access

When you get started, S3 is set to being completely private with you as the sole owner to ensure you are secure.  From here, you are completely in control over who has access to your resources.  Policy options are either classified as resource-based policies, user policies, or a mix of both.

AWS PrivateLink for S3

PrivateLink acts as a private endpoint in your network, streamlining much of the security architecture.  It simplifies the need for public IPs, configuring firewalls, and configuring internet gateways into your network.  More information can be found here.

Amazon S3 Pricing

Like all AWS infrastructure, S3 only requires that you pay for what you use with no minimum fee right out of the gate.  The only additional costs are for the utilities you use to manipulate the stored data, including retrieval requests, data transfers, management and analytics tools, replication tools, and Object Lambda.  All the values for calculating your costs can be found here.

Free Tier

It is understandable if you are initially hesitant about getting started with S3.  If you want to test the hardware before truly investing in an S3 bucket, there is a free trial on offer, granting users 5GB of free storage, 20,000 get requests, and 2,000 put requests all free of charge for a year.

AWS Pricing Calculator

If you are feeling more prepared to start an S3 bucket, the pricing calculator can be found here to providing a concrete estimate of your costs.

Getting Started

We are willing to help you fully set up your network.  At your disposal are several videos and resources to give you a better understanding of how S3 works.

Amazon S3 Support

Need some extra help optimizing your AWS S3 instances for peak performance? AllCode is an AWS Select Consulting Partner with 10+ years of experience developing cloud-based solutions for enterprise-scale applications.

Amazon trusts and recommends our services to businesses who need a hand or who are looking to cloudsource their technology stack. We are the experts to guide you down the path for successful use of cloud services.

Related Articles