Summary and Quiz

Get a refresher on the Simple Storage Service section, and take a short quiz to test your knowledge.

We'll cover the following

Summary
Test your knowledge

This lesson will summarize what we have learned about Simple Storage Service (S3). Also, we'll test our knowledge through a quiz.

Summary

Here is a summary of key takeaways from the Simple Storage Service (S3) section:

S3 access management: We learned the key security mechanisms to secure an S3 bucket:
- Resource-based policies: These are IAM policies that attach to a bucket and define which IAM user or role is allowed to access the bucket in the principal element.
- ACLs: These are attached to the S3 buckets and their objects as a sub-resource to define the allowed users and allowed actions.
- Access grants: These explicitly grant permissions to entities, such as users, groups, or services, to perform specific actions on S3 buckets and objects. Each Access Grant instance can give up to 100,000 grants.
- Block Public Access Settings: These restrict public access to a bucket. Block public access provides four settings to manage access, which apply to buckets, users, and access points.
S3 static website hosting: S3 allows to host static websites designed in HTML, CSS, and JavaScript. These websites are accessible over a unique bucket website URL after enabling static website hosting.
Object versioning: S3 allows us to enable versioning on an S3 bucket to prevent accidental overwriting and deletion of objects. Through S3 Object versioning, we can restore the previous version of an object.
S3 replication: To increase fault tolerance, S3 allows us to replicate objects and original metadata across buckets. S3 Replication allows real-time and batch replication across regions and accounts.
Performance optimization: S3 encourages some practices to optimize performance, which include avoiding bottleneck prefixes, monitoring slow 500 slow-down errors, timeouts, and retries, and maximizing throughput through parallelism, S3 Transfer Acceleration, and Common Runtimes.
PreSigned URLs: S3 offers PreSigned URLs to grant temporary access to users to download and upload objects. PreSigned URLs reflect the IAM permissions of the generator of the URL.
S3 events: These allow us to invoke AWS services such as Lambda function, EventBridge, SQS, and SNS in response to events such as uploading or downloading objects to a bucket.
S3 Batch Operations: These allow us to perform a similar operation on a batch of objects in a bucket. The S3 Batch Operations job creates a task for each object, allowing us to monitor the progress and generate the results after the completion of the job.
S3 object storage classes: S3 offers various storage classes with variable costs and retrieval times. These storage classes can be categorized among three major access tiers.
- Frequent access: The S3 standard class is the one with the lowest access latency and highest cost. Thus, it is used for the most frequently accessed objects.
- Infrequent access: S3 offers S3 Standard Infrequent Access and S3 Standard One Zone Express IA for infrequently accessed objects.
- Archive: S3 offers three storage classes for archival: S3 Glacier Flexible Retrieval. S3 Glacier Instant Retrieval and S3 Glacier Deep Archive. These storage classes vary in cost and the time required to restore the object.
- S3 Intelligent-Tiering: This storage class automates the transition of objects between multiple storage classes based on the access pattern.
S3 lifecycle policies: The life cycle policies allow us to automate transitioning and expiring objects after a specific time period.
Access points: These enable us to get and put objects into a bucket through S3 access endpoints. Each access point has its own policy attached to it; thus, we can define multiple access configurations with access points.
S3 Object Lambda: These invoke a Lambda function when an access point is accessed and allow us to add business logic to process the data before it is downloaded from a bucket.
S3 Select and S3 Glacier Select: This mechanism allows us to fetch only a subset of data from a large object stored in the S3 Standard of S3 Glacier Instant Retrieval. This decreases time latency and costs required to fetch an object.

Get hands-on with 1200+ tech skills courses.

Introduction

AWS Fundamentals

Understanding Cloud Computing Essentials— From Zero to Hero

Identity and Access Management

Securing AWS Resources: Managing Access with IAM

AWS IAM Permission Boundaries

Using AWS IAM Access Analyzer

Compute Services

Understanding AWS Compute Services — From Zero to Hero

Amazon EC2: Elastic Compute Cloud

Working with Instances: An Amazon EC2 Walkthrough

Managing Instance Volumes Using EBS

Networking

Understanding Networking Services in AWS—From Zero to Hero

Controlling VPC Traffic Using Network ACLs

Managing Peer Connections between Amazon Virtual Private Clouds

Accessing AWS Services over AWS PrivateLink Using VPC Endpoints

Monitoring IP Traffic Using VPC Flow Logs

Route 53

Serverless Computing

Getting to Know AWS Lambda

Building and Deploying Serverless Applications with AWS SAM

Developing RESTful Microservices with API Gateway and DynamoDB

Building a WebSocket-Based Chat Application Using API Gateway

Mastering AWS AppSync Lambda Resolvers

Application Integration

Getting Started with Amazon Simple Queue Service (SQS)

Handling Amazon SNS Notifications with AWS Lambda

Build a Fanout Serverless Architecture using SNS, SQS, and Lambda

Decoupling Serverless Applications with Amazon EventBridge

Getting Started with AWS Step Functions

Containers

Getting Started with Amazon ECS

Create an EKS Cluster and Deploy an Application

High Availability and Scalability

Managing Application Traffic Using Elastic Load Balancers

Understanding Auto Scaling Group (ASG) in AWS

Mastering Amazon EC2 Dynamic Scaling Policies

Storage

Understanding AWS Storage Options—From Zero to Hero

Simple Storage Service (S3)

Working with AWS S3 Cross-Region Replication

Resizing Images with S3 Batch Operations and AWS Lambda

Managing Data Access with Amazon S3 Access Points

File Storage and Transfer

Getting Started with Amazon FSx for Windows File Server

Databases

Working with Relational Databases: A Beginner's Guide to AWS RDS

Getting Started with Amazon Aurora Database Engine

Working with NoSQL Databases: A Beginner's Guide to AWS DynamoDB

Exploring Graphs with Amazon Neptune

Getting Started with Amazon Keyspaces

Achieving Ultra-Fast Performance Using Amazon MemoryDB for Redis

Improving Database Performance with Amazon ElastiCache for Redis

Migration and Transfer

Use of AWS Database Migration Service from Aurora MySQL to S3

Security and Compliance

Getting Started with AWS Key Management Service (KMS)

Encrypting S3 Buckets and EBS Volumes Using KMS

Protecting Web Applications Using AWS WAF

Managing Aurora DB Credentials and API Keys Using Secrets Manager

Finding Vulnerabilities on EC2 Instances Using AWS Inspector

Deployment Services

Mastering AWS Deployment Services—From Zero to Hero

CloudFormation

Getting to Know AWS CloudFormation

AWS CloudFormation Updates: Change Sets and Stack Policies

Mastering AWS CloudFormation Helper Scripts

Machine Learning

Understanding Machine Learning Services on AWS—From Zero to Hero

Deploying a Machine Learning Model with Amazon SageMaker

Getting started with Amazon Fraud Detector

Build an Educative Chatbot with Conversational AI Using AWS Lex

Content Delivery and Optimization

Analytics

Analyzing S3 Data and CloudTrail Logs Using Amazon Athena

Getting Started with Amazon EMR

Getting Started with Amazon Redshift

Building ETL Pipelines on AWS

Create a Data Lake with Lake Formation and Analyze It with Athena