SlideShare a Scribd company logo

AWS August Webinar Series - S3 Deep Dive

Download as PPTX, PDF
Amazon Web Services
Amazon Web Services

Learn about new and existing Amazon S3 features that can help you better protect your data, save on cost, and improve usability, security, and performance. This webinar will cover a wide variety of Amazon S3 features and go into depth on several newer features so you can apply the learnings to your object storage workloads. Learning Objectives: • In-depth learning on both new and existing Amazon S3 features • Best practices for improving usability, security and performance • Leveraging lifecycle management to optimize storage costs Who Should Attend: • Developers, system administrators

Technology
1 of 30
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Guy Farber 8/20/2015 Amazon S3: Deep Dive and Best Practices
Amazon S3: Year in Review Advanced Capabilities 2014-2015 Server Side Encryption for KMS Lifecycle Management for Versioning Cross Region Replication VPC Private Endpoints New for July 2015 • Amazon S3 Delete event notifications • CloudWatch metrics for S3 Storage • Bucket limit increase
Amazon S3 server-side encryption
S3 Server-side encryption options SSE with Amazon S3 managed keys “Check-the-box” to encrypt your data at rest SSE with customer provided keys You manage your encryption keys and provide them for PUTs and GETS SSE with Amazon Key Management Service managed keys Keys managed centrally in AWS KMS with permissions and auditing of usage
SSE using KMS Amazon S3 AWS KMSRequest Policy Keys managed centrally in Amazon KMS with permissions and auditing of usage
Versioning + lifecycle policies
Preserve, retrieve, and restore every version of every object stored in your bucket S3 automatically adds new versions and preserves deleted objects with delete markers Easily control the number of versions kept by using lifecycle expiration policies Easy to turn on in the AWS Management Console Key = photo.gif ID = 121212 Key = photo.gif ID = 111111 Versioning Enabled PUT Key = photo.gif S3 versioning
Use Amazon Glacier for lowest-cost, durable cold storage of archival data Use Amazon S3 for reliable, durable primary storage Use Amazon S3 Reduced Redundancy Storage for secondary backups at a lower cost RRS Optimize your storage spending by tiering on AWS
Key prefix “logs/” Transition objects to Glacier 30 days after creation Delete 365 days after creation date <LifecycleConfiguration> <Rule> <ID>archive-in-30-days</ID> <Prefix>logs/</Prefix> <Status>Enabled</Status> <Transition> <Days>30</Days> <StorageClass>GLACIER</StorageClass> </Transition> <Expiration> <Days>365</Days> </Expiration> </Rule> </LifecycleConfiguration S3 lifecycle policies
Amazon S3 cross-region replication
Source (Virginia) Destination (Oregon) • Only replicates new PUTs. Once S3 is configured, all new uploads into a source bucket will be replicated • Entire bucket or prefix based • 1:1 replication between any 2 regions • Versioning required Use cases Compliance - store data hundreds of miles apart Lower latency - distribute data to regional customers) Security - create remote replicas managed by separate AWS accounts S3 cross-region replication Automated, fast, and reliable asynchronous replication of data across AWS regions
Details on Cross-Region Replication Versioning - Need to enable S3 versioning for the source and destination buckets. Lifecycle Rules - You can choose to use Lifecyle Rules on the destination bucket to manage older versions by deleting them or migrating them to Amazon Glacier. Determining Replication Status - Use the HEAD operation on a source object to determine its replication status. Region-to-Region - Replication always takes place between a pair of AWS regions. You cannot use this feature to replicate content to two buckets that are in the same region. New Objects - Replicates new objects and changes to existing objects. Use S3 COPY to replicate existing objects
Amazon S3 VPC endpoints
Prior to S3 VPCE S3 virtual private endpoint (VPCE) Using S3 VPCE Public IP on EC2 Instances and IGW Private IP on EC2 Instances and NAT Access S3 using S3 Private Endpoint (VPE) without using NAT instances or Gateways Increased security Amazon S3 S3
Creating and using VPCE Open the VPC Dashboard and Select the desired region. Locate the Endpoints item in the navigation bar and click on it
Creating and using VPCE If you have already created some VPC Endpoints, they will appear in the list:
Creating and using VPCE Now click on Create Endpoint, choose the desired VPC, and customize the access policy (if you want):
Creating and using VPCE Now choose the VPC subnets that will be allowed to access the endpoint:
Security: Allow a specific VPC Endpoint access to my S3 bucket and vice versa { "Id": "Policy1415115909152", "Statement": [ { "Sid": "Stmt1415115903450", "Action": "s3:*", "Effect": "Deny", "Resource": ["arn:aws:s3:::my_secure_bucket", "arn:aws:s3:::my_secure_bucket/*"] "Condition": { "ArnNotEquals": { "aws:sourceVpe": " arn:aws:ec2:us-east-1:account:vpc/vpce-123abc" } }, "Principal": "*" } ] }
Amazon S3 event notifications
Amazon S3 event notifications Delivers notifications to Amazon SNS, Amazon SQS, or AWS Lambda when events occur in Amazon S3 S3 Events SNS topic SQS queue Lambda function Notifications Support for notification when objects are created via PUT, POST, Copy, or Multipart Upload. Support for notification when objects are deleted, as well as with filtering on prefixes and suffixes for all types of notifications. Foo() { … }
What’s in it for you? Integration - A new surface on the Amazon S3 “building block” for event- based computing Speed - typical time to send notifications is less than a second Simplicity - Avoids proxies or polling to detect changes Notifications List/Diff or Proxy
Use cases
S3 storage metrics
S3 Storage Metrics Monitor and set alarms on Amazon S3 storage usage through CloudWatch Supported metrics include: Total bytes for Standard Storage, Total bytes for Reduced-Redundancy Storage (RRS), Total number of objects for a given S3 bucket.
Bucket limit increase
Bucket limit increase Up to 100 buckets by default Prefixes (virtual directories) can sometimes be used instead of buckets by assigning a specific prefix per user or project: • examplebucket/UserStorage/GuyFarber/ • examplebucket/UserStorage/OmairGillani/ • Prefix support for bucket level policies such as lifecycle and cross-region replication Some use cases require dedicated buckets • Region specific application deployments • Charge-backs • Life-cycle rule per user
Bucket limit increase You can now increase your Amazon S3 bucket limit per AWS account Open a case to request additional buckets by visiting AWS Support Center
Read-after-write consistency for the AWS US- Standard region Read-after-write consistency allows you to retrieve objects immediately after creation in S3. Now we have consistent consistency model across all AWS regions  Previously: buckets in the US Standard Region provided eventual consistency for newly created objects
Q&A Learn more at: http://aws.amazon.com/s3 gfarber@amazon.com

Recommended

How to Accelerate the Adoption of AWS and Reduce Cost and Risk with the Help ...
How to Accelerate the Adoption of AWS and Reduce Cost and Risk with the Help ...How to Accelerate the Adoption of AWS and Reduce Cost and Risk with the Help ...
How to Accelerate the Adoption of AWS and Reduce Cost and Risk with the Help ...Amazon Web Services
 
AWS August Webinar Series - Analyze Mobile App Data and Build Predictive Appl...
AWS August Webinar Series - Analyze Mobile App Data and Build Predictive Appl...AWS August Webinar Series - Analyze Mobile App Data and Build Predictive Appl...
AWS August Webinar Series - Analyze Mobile App Data and Build Predictive Appl...Amazon Web Services
 
AWS Mobile Hub Overview
AWS Mobile Hub OverviewAWS Mobile Hub Overview
AWS Mobile Hub OverviewAmazon Web Services
 
Securing your content and media workflows on AWS
Securing your content and media workflows on AWSSecuring your content and media workflows on AWS
Securing your content and media workflows on AWSAmazon Web Services
 
Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Amazon Web Services
 
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 

Recommended

How to Accelerate the Adoption of AWS and Reduce Cost and Risk with the Help ...
How to Accelerate the Adoption of AWS and Reduce Cost and Risk with the Help ...How to Accelerate the Adoption of AWS and Reduce Cost and Risk with the Help ...
How to Accelerate the Adoption of AWS and Reduce Cost and Risk with the Help ...Amazon Web Services
 
AWS August Webinar Series - Analyze Mobile App Data and Build Predictive Appl...
AWS August Webinar Series - Analyze Mobile App Data and Build Predictive Appl...AWS August Webinar Series - Analyze Mobile App Data and Build Predictive Appl...
AWS August Webinar Series - Analyze Mobile App Data and Build Predictive Appl...Amazon Web Services
 
AWS Mobile Hub Overview
AWS Mobile Hub OverviewAWS Mobile Hub Overview
AWS Mobile Hub OverviewAmazon Web Services
 
Securing your content and media workflows on AWS
Securing your content and media workflows on AWSSecuring your content and media workflows on AWS
Securing your content and media workflows on AWSAmazon Web Services
 
Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM Amazon Web Services
 
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a serviceAmazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWSAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising EssentialsAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 
Come costruire un'architettura Serverless nel Cloud AWS
Come costruire un'architettura Serverless nel Cloud AWSCome costruire un'architettura Serverless nel Cloud AWS
Come costruire un'architettura Serverless nel Cloud AWSAmazon Web Services
 
AWS Serverless per startup: come innovare senza preoccuparsi dei server
AWS Serverless per startup: come innovare senza preoccuparsi dei serverAWS Serverless per startup: come innovare senza preoccuparsi dei server
AWS Serverless per startup: come innovare senza preoccuparsi dei serverAmazon Web Services
 
Crea dashboard interattive con Amazon QuickSight
Crea dashboard interattive con Amazon QuickSightCrea dashboard interattive con Amazon QuickSight
Crea dashboard interattive con Amazon QuickSightAmazon Web Services
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 

More Related Content

More from Amazon Web Services

Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 
Come costruire un'architettura Serverless nel Cloud AWS
Come costruire un'architettura Serverless nel Cloud AWSCome costruire un'architettura Serverless nel Cloud AWS
Come costruire un'architettura Serverless nel Cloud AWSAmazon Web Services
 
AWS Serverless per startup: come innovare senza preoccuparsi dei server
AWS Serverless per startup: come innovare senza preoccuparsi dei serverAWS Serverless per startup: come innovare senza preoccuparsi dei server
AWS Serverless per startup: come innovare senza preoccuparsi dei serverAmazon Web Services
 
Crea dashboard interattive con Amazon QuickSight
Crea dashboard interattive con Amazon QuickSightCrea dashboard interattive con Amazon QuickSight
Crea dashboard interattive con Amazon QuickSightAmazon Web Services
 

More from Amazon Web Services (20)

Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 
Come costruire un'architettura Serverless nel Cloud AWS
Come costruire un'architettura Serverless nel Cloud AWSCome costruire un'architettura Serverless nel Cloud AWS
Come costruire un'architettura Serverless nel Cloud AWS
 
AWS Serverless per startup: come innovare senza preoccuparsi dei server
AWS Serverless per startup: come innovare senza preoccuparsi dei serverAWS Serverless per startup: come innovare senza preoccuparsi dei server
AWS Serverless per startup: come innovare senza preoccuparsi dei server
 
Crea dashboard interattive con Amazon QuickSight
Crea dashboard interattive con Amazon QuickSightCrea dashboard interattive con Amazon QuickSight
Crea dashboard interattive con Amazon QuickSight
 

Recently uploaded

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

AWS August Webinar Series - S3 Deep Dive

  • 1. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Guy Farber 8/20/2015 Amazon S3: Deep Dive and Best Practices
  • 2. Amazon S3: Year in Review Advanced Capabilities 2014-2015 Server Side Encryption for KMS Lifecycle Management for Versioning Cross Region Replication VPC Private Endpoints New for July 2015 • Amazon S3 Delete event notifications • CloudWatch metrics for S3 Storage • Bucket limit increase
  • 4. S3 Server-side encryption options SSE with Amazon S3 managed keys “Check-the-box” to encrypt your data at rest SSE with customer provided keys You manage your encryption keys and provide them for PUTs and GETS SSE with Amazon Key Management Service managed keys Keys managed centrally in AWS KMS with permissions and auditing of usage
  • 5. SSE using KMS Amazon S3 AWS KMSRequest Policy Keys managed centrally in Amazon KMS with permissions and auditing of usage
  • 7. Preserve, retrieve, and restore every version of every object stored in your bucket S3 automatically adds new versions and preserves deleted objects with delete markers Easily control the number of versions kept by using lifecycle expiration policies Easy to turn on in the AWS Management Console Key = photo.gif ID = 121212 Key = photo.gif ID = 111111 Versioning Enabled PUT Key = photo.gif S3 versioning
  • 8. Use Amazon Glacier for lowest-cost, durable cold storage of archival data Use Amazon S3 for reliable, durable primary storage Use Amazon S3 Reduced Redundancy Storage for secondary backups at a lower cost RRS Optimize your storage spending by tiering on AWS
  • 9. Key prefix “logs/” Transition objects to Glacier 30 days after creation Delete 365 days after creation date <LifecycleConfiguration> <Rule> <ID>archive-in-30-days</ID> <Prefix>logs/</Prefix> <Status>Enabled</Status> <Transition> <Days>30</Days> <StorageClass>GLACIER</StorageClass> </Transition> <Expiration> <Days>365</Days> </Expiration> </Rule> </LifecycleConfiguration S3 lifecycle policies
  • 11. Source (Virginia) Destination (Oregon) • Only replicates new PUTs. Once S3 is configured, all new uploads into a source bucket will be replicated • Entire bucket or prefix based • 1:1 replication between any 2 regions • Versioning required Use cases Compliance - store data hundreds of miles apart Lower latency - distribute data to regional customers) Security - create remote replicas managed by separate AWS accounts S3 cross-region replication Automated, fast, and reliable asynchronous replication of data across AWS regions
  • 12. Details on Cross-Region Replication Versioning - Need to enable S3 versioning for the source and destination buckets. Lifecycle Rules - You can choose to use Lifecyle Rules on the destination bucket to manage older versions by deleting them or migrating them to Amazon Glacier. Determining Replication Status - Use the HEAD operation on a source object to determine its replication status. Region-to-Region - Replication always takes place between a pair of AWS regions. You cannot use this feature to replicate content to two buckets that are in the same region. New Objects - Replicates new objects and changes to existing objects. Use S3 COPY to replicate existing objects
  • 13. Amazon S3 VPC endpoints
  • 14. Prior to S3 VPCE S3 virtual private endpoint (VPCE) Using S3 VPCE Public IP on EC2 Instances and IGW Private IP on EC2 Instances and NAT Access S3 using S3 Private Endpoint (VPE) without using NAT instances or Gateways Increased security Amazon S3 S3
  • 15. Creating and using VPCE Open the VPC Dashboard and Select the desired region. Locate the Endpoints item in the navigation bar and click on it
  • 16. Creating and using VPCE If you have already created some VPC Endpoints, they will appear in the list:
  • 17. Creating and using VPCE Now click on Create Endpoint, choose the desired VPC, and customize the access policy (if you want):
  • 18. Creating and using VPCE Now choose the VPC subnets that will be allowed to access the endpoint:
  • 19. Security: Allow a specific VPC Endpoint access to my S3 bucket and vice versa { "Id": "Policy1415115909152", "Statement": [ { "Sid": "Stmt1415115903450", "Action": "s3:*", "Effect": "Deny", "Resource": ["arn:aws:s3:::my_secure_bucket", "arn:aws:s3:::my_secure_bucket/*"] "Condition": { "ArnNotEquals": { "aws:sourceVpe": " arn:aws:ec2:us-east-1:account:vpc/vpce-123abc" } }, "Principal": "*" } ] }
  • 20. Amazon S3 event notifications
  • 21. Amazon S3 event notifications Delivers notifications to Amazon SNS, Amazon SQS, or AWS Lambda when events occur in Amazon S3 S3 Events SNS topic SQS queue Lambda function Notifications Support for notification when objects are created via PUT, POST, Copy, or Multipart Upload. Support for notification when objects are deleted, as well as with filtering on prefixes and suffixes for all types of notifications. Foo() { … }
  • 22. What’s in it for you? Integration - A new surface on the Amazon S3 “building block” for event- based computing Speed - typical time to send notifications is less than a second Simplicity - Avoids proxies or polling to detect changes Notifications List/Diff or Proxy
  • 25. S3 Storage Metrics Monitor and set alarms on Amazon S3 storage usage through CloudWatch Supported metrics include: Total bytes for Standard Storage, Total bytes for Reduced-Redundancy Storage (RRS), Total number of objects for a given S3 bucket.
  • 27. Bucket limit increase Up to 100 buckets by default Prefixes (virtual directories) can sometimes be used instead of buckets by assigning a specific prefix per user or project: • examplebucket/UserStorage/GuyFarber/ • examplebucket/UserStorage/OmairGillani/ • Prefix support for bucket level policies such as lifecycle and cross-region replication Some use cases require dedicated buckets • Region specific application deployments • Charge-backs • Life-cycle rule per user
  • 28. Bucket limit increase You can now increase your Amazon S3 bucket limit per AWS account Open a case to request additional buckets by visiting AWS Support Center
  • 29. Read-after-write consistency for the AWS US- Standard region Read-after-write consistency allows you to retrieve objects immediately after creation in S3. Now we have consistent consistency model across all AWS regions  Previously: buckets in the US Standard Region provided eventual consistency for newly created objects
  • 30. Q&A Learn more at: http://aws.amazon.com/s3 gfarber@amazon.com