Glacier<\/strong> – Designed for long term storage and data that is not frequently accessed. Retrieval times range between 3-5 hours.<\/li>\n<\/ul>\nWhat do you mean by durable ?<\/strong> This basically translates to the % of objects, on average that will be lost.<\/p>\nIn terms of charges. Users are charged based on the storage consumed, requests performed and the bandwidth used.<\/p>\n
<\/span>Features<\/span><\/h3>\n<\/span>Versioning<\/span><\/h4>\nVersioning provides you with the ability to store versions for each of your objects, in turn offering a great backup mechanism. It is worth mentioning though, once enabled this feature can only be suspended not removed.
\nObjects are restored within the UI\/S3 section via,<\/p>\n
\n- Versions \/ Show<\/li>\n
- Select File line with Delete Marker<\/li>\n
- Actions \/ Delete<\/li>\n<\/ol>\n
<\/span>Cross Region Replication<\/span><\/h4>\nCross Region Replication synchronizes objects from one region to another. This feature relies on version control. Additionally, it is worth mentioning that objects stored after this feature is enabled are replicated.<\/p>\n
<\/span>Lifecycle Rules<\/span><\/h4>\nLifecycle Rules allow you to manage storage costs by controlling the lifecycle of your objects. You can define when an object should be moved to another storage tier, such as S3 IA, or Glacier. Likewise you can define the life of your object before it is deleted.
\nThis feature can be used in conjunction with versioning, allowing to assign rules to both current and previous versions.<\/p>\n
<\/span>S3 Transfer Acceleration<\/span><\/h4>\nS3 Transfer Acceleration improves the upload speeds to S3 via the use of CloudFront. This works by your file being uploaded to an Edge Location. Optimization methods are then used to send your data from the Edge Location back to the origin.<\/p>\n
<\/span>Security<\/span><\/h3>\n<\/span>Access control<\/span><\/h4>\nBy default all newly created buckets are private. Access to your buckets can be controlled either at the bucket level (via bucket policies) or at an object level (via ACLs).<\/p>\n
<\/span>Encryption<\/span><\/h4>\nBelow details the various encryption methods available to your data,<\/p>\n
\n- In Transit<\/strong> – Data uploaded\/downloaded to\/from your bucket is secured by SSL\/TLS<\/li>\n
- At Rest<\/strong> – Below details the encryption methods for data that is not in transit.\n
\n- Server side Encryption<\/strong>\n
\n- S3 Managed Keys (SSE-S3) – Each object is encrypted with a unique (AES-256) key.<\/li>\n
- AWS Key Management Service (SSE-KMS) – An envelope key is used to protect your data’s encryption key. An audit trail is also created based on the consumption of these keys.<\/li>\n
- Server Side Encryption with Customer Provided Keys (SSE-C) – The customer performs full management of the key.<\/li>\n<\/ul>\n<\/li>\n
- Client Side Encryption<\/strong>\n
\n- Data is encrypted (client side) and then it is uploaded to S3.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n
<\/span>Import\/Export<\/span><\/h2>\nImport\/Export is designed for importing\/exporting large data sets. There are 2 AWS products within the Import\/Export suite,<\/p>\n
\n- Import\/Export Disk<\/strong> – Data is exported to a physical disk and is then sent to AWS. It is then imported into either EBS, S3, or Glacier. Additionally, data can also be exported from S3.<\/li>\n
- Import\/Export Snowball<\/strong> – Snowball is a secure enclosure that allows for petabyte to transport data into and out of AWS using highly secure enclosures to\/from S3 only.<\/li>\n<\/ul>\n
<\/span>Storage Gateway<\/span><\/h2>\nA Storage Gateway connects an on-premise software appliance (VirtualMachine) with AWS’s cloud based storage. This allows you to treat S3 as an extension to your companies local storage infrastructure. There are 3 types of storage gateway,<\/p>\n
\n- Gateway Stored Volumes<\/strong> – All data is stored on site. The Storage Gateway backs up all data to S3.<\/li>\n
- Gateway Cached Volumes<\/strong> – Only the most freq accessed data is stored locally. The entire data set is stored in S3.<\/li>\n
- Gateway Virtual Tape Library (VTL)<\/strong> – Integrates with NetBackup, Backup Exec etc to provide either,\n
\n- Virtual Tape Libraries – backed up by S3.<\/li>\n
- Virtual Tape Shelf – backed up by Glacier.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n
<\/span>CloudFront<\/span><\/h2>\nVia the use of Amazon CloudFront, files can be rapidly delivered to locations around the globe using the Amazon CDN network.
\nCloudFront consists of Edge Locations, Origins and Distributions. These are explained further below,<\/p>\n
\n- Edge Location<\/strong> – The location the content is cached. Objects are cached for the life of the TTL. Edge Locations do not always correspond to regions and\/or AZ’s.<\/li>\n
- Origin<\/strong> – The Origin refers to the AWS resource that will be distributed, ie S3 bucket, EC2 instance etc.<\/li>\n
- Distribution<\/strong> – A Distribution is a collection of Edge Locations.<\/li>\n<\/ul>\n
CloudFront works with S3, EC2, Elastic Loadbalancer, and Route 53.<\/p>\n","protected":false},"excerpt":{"rendered":"
Simple Storage Service (S3) S3 provides secure, durable and highly scalable object storage. The key features to S3 are, Objects are replicated across availability zones for redundancy. Files can be between 1Byte to 5TB in size Provides unlimited storage Files are stored in Buckets, equivalent to a directory S3 is a universal namespace. i.e buckets … Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":983,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[72],"tags":[],"yoast_head":"\nAWS S3, Storage Gateways and Import\/Export - Fir3net<\/title>\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\t\n\n\n\n\t\n\t\n\t\n