AWS S3 Contd
AWS Global Network
-
AWS has a global network which connects every aws AZ, local zones and edge locations.
-
AWS allows to private connect using global network by using AWS private endpoints
- Gateway endpoint Refer Here
Activity: Connect to AWS privately
- Create an AWS EC2 instance (ubuntu)
- Create a s3 bucket
- Now navigate to AWS VPC => Endpoints => Create endpoint
- Once the Gateway endpoint is attached to route table, then all communication from this network to s3 is completely on global network
- We have provided access, now we need to learn to restrict.
Restrictions on s3 bucket
- We have two ways of restricting access
- ACL (Access Control Lists)
- S3 Bucket Policy
- We need to learn json to write bucket policies
- Note: Refer Here for a video on json and yaml
Storage Classes
- While uploading any object to s3 bucket storage class can be changed
- Storage class can also be changed post upload.
- Select the object => Properties => Storage class
- If we need to change storage class based on number of days, Navigate to bucket => Management => Lifecycle rules
- Note: It is recommended to use intelligent-tiering over adhoc lifecycle rules.
Problem
- I have a web application running in multiple regions
- us
- uk
- india
- germany
- This application uses images, videos from a s3 bucket in us region
- us-web site is faster and i want the same response in other countries as well, so what are possible options
