DEV Community

Adeline Makokha for AWS Community Builders

Posted on


Amazon S3

Amazon S3 (Simple Storage Service) is an object storage service built to store and retrieve any amount of data.

Amazon S3 offers the following features

  • Durability
  • Availability
  • Security
  • Unlimited Scalability
  • Low Costs

Use Cases

  • Application Hosting
  • Backup and Storage
  • Media Hosting 
  • Software Delivery
  • Static Website 

Types of URL's
Virtual Hosted Style URL

Path Style URL

NB: Amazon S3 is a Public Service and accessed over a Public Endpoint.

Object Attributes
Key (Name)
Version ID
Value (Content)
Sub resources
Access Control Information 

S3 Gateway Endpoint

An S3 VPC endpoint provides a way for an S3 request to be routed through Amazon S3 service without connecting your private subnet to an internet gateway.


What is a Policy?
A policy is an object in AWS that, when associated with an identity or resource, defines their permissions. 
Image description

Identity-Based Policies
Identity-based policies are attached to an IAM user, group, or role and let you specify what that identity can do (its permissions).

Resource-Based Policies

Resource-based policies are attached to a resource.

Eg. Attaching a resource-based policy to an Amazon S3 bucket

Cross-Account Access
Sharing resources in an AWS account with users in a different account.

Access Control List
Amazon S3 access control list allows you manage access to buckets and objects.

Each bucket and object has an ACL attached to it as a sub-resource

Defines which AWS accounts and group are granted access and the type of access.

Access Control List Permissions

S3 Multipart Upload

Multipart upload allows you upload a single object as a set of parts.

If your transmission of any part fails,  you can retransmit without affecting the other parts.

NB: When object size reaches 100 MB, you should consider using multipart upload instead of uploading object in single operation

0-5 TB per File Size

Largest uploaded in a single PUT is 5 GB

Query String Authentication (Pre-Signed URL)
Authenticating certain request types by passing the required information as a query string parameter enabling direct third-party browser access to your S3 data

Use Case: An Object Owner sharing private objects with others using a pre-signed URL using their own security credentials to grant time limited permission to download object
NB: Maximum duration of 7 days

S3 Transfer Acceleration
Amazon S3 is a bucket-level feature that enables fast, easy and secure transfers of files over long distances between your client and an S3 bucket.

Takes advantage of globally distributed edge locations in Amazon CloudFront.
NB: S3 Transfer Acceleration End-points
S3 Transfer Acceleration cannot be disabled but only suspended after being enabled.

Versioning in Amazon S3
Versioning in Amazon S3 is a means of keeping multiple variants of an object in the same bucket.
Use the S3 Versioning feature to preserve, retrieve, and restore every version of every object stored in your buckets.

How S3 Versioning Works?

If you delete an object,  Amazon S3 inserts a delete marker, which becomes the current object version instead of removing it permanently

If you overwrite an object, it results in a new object version in the bucket

You can always restore the previous version

*Versioning States *
Buckets can be in one of three states 

Unversioned (Default)



MFA Delete
Adding an additional layer of security by configuring a bucket to enable MFA (multi-factor-authentication) delete

MFA delete requires additional authentication for either of the following operations 
Change the versioning state of your bucket
Permanently deleting an object version

Top comments (0)

Timeless DEV post...

Git Concepts I Wish I Knew Years Ago

The most used technology by developers is not Javascript.

It's not Python or HTML.

It hardly even gets mentioned in interviews or listed as a pre-requisite for jobs.

I'm talking about Git and version control of course.

One does not simply learn git