DEV Community

Cover image for Amazon S3 - Business continuity and Disaster recovery
Prabusah
Prabusah

Posted on

1

Amazon S3 - Business continuity and Disaster recovery

Business Continuity:

Keeps business functioning despite significant disruptive events.

Disaster Recovery:

Natural or Human made event that causes an impact to business.

S3 for Business Continuity and Disaster Recovery:

S3 provides 99 point 11 nine's durability. Stored across min of 3 AZs (except S3 One Zone-IA storage class).

S3 Object Lock:

Immutable data (regulatory requirement). Replication - Increase availability.

Versioning:

Multiple variants of object.
Recovery from unintended user actions and application failures.
Overwrite creates new version. Deletion creates a delete marker instead of removing object.
Default - unversioned. But once enabled, can't return to unversioned state. Versioning can be suspended to stop accruing new versions.

Even in unversioned (default state)- all objects have version ID (null). Upon enabling versioning, the existing objects unchanged .ie. their version ID remains same (null). Delete Object (without versionID)-delete marker is set. And when we retrieve (current version) - 404 returned.

Removing delete markers:

Delete (Object + versionId)

S3 Lifecycle management:

Transition actions, when objects transition to another S3 storage class.
Expiration actions, when objects expire (versioning enabled)-S3 expires objects by adding delete marker.
Best practice: Move non-current version to Glacier class then delete after 1 year.

S3 Object lock:

Only in versioned buckets.
WORM-Write Once Read Many model. Prevent objects from deleted/overwritten for fixed time/indefinitely.
Retention period - time object can't be overwritten/deleted. Legal holds - No expiration date.
Configure bucket for Object Lock. Both can be at object level.

Versioning auto enabled when you create bucket with S3 Object Lock. S3 Object lock protection also moved between storage classes during Lifecycle transitions.

Indefinite locking-use Legal holds (because no retention period). Apply/change object lock operations for even billions of objects using $3 Batch operations.

Object Lock retention modes:

Compliance mode - Immutable until retention period. No one can delete/overwrite including root user. Also retention period cannot be edited. Delete entire AWS account to delete the file.
Governance mode - Specific users given permission to alter retention settings/delete objects.

Object Replication:

Replicate all objects or subset (use prefix/tags).
Replicates objects in same storage class as source object (default settings - but can specify different storage class for replicas).
Default, replicates tags, Object Lock settings. 99.99% of objects replicated in seconds.

S3 Multi-Region Access Points:

Request --> Multi-Region Access Points --> Request routed to less latency (closest) region (enable cross-region replication)
Region1
Region2

Billboard image

Imagine monitoring that's actually built for developers

Join Vercel, CrowdStrike, and thousands of other teams that trust Checkly to streamline monitor creation and configuration with Monitoring as Code.

Start Monitoring

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay