On AWS, when we talk about company security, we talk about databases, applications, and sensitive files. For Databases we have RDS, for Application code we have CodeCommit, and for files we have S3. In this blog, we will cover S3 (Simple Storage Service), how to use it, use cases, best practices, and some real-life examples.
What is Amazon S3?
S3 is a proprietary AWS technology, which is used to store and retrieve files in a simple way (hence the name simple storage), but don’t let the word “Simple” fool you. S3 is heavily secure and scalable just like any other AWS technology.
What makes S3 the go-to solution to store files?
I don’t want to bore you, so let’s keep it simple.
- Managed Service – You don’t need to worry about the space or uptime, AWS does all that for you!
- Pay-As-You-Go – Like any other AWS service, you only pay for what you use
- Secure – You can define who can access your files (more on that later)
- Available everywhere – Since it’s a cloud service, you can access your files from everywhere!
- Versioning – You can version your files, that way if something went wrong, you can roll-back
- Ecosystem – Because it’s a widely used service, it can be integrated with thousands of applications and programming languages
- Advanced features – There are other advanced features for developers, but we will not cover these in this blog.
So now that you know some S3 benefits, let’s dive into the fun!
Prepare your S3 environment
There are some terms you need to get familiar with first:
Bucket: Unique logical storage space for your S3 resources to be allocated
IAM permission: Is the permission for the AWS user to access S3 buckets (1 or more)
1.Go to your AWS account and look for S3
2. Once inside you will create your new Bucket to store all your files. Keep in mind these rules.
a. Bucket name should be unique; this means if another AWS account is already using that bucket name, you won’t be able to create it.
b. Lowercase only. For demonstration purposes, we will use the name “clickits3demo”.
c. You need to specify a region where your bucket will be serving the files, choose something close to reduce latency.
3. We’re not covering advanced features on properties, so you can skip that, hit next.
4.Review the Bucket permissions, by default the owner of the account, has full access to it and there is no public access. Leave it as it is for now.
6. Once created you will be able to see the bucket in the bucket list. Click on it and upload a file.
7. You can hit “Next” on all the next steps, just leave them as default. 8. Once uploaded you will see your file in the bucket!
Using AWS S3 from the Terminal
AWS can also be used from the terminal, this is very useful if you want to access your items from your instances without a Graphical User Interface. For that, we will need to install python, python-pip and awscli.
Here I’ll explain the steps for Ubuntu (Amazon AMI already has awscli installed)
$ sudo apt-get install python-pip$ sudo pip install awscli
After that, you’ll need to set your credentials for awscli to work. These credentials are the “AWS Access Key” and “AWS Secret Key”. These credentials were obtained when you created the user; if you don’t have them you can create new credentials by going to IAM > Users > your_username > Security Credentials > Create Access Key.
Once you have your credentials you will run this:
$ aws configure --profile s3access
– Keep in mind the profile name can be whatever you want
$ aws configure --profile s3accessAWS Access Key ID [None]: AKIAI5MH37HxxxxxxAWS Secret Access Key [None]: My$uP3rDup3rS3cr3tPa$$w0rdDefault region name [None]: eu-west-1Default output format [None]:
After this, you will be able to access your kitty images on S3 like this!
$ aws s3 ls s3://clickits3demo --profile s3access2018-02-02 14:17:21 126750 cute-kitty.jpg
You can check the available commands for the cli by doing
$ aws s3 help
S3 is a super reliable storage service that can be used not just to save files, but also make your applications deliver them, that way you can have a centralized storage service without the need of actually managing one. That’s what makes S3 the go-to solution for most of the companies.
Simple, Scalable, but robust.