SlideShare a Scribd company logo

Aws object storage and cdn(s3, glacier and cloud front) part 3

Download as pptx, pdf
Parag Patil
Parag Patil

Amazon S3 Transfer Acceleration enables fast and secure file transfers between clients and S3 buckets by leveraging Amazon CloudFront's global network. Transfer Acceleration routes data to S3 over an optimized network path. Additional charges may apply when using Transfer Acceleration. To configure an S3 bucket for static website hosting, select the bucket in the S3 console and enable static website hosting. Specify an index document and error document. A bucket policy can grant public read access to hosted content. AWS Storage Gateway connects on-premises environments to cloud storage. It offers file, volume and tape gateway solutions for seamless integration between on-premises IT and AWS storage infrastructure while maintaining data security.

1 of 32
Downloaded 10 times
Intro
Amazon S3Transfer Acceleration 2 ▪ Amazon S3Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket.Transfer Acceleration takes advantage ofAmazon CloudFront’s globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path. ▪ When usingTransfer Acceleration, additional data transfer charges may apply.
Amazon S3Transfer Acceleration 3 ▪ Why Use Amazon S3Transfer Acceleration? – You might want to useTransferAcceleration on a bucket for various reasons, including the following: – You have customers that upload to a centralized bucket from all over the world. – You transfer gigabytes to terabytes of data on a regular basis across continents. – You are unable to utilize all of your available bandwidth over the Internet when uploading to Amazon S3.
How Do I Configure an S3 Bucket for Static Website Hosting? 4 ▪ Sign in to the AWS Management Console and open the Amazon S3 console athttps://console.aws.amazon.com/s3/. ▪ In the Bucket name list, choose the name of the bucket that you want to enable static website hosting for. ▪ Choose Properties.
How Do I Configure an S3 Bucket for Static Website Hosting? 5 ▪ Choose Static website hosting. After you enable your bucket for static website hosting, web browsers can access all of your content through the Amazon S3 website endpoint for your bucket.
How Do I Configure an S3 Bucket for Static Website Hosting? 6 ▪ Choose Use this bucket to host. – For Index Document, type the name of the index document, which is typically named index.html.When you configure a bucket for website hosting, you must specify an index document. Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders. – (Optional) For 4XX class errors, you can optionally provide your own custom error document that provides additional guidance for your users. For Error Document, type the name of the file that contains the custom error document. If an error occurs,Amazon S3 returns an HTML error document. – (Optional) If you want to specify advanced redirection rules, in the Edit redirection rules text area, use XML to describe the rules. For example, you can conditionally route requests according to specific object key names or prefixes in the request.
How Do I Configure an S3 Bucket for Static Website Hosting? 7 • Choose Save.
How Do I Configure an S3 Bucket for Static Website Hosting? 8 ▪ Add a bucket policy to the website bucket that grants everyone access to the objects in the bucket. ▪ When you configure a bucket as a website, you must make the objects that you want to serve publicly readable. ▪ To do so, you write a bucket policy that grants everyone s3:GetObject permission.
S3 Summary 9 ▪ Once you load your data into Amazon S3, you can use it with other services that we provide.The following services are the ones you might use most frequently: ▪ Amazon Elastic Compute Cloud –This web service provides virtual compute resources in the cloud. ▪ Amazon EMR –This web service enables businesses, researchers, data analysts, and developers to easily and cost-effectively process vast amounts of data. It utilizes a hosted Hadoop framework running on the web-scale infrastructure of Amazon EC2 and Amazon S3. ▪ AWS Import/Export – AWS Import/Export enables you to mail a storage device, such as a RAID drive, to Amazon so that we can upload your (terabytes) of data into Amazon S3.
Create a CloudFront CDN 10 ▪ Step 1: Upload your content to Amazon S3 and grant object permissions – It is same as we learned in previous session of S3 and IAM. ▪ Step 2: Create a CloudFront distribution ▪ Step 3:Test your links
Create a CloudFront distribution 11 1. To create a CloudFront distribution 2. Open the CloudFront console at https://console.aws.amazon.com/cloudfront/. 3. Choose Create Distribution. 4. On the Select a delivery method for your content page, in the Web section, choose Get Started.
Create a CloudFront distribution 12 5. On the Create Distribution page, under Origin Settings, choose the Amazon S3 bucket that you created earlier. For Origin ID, Origin Path, Restrict Bucket Access, and Origin Custom Headers, accept the default values.
Create a CloudFront distribution 13 6. Under Default Cache Behavior Settings, accept the default values, and CloudFront will: – Forward all requests that use the CloudFront URL for your distribution (for example,http://d111111abcdef8.cloudfront.net/image.jpg) to the Amazon S3 bucket that you specified in Step 4. – Allow end users to use either HTTP or HTTPS to access your objects. – Respond to requests for your objects. – Cache your objects at CloudFront edge locations for 24 hours. – Forward only the default request headers to your origin and not cache your objects based on the values in the headers. – Exclude cookies and query string parameters, if any, when forwarding requests for objects to your origin. (Amazon S3 doesn't process cookies and processes only a limited set of query string parameters.) – Not be configured to distribute media files in the Microsoft Smooth Streaming format. – Allow everyone to view your content. – Not automatically compress your content.
Create a CloudFront distribution 14 cache behavior options :-
Create a CloudFront distribution 15 7. Under Distribution Settings, enter the applicable values: • Price Class: • Select the price class that corresponds with the maximum price that you want to pay for CloudFront service. By default, CloudFront serves your objects from edge locations in all CloudFront regions. • AWSWAFWeb ACL: • If you want to use AWSWAF to allow or block HTTP and HTTPS requests based on criteria that you specify, choose the web ACL to associate with this distribution. For more information about AWS WAF
Create a CloudFront distribution 16 7. Under Distribution Settings, enter the applicable values: • Alternate Domain Names (CNAMEs) (Optional): • Specify one or more domain names that you want to use for URLs for your objects instead of the domain name that CloudFront assigns when you create your distribution For example, if you want the URL for the object: /images/image.jpg to look like this: http://www.example.com/images/image.jpg instead of like this: http://d111111abcdef8.cloudfront.net/images/image.j pg you would create a CNAME for www.example.com.
Create a CloudFront distribution 17 7. Under Distribution Settings, enter the applicable values: • SSL Certificate: • Accept the default value, Default CloudFront Certificate. • Cookie Logging: • In this example, we're usingAmazon S3 as the origin for your objects, and Amazon S3 doesn't process cookies, so we recommend that you select Off for the value of Cookie Logging. • And Others being optional you could select default values .
Create a CloudFront distribution 18 8. Choose Create Distribution. – After CloudFront has created your distribution, the value of the Status column for your distribution will change from InProgress to Deployed. If you chose to enable the distribution, it will then be ready to process requests.This typically takes between 20 and 40 minutes. – The domain name that CloudFront assigns to your distribution appears in the list of distributions. (It also appears on the General tab for a selected distribution.
Create a CloudFront distribution 19 Step 3:Test your links: 1. After you've created your distribution, CloudFront knows where yourAmazon S3 origin server is, and you know the domain name associated with the distribution.You can create a link to yourAmazon S3 bucket content with that domain name, and have CloudFront serve it. ▪ Note: You must wait until the status of your distribution changes to Deployed before testing your links.
Create a CloudFront distribution 20 1. Copy the following HTML into a new file: – Replace <domain name> with the domain name that CloudFront assigned to your distribution. – Replace <object name> with the name of a file in your Amazon S3 bucket. ▪ <html> <head>My CloudFrontTest</head> <body> <p>My text content goes here.</p> <p><img src="http://domain name/object name" alt="my test image"/> </body> </html> ▪ For example, if your domain name was d111111abcdef8.cloudfront.net and your object was image.jpg, the URL for the link would be: – http://d111111abcdef8.cloudfront.net/image.jpg. ▪ If your object is in a folder within your bucket, include the folder in the URL. For example, if image.jpg is located in an images folder, then the URL would be: – http://d111111abcdef8.cloudfront.net/images/image.jpp
Create a CloudFront distribution 21 2. Save the text in a file that has a .html filename extension. 3. Open your web page in a browser to ensure that you can see your content. If you cannot see the content, confirm that you have performed all of the steps correctly
S3: Security and encryption 22 ▪ AWS S3 security consideration comes under below points. ▪ protecting data while – in-transit (as it travels to and from Amazon S3) , 2 ways: ▪ by using SSL ▪ client-side encryption. – at rest (while it is stored on disks inAmazon S3 data centers) 2 ways: ▪ Server Side encryption. (SSE) ▪ client-side encryption.
S3: Security and encryption 23 ▪ EncryptionTypes – Server Side ▪ encrypt your object before saving it on S3 disks ○ decrypt it when you download the objects from S3. – Client Side ▪ Client-side encryption refers to encrypting data before sending it to Amazon S3 – Use an AWS KMS-managed customer master key. – Use a client-side master key – Disadvantage: Less matching the AWS ecosystem.You need to manage keys.
S3: Security and encryption 24 ▪ Client side master key – Your client-side master keys and your unencrypted data are never sent to AWS – manage your own encryption keys – If you lose them, you won't be able to decrypt your data. – When uploading an object ▪ You provide a client-side master key to the Amazon S3 encryption client ▪ for each object , encryption client locally generates a one-time-use symmetric key ○ The client uploads the encrypted data key and its material description as part of the object metadata ▪ The material description helps the client later determine which client-side master key to use for decryption ▪ The client then uploads the encrypted data to Amazon S3 and also saves the encrypted data key as object metadata – When downloading an object ▪ The client first downloads the encrypted object fromAmazon S3 along with the metadata ▪ Using the material description in the metadata, the client first determines which master key to use to decrypt ▪ the encrypted data key.
S3: Security and encryption 25 ▪ Client Side KMS–Managed Customer Master Key (CMK) – you provide only an AWS KMS customer master key ID (CMK ID) – you don't have to worry about providing any encryption keys to the Amazon S3 encryption client (for example, the AmazonS3EncryptionClient in the AWS SDK for Java). 2options ▪ A plain text version ▪ A cipher blob – unique data encryption key for each object it uploads.
S3: Security and encryption 26 ▪ Server Side Encryption (SSE) – Server-side encryption is about data encryption at rest – 3 methods ▪ Server-Side Encryption with Customer-Provided Keys (SSE-C) ▪ S3-Managed Keys (SSE-S3) ▪ AWS KMS-Managed Keys (SSE-KMS)
S3: Security and encryption 27 ▪ New Amazon S3 Encryption & Security Features
AWS Storage Gateway 28 – The AWS Storage Portfolio:
AWS Storage Gateway 29 ▪ AWS Storage Gateway connects an on-premises software appliance with cloud-based storage to provide seamless integration with data security features between your on- premises IT environment and the AWS storage infrastructure. You can use the service to store data in the AWS Cloud for scalable and cost-effective storage that helps maintain data security. ▪ AWS Storage Gateway offers file-based, volume-based, and tape-based storage solutions: – File Gateway: ▪ A file gateway supports a file interface into Amazon Simple Storage Service (Amazon S3) and combines a service and a virtual software appliance.
AWS Storage Gateway 30 ▪ Volume Gateway: – A volume gateway provides cloud-backed storage volumes that you can mount as Internet Small Computer System Interface (iSCSI) devices from your on-premises application servers ▪ Tape Gateway : – With a tape gateway, you can cost-effectively and durably archive backup data in Amazon Glacier. – A tape gateway provides a virtual tape infrastructure that scales seamlessly with your business needs and eliminates the operational burden of provisioning, scaling, and maintaining a physical tape infrastructure.
Snowball 31 • Snowball is a petabyte-scale data transport solution that uses devices designed to be secure to transfer large amounts of data into and out of the AWS Cloud. • Using Snowball addresses common challenges with large-scale data transfers including high network costs, long transfer times, and security concerns. • Customers today use Snowball to migrate analytics data, genomics data, video libraries, image repositories, backups, and to archive part of data center shutdowns, tape replacement or application migration projects. • Transferring data with Snowball is simple, fast, more secure, and can be as little as one-fifth the cost of transferring data via high-speed Internet. • https://youtu.be/9uc2DSZ1wL8
Snowball 32
Ad

Recommended

Data In Cloud
Data In CloudData In Cloud
Data In Cloud
rsnarayanan
 
Sql portfolio admin_practicals
Sql portfolio admin_practicalsSql portfolio admin_practicals
Sql portfolio admin_practicals
Shelli Ciaschini
 
AWS Cloud SAA Relational Database presentation
AWS Cloud SAA Relational Database presentationAWS Cloud SAA Relational Database presentation
AWS Cloud SAA Relational Database presentation
TATA LILIAN SHULIKA
 
Best Practices for running the Oracle Database on EC2 webinar
Best Practices for running the Oracle Database on EC2 webinarBest Practices for running the Oracle Database on EC2 webinar
Best Practices for running the Oracle Database on EC2 webinar
Tom Laszewski
 
AWS tutorial-Part27:AWS EC2
AWS tutorial-Part27:AWS EC2AWS tutorial-Part27:AWS EC2
AWS tutorial-Part27:AWS EC2
SaM theCloudGuy
 
Exploring azure cloud storage
Exploring azure cloud storageExploring azure cloud storage
Exploring azure cloud storage
Spiffy
 
21 Www Web Services
21 Www Web Services21 Www Web Services
21 Www Web Services
royans
 
Big data with HDFS and Mapreduce
Big data with HDFS and MapreduceBig data with HDFS and Mapreduce
Big data with HDFS and Mapreduce
senthil0809
 
Aws object storage and cdn(s3, glacier and cloud front) part 2
Aws object storage and cdn(s3, glacier and cloud front) part 2Aws object storage and cdn(s3, glacier and cloud front) part 2
Aws object storage and cdn(s3, glacier and cloud front) part 2
Parag Patil
 
Aws overview part 1(iam and storage services)
Aws overview part 1(iam and storage services)Aws overview part 1(iam and storage services)
Aws overview part 1(iam and storage services)
Parag Patil
 
Amazon CloudFront
Amazon CloudFrontAmazon CloudFront
Amazon CloudFront
Satish Agrawal
 
S3inmule
S3inmuleS3inmule
S3inmule
Srikrishna k
 
Cloud Lesson_04_Amazon_Storage_Services.pdf
Cloud Lesson_04_Amazon_Storage_Services.pdfCloud Lesson_04_Amazon_Storage_Services.pdf
Cloud Lesson_04_Amazon_Storage_Services.pdf
s2rxxgtzcq
 
Aws object storage and cdn(s3, glacier and cloud front) part 1
Aws object storage and cdn(s3, glacier and cloud front) part 1Aws object storage and cdn(s3, glacier and cloud front) part 1
Aws object storage and cdn(s3, glacier and cloud front) part 1
Parag Patil
 
Configure Amazon cloud front
Configure Amazon cloud frontConfigure Amazon cloud front
Configure Amazon cloud front
Mohan Reddy
 
AWS essentials S3
AWS essentials S3AWS essentials S3
AWS essentials S3
mustafa sarac
 
Amazone s3 in mule
Amazone s3 in muleAmazone s3 in mule
Amazone s3 in mule
Ramakrishna kapa
 
AWS Certified Solutions Architect - Associate SAA-C03 Dumps
AWS Certified Solutions Architect - Associate SAA-C03 DumpsAWS Certified Solutions Architect - Associate SAA-C03 Dumps
AWS Certified Solutions Architect - Associate SAA-C03 Dumps
VictoriaMeisel
 
SAP OS/DB Migration using Azure Storage Account
SAP OS/DB Migration using Azure Storage AccountSAP OS/DB Migration using Azure Storage Account
SAP OS/DB Migration using Azure Storage Account
Gary Jackson MBCS
 
Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...
Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...
Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...
white paper
 
Aws big picture_overview
Aws big picture_overviewAws big picture_overview
Aws big picture_overview
Ajay Bidari
 
Introduction to Amazon Web Services
Introduction to Amazon Web ServicesIntroduction to Amazon Web Services
Introduction to Amazon Web Services
Dayanand Shanmugham
 
Amazon ec2 s3 dynamo db
Amazon ec2 s3 dynamo dbAmazon ec2 s3 dynamo db
Amazon ec2 s3 dynamo db
Pankaj Thakur
 
Awsgsg swh
Awsgsg swhAwsgsg swh
Awsgsg swh
Sebin John
 
Awsgsg swh
Awsgsg swhAwsgsg swh
Awsgsg swh
Sebin John
 
SAA-C03 Practice Questions – Prepare Like a Pro for the AWS Exam
SAA-C03 Practice Questions – Prepare Like a Pro for the AWS ExamSAA-C03 Practice Questions – Prepare Like a Pro for the AWS Exam
SAA-C03 Practice Questions – Prepare Like a Pro for the AWS Exam
rl7159133
 
Getting started with S3
Getting started with S3Getting started with S3
Getting started with S3
AWS UG PK
 
Word press site
Word press siteWord press site
Word press site
Parag Patil
 
Aws overview part 2(compute services)
Aws overview part 2(compute services)Aws overview part 2(compute services)
Aws overview part 2(compute services)
Parag Patil
 
Billing &amp; pricing
Billing &amp; pricing Billing &amp; pricing
Billing &amp; pricing
Parag Patil
 
Ad

More Related Content

Similar to Aws object storage and cdn(s3, glacier and cloud front) part 3 (20)

Aws object storage and cdn(s3, glacier and cloud front) part 2
Aws object storage and cdn(s3, glacier and cloud front) part 2Aws object storage and cdn(s3, glacier and cloud front) part 2
Aws object storage and cdn(s3, glacier and cloud front) part 2
Parag Patil
 
Aws overview part 1(iam and storage services)
Aws overview part 1(iam and storage services)Aws overview part 1(iam and storage services)
Aws overview part 1(iam and storage services)
Parag Patil
 
Amazon CloudFront
Amazon CloudFrontAmazon CloudFront
Amazon CloudFront
Satish Agrawal
 
S3inmule
S3inmuleS3inmule
S3inmule
Srikrishna k
 
Cloud Lesson_04_Amazon_Storage_Services.pdf
Cloud Lesson_04_Amazon_Storage_Services.pdfCloud Lesson_04_Amazon_Storage_Services.pdf
Cloud Lesson_04_Amazon_Storage_Services.pdf
s2rxxgtzcq
 
Aws object storage and cdn(s3, glacier and cloud front) part 1
Aws object storage and cdn(s3, glacier and cloud front) part 1Aws object storage and cdn(s3, glacier and cloud front) part 1
Aws object storage and cdn(s3, glacier and cloud front) part 1
Parag Patil
 
Configure Amazon cloud front
Configure Amazon cloud frontConfigure Amazon cloud front
Configure Amazon cloud front
Mohan Reddy
 
AWS essentials S3
AWS essentials S3AWS essentials S3
AWS essentials S3
mustafa sarac
 
Amazone s3 in mule
Amazone s3 in muleAmazone s3 in mule
Amazone s3 in mule
Ramakrishna kapa
 
AWS Certified Solutions Architect - Associate SAA-C03 Dumps
AWS Certified Solutions Architect - Associate SAA-C03 DumpsAWS Certified Solutions Architect - Associate SAA-C03 Dumps
AWS Certified Solutions Architect - Associate SAA-C03 Dumps
VictoriaMeisel
 
SAP OS/DB Migration using Azure Storage Account
SAP OS/DB Migration using Azure Storage AccountSAP OS/DB Migration using Azure Storage Account
SAP OS/DB Migration using Azure Storage Account
Gary Jackson MBCS
 
Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...
Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...
Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...
white paper
 
Aws big picture_overview
Aws big picture_overviewAws big picture_overview
Aws big picture_overview
Ajay Bidari
 
Introduction to Amazon Web Services
Introduction to Amazon Web ServicesIntroduction to Amazon Web Services
Introduction to Amazon Web Services
Dayanand Shanmugham
 
Amazon ec2 s3 dynamo db
Amazon ec2 s3 dynamo dbAmazon ec2 s3 dynamo db
Amazon ec2 s3 dynamo db
Pankaj Thakur
 
Awsgsg swh
Awsgsg swhAwsgsg swh
Awsgsg swh
Sebin John
 
Awsgsg swh
Awsgsg swhAwsgsg swh
Awsgsg swh
Sebin John
 
SAA-C03 Practice Questions – Prepare Like a Pro for the AWS Exam
SAA-C03 Practice Questions – Prepare Like a Pro for the AWS ExamSAA-C03 Practice Questions – Prepare Like a Pro for the AWS Exam
SAA-C03 Practice Questions – Prepare Like a Pro for the AWS Exam
rl7159133
 
Getting started with S3
Getting started with S3Getting started with S3
Getting started with S3
AWS UG PK
 
Word press site
Word press siteWord press site
Word press site
Parag Patil
 
Aws object storage and cdn(s3, glacier and cloud front) part 2
Aws object storage and cdn(s3, glacier and cloud front) part 2Aws object storage and cdn(s3, glacier and cloud front) part 2
Aws object storage and cdn(s3, glacier and cloud front) part 2
Parag Patil
 
Aws overview part 1(iam and storage services)
Aws overview part 1(iam and storage services)Aws overview part 1(iam and storage services)
Aws overview part 1(iam and storage services)
Parag Patil
 
Amazon CloudFront
Amazon CloudFrontAmazon CloudFront
Amazon CloudFront
Satish Agrawal
 
S3inmule
S3inmuleS3inmule
S3inmule
Srikrishna k
 
Cloud Lesson_04_Amazon_Storage_Services.pdf
Cloud Lesson_04_Amazon_Storage_Services.pdfCloud Lesson_04_Amazon_Storage_Services.pdf
Cloud Lesson_04_Amazon_Storage_Services.pdf
s2rxxgtzcq
 
Aws object storage and cdn(s3, glacier and cloud front) part 1
Aws object storage and cdn(s3, glacier and cloud front) part 1Aws object storage and cdn(s3, glacier and cloud front) part 1
Aws object storage and cdn(s3, glacier and cloud front) part 1
Parag Patil
 
Configure Amazon cloud front
Configure Amazon cloud frontConfigure Amazon cloud front
Configure Amazon cloud front
Mohan Reddy
 
AWS essentials S3
AWS essentials S3AWS essentials S3
AWS essentials S3
mustafa sarac
 
Amazone s3 in mule
Amazone s3 in muleAmazone s3 in mule
Amazone s3 in mule
Ramakrishna kapa
 
AWS Certified Solutions Architect - Associate SAA-C03 Dumps
AWS Certified Solutions Architect - Associate SAA-C03 DumpsAWS Certified Solutions Architect - Associate SAA-C03 Dumps
AWS Certified Solutions Architect - Associate SAA-C03 Dumps
VictoriaMeisel
 
SAP OS/DB Migration using Azure Storage Account
SAP OS/DB Migration using Azure Storage AccountSAP OS/DB Migration using Azure Storage Account
SAP OS/DB Migration using Azure Storage Account
Gary Jackson MBCS
 
Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...
Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...
Cloud Computing With Amazon Web Services, Part 2: Storage in the Cloud With A...
white paper
 
Aws big picture_overview
Aws big picture_overviewAws big picture_overview
Aws big picture_overview
Ajay Bidari
 
Introduction to Amazon Web Services
Introduction to Amazon Web ServicesIntroduction to Amazon Web Services
Introduction to Amazon Web Services
Dayanand Shanmugham
 
Amazon ec2 s3 dynamo db
Amazon ec2 s3 dynamo dbAmazon ec2 s3 dynamo db
Amazon ec2 s3 dynamo db
Pankaj Thakur
 
Awsgsg swh
Awsgsg swhAwsgsg swh
Awsgsg swh
Sebin John
 
Awsgsg swh
Awsgsg swhAwsgsg swh
Awsgsg swh
Sebin John
 
SAA-C03 Practice Questions – Prepare Like a Pro for the AWS Exam
SAA-C03 Practice Questions – Prepare Like a Pro for the AWS ExamSAA-C03 Practice Questions – Prepare Like a Pro for the AWS Exam
SAA-C03 Practice Questions – Prepare Like a Pro for the AWS Exam
rl7159133
 
Getting started with S3
Getting started with S3Getting started with S3
Getting started with S3
AWS UG PK
 
Word press site
Word press siteWord press site
Word press site
Parag Patil
 

More from Parag Patil (13)

Aws overview part 2(compute services)
Aws overview part 2(compute services)Aws overview part 2(compute services)
Aws overview part 2(compute services)
Parag Patil
 
Billing &amp; pricing
Billing &amp; pricing Billing &amp; pricing
Billing &amp; pricing
Parag Patil
 
Databases overview &amp; concepts
Databases overview &amp; conceptsDatabases overview &amp; concepts
Databases overview &amp; concepts
Parag Patil
 
Spring boot-application
Spring boot-applicationSpring boot-application
Spring boot-application
Parag Patil
 
Databases on aws part 2
Databases on aws part 2Databases on aws part 2
Databases on aws part 2
Parag Patil
 
Security
SecuritySecurity
Security
Parag Patil
 
Development tools
Development toolsDevelopment tools
Development tools
Parag Patil
 
Cloud concepts-and-technologies
Cloud concepts-and-technologiesCloud concepts-and-technologies
Cloud concepts-and-technologies
Parag Patil
 
Aws overview part 3(databases, dns and management services)
Aws overview part 3(databases, dns and management services)Aws overview part 3(databases, dns and management services)
Aws overview part 3(databases, dns and management services)
Parag Patil
 
Dynamo db
Dynamo dbDynamo db
Dynamo db
Parag Patil
 
Databases on aws part 1
Databases on aws part 1Databases on aws part 1
Databases on aws part 1
Parag Patil
 
Elastic beanstalk
Elastic beanstalkElastic beanstalk
Elastic beanstalk
Parag Patil
 
Identity access management (iam)
Identity access management (iam)Identity access management (iam)
Identity access management (iam)
Parag Patil
 
Aws overview part 2(compute services)
Aws overview part 2(compute services)Aws overview part 2(compute services)
Aws overview part 2(compute services)
Parag Patil
 
Billing &amp; pricing
Billing &amp; pricing Billing &amp; pricing
Billing &amp; pricing
Parag Patil
 
Databases overview &amp; concepts
Databases overview &amp; conceptsDatabases overview &amp; concepts
Databases overview &amp; concepts
Parag Patil
 
Spring boot-application
Spring boot-applicationSpring boot-application
Spring boot-application
Parag Patil
 
Databases on aws part 2
Databases on aws part 2Databases on aws part 2
Databases on aws part 2
Parag Patil
 
Security
SecuritySecurity
Security
Parag Patil
 
Development tools
Development toolsDevelopment tools
Development tools
Parag Patil
 
Cloud concepts-and-technologies
Cloud concepts-and-technologiesCloud concepts-and-technologies
Cloud concepts-and-technologies
Parag Patil
 
Aws overview part 3(databases, dns and management services)
Aws overview part 3(databases, dns and management services)Aws overview part 3(databases, dns and management services)
Aws overview part 3(databases, dns and management services)
Parag Patil
 
Dynamo db
Dynamo dbDynamo db
Dynamo db
Parag Patil
 
Databases on aws part 1
Databases on aws part 1Databases on aws part 1
Databases on aws part 1
Parag Patil
 
Elastic beanstalk
Elastic beanstalkElastic beanstalk
Elastic beanstalk
Parag Patil
 
Identity access management (iam)
Identity access management (iam)Identity access management (iam)
Identity access management (iam)
Parag Patil
 
Ad

Recently uploaded (20)

Corporate Event Photographer Los Angeles
Corporate Event Photographer Los AngelesCorporate Event Photographer Los Angeles
Corporate Event Photographer Los Angeles
Kobe Levi Headshot Photography
 
Choosing the Right Health Insurance in Mexico.pptx
Choosing the Right Health Insurance in Mexico.pptxChoosing the Right Health Insurance in Mexico.pptx
Choosing the Right Health Insurance in Mexico.pptx
West Coast Global Insurance Services
 
Private Equity vs Venture Capital in 2025 Evan Vitale Explains the Key Differ...
Private Equity vs Venture Capital in 2025 Evan Vitale Explains the Key Differ...Private Equity vs Venture Capital in 2025 Evan Vitale Explains the Key Differ...
Private Equity vs Venture Capital in 2025 Evan Vitale Explains the Key Differ...
Evan Vitale
 
Lifestyle Magazines - Culture, Current Affairs, Health & Fitness.pdf
Lifestyle Magazines - Culture, Current Affairs, Health & Fitness.pdfLifestyle Magazines - Culture, Current Affairs, Health & Fitness.pdf
Lifestyle Magazines - Culture, Current Affairs, Health & Fitness.pdf
Boutique Mags
 
Breeze Taxis Airport Taxi Transfer Services
Breeze Taxis Airport Taxi Transfer ServicesBreeze Taxis Airport Taxi Transfer Services
Breeze Taxis Airport Taxi Transfer Services
lutforprobd
 
Digital Marketing Consultant in India .pptx
Digital Marketing Consultant in India .pptxDigital Marketing Consultant in India .pptx
Digital Marketing Consultant in India .pptx
Hemant Kr. Sharma
 
Professional Lifeguard Services Perth.pptx
Professional Lifeguard Services Perth.pptxProfessional Lifeguard Services Perth.pptx
Professional Lifeguard Services Perth.pptx
Westcoastwatersafety
 
How do AI & ML services help businesses build a scalable solution?
How do AI & ML services help businesses build a scalable solution?How do AI & ML services help businesses build a scalable solution?
How do AI & ML services help businesses build a scalable solution?
Digital Hub Solution
 
Fresh Air, Fresh Food Designing Kitchens for Seasonal Cooking.pdf
Fresh Air, Fresh Food Designing Kitchens for Seasonal Cooking.pdfFresh Air, Fresh Food Designing Kitchens for Seasonal Cooking.pdf
Fresh Air, Fresh Food Designing Kitchens for Seasonal Cooking.pdf
Kalin Mihaylov
 
Empowering Growth with Smart CRM Solutions
Empowering Growth with Smart CRM SolutionsEmpowering Growth with Smart CRM Solutions
Empowering Growth with Smart CRM Solutions
The Tech Clouds
 
veecorporatevirtualfunactivitiesplanmay2021v2-210525033553.ppt
veecorporatevirtualfunactivitiesplanmay2021v2-210525033553.pptveecorporatevirtualfunactivitiesplanmay2021v2-210525033553.ppt
veecorporatevirtualfunactivitiesplanmay2021v2-210525033553.ppt
CattaVickram1
 
11 Best IPTV Reseller Platforms for Live TV Streaming.pdf
11 Best IPTV Reseller Platforms for Live TV Streaming.pdf11 Best IPTV Reseller Platforms for Live TV Streaming.pdf
11 Best IPTV Reseller Platforms for Live TV Streaming.pdf
tahmidtazbidishmam
 
What are the Benefits of Choosing a Candidate Tracking System?
What are the Benefits of Choosing a Candidate Tracking System?What are the Benefits of Choosing a Candidate Tracking System?
What are the Benefits of Choosing a Candidate Tracking System?
Obhula Homestay
 
How LLM SEO Works Guide to Ranking in AI-Powered Search Engines
How LLM SEO Works Guide to Ranking in AI-Powered Search EnginesHow LLM SEO Works Guide to Ranking in AI-Powered Search Engines
How LLM SEO Works Guide to Ranking in AI-Powered Search Engines
Dot Com Infoway - Custom Software, Mobile, Web Application Development and Digital Marketing Company
 
Why-Businesses-Need-Software-Development-Services.pdf.pdf
Why-Businesses-Need-Software-Development-Services.pdf.pdfWhy-Businesses-Need-Software-Development-Services.pdf.pdf
Why-Businesses-Need-Software-Development-Services.pdf.pdf
Steve Jonas
 
Let CleanNYC restore your space to a clean, healthy environment.
Let CleanNYC restore your space to a clean, healthy environment.Let CleanNYC restore your space to a clean, healthy environment.
Let CleanNYC restore your space to a clean, healthy environment.
Clean NYC Lead
 
A Complete Guide To Air Freight Companies In Dubai.
A Complete Guide To Air Freight Companies In Dubai.A Complete Guide To Air Freight Companies In Dubai.
A Complete Guide To Air Freight Companies In Dubai.
S A G Logistic
 
Top Hybrid App Implementation Solutions for All Platforms
Top Hybrid App Implementation Solutions for All PlatformsTop Hybrid App Implementation Solutions for All Platforms
Top Hybrid App Implementation Solutions for All Platforms
Digital Hub Solution
 
WOOD MATERIAL FOR INTERIORS presentation.pptx
WOOD MATERIAL FOR INTERIORS presentation.pptxWOOD MATERIAL FOR INTERIORS presentation.pptx
WOOD MATERIAL FOR INTERIORS presentation.pptx
1AN18AT034PALLAVIYM
 
Difference Between Internal and External Audit in UAE.pdf
Difference Between Internal and External Audit in UAE.pdfDifference Between Internal and External Audit in UAE.pdf
Difference Between Internal and External Audit in UAE.pdf
AnamBilal6
 
Corporate Event Photographer Los Angeles
Corporate Event Photographer Los AngelesCorporate Event Photographer Los Angeles
Corporate Event Photographer Los Angeles
Kobe Levi Headshot Photography
 
Choosing the Right Health Insurance in Mexico.pptx
Choosing the Right Health Insurance in Mexico.pptxChoosing the Right Health Insurance in Mexico.pptx
Choosing the Right Health Insurance in Mexico.pptx
West Coast Global Insurance Services
 
Private Equity vs Venture Capital in 2025 Evan Vitale Explains the Key Differ...
Private Equity vs Venture Capital in 2025 Evan Vitale Explains the Key Differ...Private Equity vs Venture Capital in 2025 Evan Vitale Explains the Key Differ...
Private Equity vs Venture Capital in 2025 Evan Vitale Explains the Key Differ...
Evan Vitale
 
Lifestyle Magazines - Culture, Current Affairs, Health & Fitness.pdf
Lifestyle Magazines - Culture, Current Affairs, Health & Fitness.pdfLifestyle Magazines - Culture, Current Affairs, Health & Fitness.pdf
Lifestyle Magazines - Culture, Current Affairs, Health & Fitness.pdf
Boutique Mags
 
Breeze Taxis Airport Taxi Transfer Services
Breeze Taxis Airport Taxi Transfer ServicesBreeze Taxis Airport Taxi Transfer Services
Breeze Taxis Airport Taxi Transfer Services
lutforprobd
 
Digital Marketing Consultant in India .pptx
Digital Marketing Consultant in India .pptxDigital Marketing Consultant in India .pptx
Digital Marketing Consultant in India .pptx
Hemant Kr. Sharma
 
Professional Lifeguard Services Perth.pptx
Professional Lifeguard Services Perth.pptxProfessional Lifeguard Services Perth.pptx
Professional Lifeguard Services Perth.pptx
Westcoastwatersafety
 
How do AI & ML services help businesses build a scalable solution?
How do AI & ML services help businesses build a scalable solution?How do AI & ML services help businesses build a scalable solution?
How do AI & ML services help businesses build a scalable solution?
Digital Hub Solution
 
Fresh Air, Fresh Food Designing Kitchens for Seasonal Cooking.pdf
Fresh Air, Fresh Food Designing Kitchens for Seasonal Cooking.pdfFresh Air, Fresh Food Designing Kitchens for Seasonal Cooking.pdf
Fresh Air, Fresh Food Designing Kitchens for Seasonal Cooking.pdf
Kalin Mihaylov
 
Empowering Growth with Smart CRM Solutions
Empowering Growth with Smart CRM SolutionsEmpowering Growth with Smart CRM Solutions
Empowering Growth with Smart CRM Solutions
The Tech Clouds
 
veecorporatevirtualfunactivitiesplanmay2021v2-210525033553.ppt
veecorporatevirtualfunactivitiesplanmay2021v2-210525033553.pptveecorporatevirtualfunactivitiesplanmay2021v2-210525033553.ppt
veecorporatevirtualfunactivitiesplanmay2021v2-210525033553.ppt
CattaVickram1
 
11 Best IPTV Reseller Platforms for Live TV Streaming.pdf
11 Best IPTV Reseller Platforms for Live TV Streaming.pdf11 Best IPTV Reseller Platforms for Live TV Streaming.pdf
11 Best IPTV Reseller Platforms for Live TV Streaming.pdf
tahmidtazbidishmam
 
What are the Benefits of Choosing a Candidate Tracking System?
What are the Benefits of Choosing a Candidate Tracking System?What are the Benefits of Choosing a Candidate Tracking System?
What are the Benefits of Choosing a Candidate Tracking System?
Obhula Homestay
 
How LLM SEO Works Guide to Ranking in AI-Powered Search Engines
How LLM SEO Works Guide to Ranking in AI-Powered Search EnginesHow LLM SEO Works Guide to Ranking in AI-Powered Search Engines
How LLM SEO Works Guide to Ranking in AI-Powered Search Engines
Dot Com Infoway - Custom Software, Mobile, Web Application Development and Digital Marketing Company
 
Why-Businesses-Need-Software-Development-Services.pdf.pdf
Why-Businesses-Need-Software-Development-Services.pdf.pdfWhy-Businesses-Need-Software-Development-Services.pdf.pdf
Why-Businesses-Need-Software-Development-Services.pdf.pdf
Steve Jonas
 
Let CleanNYC restore your space to a clean, healthy environment.
Let CleanNYC restore your space to a clean, healthy environment.Let CleanNYC restore your space to a clean, healthy environment.
Let CleanNYC restore your space to a clean, healthy environment.
Clean NYC Lead
 
A Complete Guide To Air Freight Companies In Dubai.
A Complete Guide To Air Freight Companies In Dubai.A Complete Guide To Air Freight Companies In Dubai.
A Complete Guide To Air Freight Companies In Dubai.
S A G Logistic
 
Top Hybrid App Implementation Solutions for All Platforms
Top Hybrid App Implementation Solutions for All PlatformsTop Hybrid App Implementation Solutions for All Platforms
Top Hybrid App Implementation Solutions for All Platforms
Digital Hub Solution
 
WOOD MATERIAL FOR INTERIORS presentation.pptx
WOOD MATERIAL FOR INTERIORS presentation.pptxWOOD MATERIAL FOR INTERIORS presentation.pptx
WOOD MATERIAL FOR INTERIORS presentation.pptx
1AN18AT034PALLAVIYM
 
Difference Between Internal and External Audit in UAE.pdf
Difference Between Internal and External Audit in UAE.pdfDifference Between Internal and External Audit in UAE.pdf
Difference Between Internal and External Audit in UAE.pdf
AnamBilal6
 
Ad

Aws object storage and cdn(s3, glacier and cloud front) part 3

  • 2. Amazon S3Transfer Acceleration 2 ▪ Amazon S3Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket.Transfer Acceleration takes advantage ofAmazon CloudFront’s globally distributed edge locations. As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path. ▪ When usingTransfer Acceleration, additional data transfer charges may apply.
  • 3. Amazon S3Transfer Acceleration 3 ▪ Why Use Amazon S3Transfer Acceleration? – You might want to useTransferAcceleration on a bucket for various reasons, including the following: – You have customers that upload to a centralized bucket from all over the world. – You transfer gigabytes to terabytes of data on a regular basis across continents. – You are unable to utilize all of your available bandwidth over the Internet when uploading to Amazon S3.
  • 4. How Do I Configure an S3 Bucket for Static Website Hosting? 4 ▪ Sign in to the AWS Management Console and open the Amazon S3 console athttps://console.aws.amazon.com/s3/. ▪ In the Bucket name list, choose the name of the bucket that you want to enable static website hosting for. ▪ Choose Properties.
  • 5. How Do I Configure an S3 Bucket for Static Website Hosting? 5 ▪ Choose Static website hosting. After you enable your bucket for static website hosting, web browsers can access all of your content through the Amazon S3 website endpoint for your bucket.
  • 6. How Do I Configure an S3 Bucket for Static Website Hosting? 6 ▪ Choose Use this bucket to host. – For Index Document, type the name of the index document, which is typically named index.html.When you configure a bucket for website hosting, you must specify an index document. Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders. – (Optional) For 4XX class errors, you can optionally provide your own custom error document that provides additional guidance for your users. For Error Document, type the name of the file that contains the custom error document. If an error occurs,Amazon S3 returns an HTML error document. – (Optional) If you want to specify advanced redirection rules, in the Edit redirection rules text area, use XML to describe the rules. For example, you can conditionally route requests according to specific object key names or prefixes in the request.
  • 7. How Do I Configure an S3 Bucket for Static Website Hosting? 7 • Choose Save.
  • 8. How Do I Configure an S3 Bucket for Static Website Hosting? 8 ▪ Add a bucket policy to the website bucket that grants everyone access to the objects in the bucket. ▪ When you configure a bucket as a website, you must make the objects that you want to serve publicly readable. ▪ To do so, you write a bucket policy that grants everyone s3:GetObject permission.
  • 9. S3 Summary 9 ▪ Once you load your data into Amazon S3, you can use it with other services that we provide.The following services are the ones you might use most frequently: ▪ Amazon Elastic Compute Cloud –This web service provides virtual compute resources in the cloud. ▪ Amazon EMR –This web service enables businesses, researchers, data analysts, and developers to easily and cost-effectively process vast amounts of data. It utilizes a hosted Hadoop framework running on the web-scale infrastructure of Amazon EC2 and Amazon S3. ▪ AWS Import/Export – AWS Import/Export enables you to mail a storage device, such as a RAID drive, to Amazon so that we can upload your (terabytes) of data into Amazon S3.
  • 10. Create a CloudFront CDN 10 ▪ Step 1: Upload your content to Amazon S3 and grant object permissions – It is same as we learned in previous session of S3 and IAM. ▪ Step 2: Create a CloudFront distribution ▪ Step 3:Test your links
  • 11. Create a CloudFront distribution 11 1. To create a CloudFront distribution 2. Open the CloudFront console at https://console.aws.amazon.com/cloudfront/. 3. Choose Create Distribution. 4. On the Select a delivery method for your content page, in the Web section, choose Get Started.
  • 12. Create a CloudFront distribution 12 5. On the Create Distribution page, under Origin Settings, choose the Amazon S3 bucket that you created earlier. For Origin ID, Origin Path, Restrict Bucket Access, and Origin Custom Headers, accept the default values.
  • 13. Create a CloudFront distribution 13 6. Under Default Cache Behavior Settings, accept the default values, and CloudFront will: – Forward all requests that use the CloudFront URL for your distribution (for example,http://d111111abcdef8.cloudfront.net/image.jpg) to the Amazon S3 bucket that you specified in Step 4. – Allow end users to use either HTTP or HTTPS to access your objects. – Respond to requests for your objects. – Cache your objects at CloudFront edge locations for 24 hours. – Forward only the default request headers to your origin and not cache your objects based on the values in the headers. – Exclude cookies and query string parameters, if any, when forwarding requests for objects to your origin. (Amazon S3 doesn't process cookies and processes only a limited set of query string parameters.) – Not be configured to distribute media files in the Microsoft Smooth Streaming format. – Allow everyone to view your content. – Not automatically compress your content.
  • 14. Create a CloudFront distribution 14 cache behavior options :-
  • 15. Create a CloudFront distribution 15 7. Under Distribution Settings, enter the applicable values: • Price Class: • Select the price class that corresponds with the maximum price that you want to pay for CloudFront service. By default, CloudFront serves your objects from edge locations in all CloudFront regions. • AWSWAFWeb ACL: • If you want to use AWSWAF to allow or block HTTP and HTTPS requests based on criteria that you specify, choose the web ACL to associate with this distribution. For more information about AWS WAF
  • 16. Create a CloudFront distribution 16 7. Under Distribution Settings, enter the applicable values: • Alternate Domain Names (CNAMEs) (Optional): • Specify one or more domain names that you want to use for URLs for your objects instead of the domain name that CloudFront assigns when you create your distribution For example, if you want the URL for the object: /images/image.jpg to look like this: http://www.example.com/images/image.jpg instead of like this: http://d111111abcdef8.cloudfront.net/images/image.j pg you would create a CNAME for www.example.com.
  • 17. Create a CloudFront distribution 17 7. Under Distribution Settings, enter the applicable values: • SSL Certificate: • Accept the default value, Default CloudFront Certificate. • Cookie Logging: • In this example, we're usingAmazon S3 as the origin for your objects, and Amazon S3 doesn't process cookies, so we recommend that you select Off for the value of Cookie Logging. • And Others being optional you could select default values .
  • 18. Create a CloudFront distribution 18 8. Choose Create Distribution. – After CloudFront has created your distribution, the value of the Status column for your distribution will change from InProgress to Deployed. If you chose to enable the distribution, it will then be ready to process requests.This typically takes between 20 and 40 minutes. – The domain name that CloudFront assigns to your distribution appears in the list of distributions. (It also appears on the General tab for a selected distribution.
  • 19. Create a CloudFront distribution 19 Step 3:Test your links: 1. After you've created your distribution, CloudFront knows where yourAmazon S3 origin server is, and you know the domain name associated with the distribution.You can create a link to yourAmazon S3 bucket content with that domain name, and have CloudFront serve it. ▪ Note: You must wait until the status of your distribution changes to Deployed before testing your links.
  • 20. Create a CloudFront distribution 20 1. Copy the following HTML into a new file: – Replace <domain name> with the domain name that CloudFront assigned to your distribution. – Replace <object name> with the name of a file in your Amazon S3 bucket. ▪ <html> <head>My CloudFrontTest</head> <body> <p>My text content goes here.</p> <p><img src="http://domain name/object name" alt="my test image"/> </body> </html> ▪ For example, if your domain name was d111111abcdef8.cloudfront.net and your object was image.jpg, the URL for the link would be: – http://d111111abcdef8.cloudfront.net/image.jpg. ▪ If your object is in a folder within your bucket, include the folder in the URL. For example, if image.jpg is located in an images folder, then the URL would be: – http://d111111abcdef8.cloudfront.net/images/image.jpp
  • 21. Create a CloudFront distribution 21 2. Save the text in a file that has a .html filename extension. 3. Open your web page in a browser to ensure that you can see your content. If you cannot see the content, confirm that you have performed all of the steps correctly
  • 22. S3: Security and encryption 22 ▪ AWS S3 security consideration comes under below points. ▪ protecting data while – in-transit (as it travels to and from Amazon S3) , 2 ways: ▪ by using SSL ▪ client-side encryption. – at rest (while it is stored on disks inAmazon S3 data centers) 2 ways: ▪ Server Side encryption. (SSE) ▪ client-side encryption.
  • 23. S3: Security and encryption 23 ▪ EncryptionTypes – Server Side ▪ encrypt your object before saving it on S3 disks ○ decrypt it when you download the objects from S3. – Client Side ▪ Client-side encryption refers to encrypting data before sending it to Amazon S3 – Use an AWS KMS-managed customer master key. – Use a client-side master key – Disadvantage: Less matching the AWS ecosystem.You need to manage keys.
  • 24. S3: Security and encryption 24 ▪ Client side master key – Your client-side master keys and your unencrypted data are never sent to AWS – manage your own encryption keys – If you lose them, you won't be able to decrypt your data. – When uploading an object ▪ You provide a client-side master key to the Amazon S3 encryption client ▪ for each object , encryption client locally generates a one-time-use symmetric key ○ The client uploads the encrypted data key and its material description as part of the object metadata ▪ The material description helps the client later determine which client-side master key to use for decryption ▪ The client then uploads the encrypted data to Amazon S3 and also saves the encrypted data key as object metadata – When downloading an object ▪ The client first downloads the encrypted object fromAmazon S3 along with the metadata ▪ Using the material description in the metadata, the client first determines which master key to use to decrypt ▪ the encrypted data key.
  • 25. S3: Security and encryption 25 ▪ Client Side KMS–Managed Customer Master Key (CMK) – you provide only an AWS KMS customer master key ID (CMK ID) – you don't have to worry about providing any encryption keys to the Amazon S3 encryption client (for example, the AmazonS3EncryptionClient in the AWS SDK for Java). 2options ▪ A plain text version ▪ A cipher blob – unique data encryption key for each object it uploads.
  • 26. S3: Security and encryption 26 ▪ Server Side Encryption (SSE) – Server-side encryption is about data encryption at rest – 3 methods ▪ Server-Side Encryption with Customer-Provided Keys (SSE-C) ▪ S3-Managed Keys (SSE-S3) ▪ AWS KMS-Managed Keys (SSE-KMS)
  • 27. S3: Security and encryption 27 ▪ New Amazon S3 Encryption & Security Features
  • 28. AWS Storage Gateway 28 – The AWS Storage Portfolio:
  • 29. AWS Storage Gateway 29 ▪ AWS Storage Gateway connects an on-premises software appliance with cloud-based storage to provide seamless integration with data security features between your on- premises IT environment and the AWS storage infrastructure. You can use the service to store data in the AWS Cloud for scalable and cost-effective storage that helps maintain data security. ▪ AWS Storage Gateway offers file-based, volume-based, and tape-based storage solutions: – File Gateway: ▪ A file gateway supports a file interface into Amazon Simple Storage Service (Amazon S3) and combines a service and a virtual software appliance.
  • 30. AWS Storage Gateway 30 ▪ Volume Gateway: – A volume gateway provides cloud-backed storage volumes that you can mount as Internet Small Computer System Interface (iSCSI) devices from your on-premises application servers ▪ Tape Gateway : – With a tape gateway, you can cost-effectively and durably archive backup data in Amazon Glacier. – A tape gateway provides a virtual tape infrastructure that scales seamlessly with your business needs and eliminates the operational burden of provisioning, scaling, and maintaining a physical tape infrastructure.
  • 31. Snowball 31 • Snowball is a petabyte-scale data transport solution that uses devices designed to be secure to transfer large amounts of data into and out of the AWS Cloud. • Using Snowball addresses common challenges with large-scale data transfers including high network costs, long transfer times, and security concerns. • Customers today use Snowball to migrate analytics data, genomics data, video libraries, image repositories, backups, and to archive part of data center shutdowns, tape replacement or application migration projects. • Transferring data with Snowball is simple, fast, more secure, and can be as little as one-fifth the cost of transferring data via high-speed Internet. • https://youtu.be/9uc2DSZ1wL8

Editor's Notes

  • #5: https://docs.aws.amazon.com/AmazonS3/latest/user-guide/static-website-hosting.html
  • #6: https://docs.aws.amazon.com/AmazonS3/latest/user-guide/static-website-hosting.html
  • #8: https://docs.aws.amazon.com/AmazonS3/latest/user-guide/static-website-hosting.html