Tips and tricks AWS Solutions Architect Associate #13

Access & Security

• Pre-signed URL: Temporary access (default 7 days).

• Bucket Policy: Controls access inside S3 (resource-based).

• Encryption: S3 encrypts every object by default, but no audit/rotation built-in.

---

Data Access Features

• Byte-Range Fetch: Retrieve partial object (useful for large files).

• S3 Select: Query data within objects (CSV, JSON, Parquet).

---

Costs & Storage Classes

• Cost hierarchy: S3 < EFS < EBS.

• Standard: General purpose.

• Intelligent Tiering: Moves objects automatically.

• Infrequent Access (IA): Backup use.

• One Zone-IA: Cheaper, 1 AZ only.

• Glacier Instant: Retrieval < 6 min.

• Glacier Flexible: Variable retrieval times.

• Glacier Deep Archive: Cheapest, retrieval ~12h.

---

Management & Analysis

• Storage Lens: Usage and activity metrics.

• Versioning: Enabled → keeps all versions (non-null versions remain even after delete).

  • Transitions possible (e.g., from IA → Glacier).

---

Data Movement

• Copy/Sync:

  • s3 sync (local ↔ S3 or S3 ↔ S3).

  • Batch replication (S3 → S3, cross-region).

• Transfer Acceleration: Faster uploads to a bucket (not bucket-to-bucket).

• Multipart Upload: Required > 5 GB.

• Snowball → S3 → Glacier: For large offline transfers.

---

Limits & Performance

• API rates: ~3500 PUT/POST/s, 5500 GET/s per prefix.

• Bucket operations: list bucket, delete bucket/*.

• Key Prefixing: Use prefixes to optimize performance.

• Object URL: https://<bucket>.s3.<region>.amazonaws.com/<key>.

---

⚡ In short:

• S3 = scalable, secure, tiered storage, cheaper than EFS/EBS.

• Access via pre-signed URLs, policies, or APIs.

• Optimize costs using storage classes and transitions.

• Optimize performance with prefixes, multipart uploads, and transfer acceleration.