S3 Hands On

Here I am in Amazon S3:

  • I’m going to go ahead and create a bucket.

  • Now you will notice here that there’s a region selected,which is Europe, Stockholm, eu-north-1.

  • This is because I have the region selection in here. (in your case, it would be the top right corner besides your account name). You can change and choose the region you want to create your bucket in,

Going forward:

  • Now in some regions you may or may not see the bucket type i.e. General Purpose and Directory New.

  • By default, it is autoselected as General Purpose, and for the exam we won’t be asked about Directory New (Usually it is for specific use cases).

  • Next you need to choose a bucket name. Note that if you enter a bucket name that is already taken like tests, you will get an error saying that the bucket name already exists. As studied previously in S3 Overview Section that bucket name must be unique across all regions and all accounts ever created in AWS. So name the bucket accordingly

  • Next for Object Ownership, currently you have ACL disabled, this is recommended, leave it as it is.

  • Next is “blocking public access to this bucket”, again, we’ll leave this enabled. meaning this will block all public access since we need maximum security in our bucket (so only us can upload files into it)

  • Next for bucket versioning, we want to disable bucket versioning right now, and we’ll see later on how to enable it.

  • Next is, Tags –> No Tags is needed

  • Next is Default Encryption –> I’m going to use server-side encryption with Amazon S3 managed key. Meaning all my objects are going to be encrypted. We will talk about Encryption later on.

  • Next is Bucket Key, I will enable it.

As you can see, all the settings are kept default except the bucket name that we had to set. Go ahead and click on Create Bucket.

now the bucket has been successfully created. In the above UI, you will see here all of your buckets, if you have directory enabled, you will also see Directory Buckets. Right now I have none of the directory buckets and have only General Purpose Buckets.

Note that:

  • It will display all of the buckets for all AWS regions, not just the current region right now, but all the regions as shown in the above UI.

  • You can search for the bucket that you have recently created

Let’s explore bucket named stephane-demo-s3-v5, search for it, and click on it:

  • now in my bucket, I would like to start uploading objects because currently you have zero objects.

  • Let’s click on upload, and then we can add files.

Click on upload the file from the directory from your local computer. As a result:

  • As you can see the jpg file, you can click on the object (file), and you will get to know the details of it:

Important things to note here:

  • If you click on Open on top area if you see, you will be able to access the image but if you click on the Object URL, you will not be able to access that (access denied)

  • Because it is a public URL, it does not contain encoded presigned credentials of yours with this public URL, when you had accessed the first link, the beginning part of the link was same, the ending part differs since it had presigned S3 credentials of yours in encoded format:

First Link

Second Link

we will see later in the course, how to make public URL accessible

Creating Folders:

  • So let’s go back into our bucket, the stephane-demo-s3:

  • And I have one object, but I can create a folder. Name the folder with the name called images.

  • Scroll down and create this folder.

  • Now I have the images folder in my bucket.

  • Click on images folder, and within it, I can upload again a file and this time, I will upload the beach.jpg file into it.

  • as you can see, the destination is my images folder within my S3 buckets.

  • Upload this and close it.

  • This is more like Google Drive or Dropbox.

  • Note that you can delete the S3 bucket or folder within the bucket, which will delete the files along with it.

Introduction to Amazon S3 Amazon S3 – Security