Amazon S3:
AWS S3(Simple Storage Service) enables users to store and retrieve their data.AWS S3 is a type of cloud storage which facilitates data storage and backup of the data.
It will helps in retrieving data during Disaster recovery.
Amazon S3 stores files in buckets.Buckets are like directories and we call files which are stored inside buckets as objects.S3 store “objects” such as photos, videos, documents, or other files.
AWS S3 benefits:
1. Security
Data stored in S3 are always protected from unauthorised access.All access to S3 data is controlled by IAM(Identity access management).
We can set access permissions to buckets using IAM console and only those users/roles will be allowed to access.
2.Availability
Availability is the measure of how readily a service can be accessed/used.AWS S3 offers 99.99 percent availability of data.
3. Durability
Durability is the measurement of the likelihood of loss of data stored in S3.S3 provides 99.9999999 percent durability.
4. Low cost:
In Amazon S3, we pay only for the data we use,Further we can also define policies to migrate the data automatically to the infrequent access which further reduces the cost since few storage classes like Amazon Glacier is even cheaper than S3.More about S3 storage classes can be found here.
5. Easy data migration
S3 provides many options to transfer and migration data in and out of S3 so not much expertise is required for the same.
6. Scalability:
Amazon S3 can be scalable horizontally which enables users to handle a large amount of data without worrying about the Scalability. It can be scaled automatically without human intervention.
Amazon S3 Data Encryption:
Data protection safeguard data at rest and while during transit.Means it covers data being stored or retrieved from S3 and also after it is stored in S3.
There are 2 ways we can encrypt the S3 data.
1)Server-side encryption:
As we already discussed we stores files in form of objects in S3. so if we choose server side encryption then AWS S3 will first encrypt the data before storing it in S3 bucket.
While decrypting the data, it will decrypt the data so that we can use it data.
2)Client-side encryption:
If we choose client side encryption then user ,has to encrypt(using encryption keys and the encryption logic) the data first before saving it to S3.
Similarly after data gets downloaded from S3 bucket, users has to decrypt the data before using it.So here control of encryption and decryption remains with the users.User can decide what encryption key and logic needs to be used etc.
Related articles: