AWS Amazon S3 - Ultimate Master Class

Discover how Amazon Web Services enables scalable cloud applications across industries, with use cases in websites, mobile apps, and backup storage, and an overview of regions, AZs, and edge locations.

Define AWS regions as clusters of data centers in infrastructure, map regions like US east one, EU west two, and AP south one to locations, and refer to region diagram.

Define a VPC as a secure, isolated section of the AWS cloud within a region, enabling us to launch resources and understand how regions and VPC fit into the architecture.

Explore AWS availability zones as data centers within a region, labeled A through F, and how two to six zones enable high availability for your VPC workloads.

Learn how subnets in a VPC balance public and private access across AZs. Public subnets use an Internet gateway; private subnets rely on a NAT gateway and route tables.

Discover how AWS edge locations, a global network of over 200 points of presence, bring content closer to users. Enjoy low-latency delivery of PDFs, images, and videos.

Sign up for an AWS account by visiting aws.amazon.com/free, providing your email and account name, verifying the email, adding a payment method, and using the pdf guide in resources.

Explore the AWS management console by adding and removing widgets, set the region to Ohio, and bookmark IAM and S3 for quick access.

Create a designated AWS budget using the budgets feature in billing and cost management. Set a monthly recurring, fixed amount with an 80% alert via email.

Explore identity and access management (IAM) in AWS, learning to create users and groups, attach permission policies (JSON), and implement MFA to secure root and IAM accounts.

Create an iam user and a developers group, attach administrator access and password change policies to the group, add the user ana to the group, and download the credentials csv.

Learn how to sign in as an IAM user using a unique account alias and sign-in URL, including creating the alias, saving the URL, and credentials management.

Secure your AWS accounts by enabling multi-factor authentication on both your IAM user and root user using an authenticator app, scanning a QR code, and entering two consecutive codes.

Generate AWS access keys to enable programmatic access for syncing your Django app's static files to an S3 bucket, and prepare to configure the AWS CLI for automated syncing.

Master IAM best practices by using IAM users instead of the root account, enabling MFA, and enforcing a password policy. Group users to assign permissions efficiently and never share credentials.

Explore how Amazon S3 stores objects in unique buckets, supports files from images to static files, and uses regions, keys, version IDs, metadata, and ACLs to manage data and access.

Explore the shared responsibility model, with AWS securing the cloud and customers securing in the cloud, including data, applications, and S3 bucket policies.

Explore Amazon S3 storage classes, including standard, infrequent access, one zone infrequent access, Glacier variants, and Intelligent-tiering, focusing on durability and retrieval times.

Analyze general pricing for Amazon S3, including free data transfer in, data transfer out costs, per-1000-request charges, storage fees, and region-based differences that decrease per gig as storage grows.

Learn how to use Amazon S3 through the management console or the command line interface to create buckets, upload files, and organize data, while leveraging REST APIs and SDKs.

Explore the AWS snow family for data migration and edge computing with snowcone, snowball edge, and snowmobile, and learn how to transfer data online or offline via AWS Datasync.

Compare the AWS snow family devices—the snow cone, snowball edge, and snowmobile—by storage capacity from eight terabytes to one hundred petabytes and data migration sizes from terabytes to exabytes.

Learn how edge computing enables data processing and storage at an endpoint, away from the cloud, using devices like Snowcone and Snowball Edge for environments with limited internet.

Download the S3 resources folder before starting this section, using the resources link in the lecture. If you already downloaded it earlier, skip and proceed.

Switch regions quickly in Amazon S3 using the top-right region control to move between US East Ohio, US East Two, and EU West Two (London), preparing for cross-region replication.

Create an Amazon S3 bucket with a unique name and region, then upload files or folders via manual or drag-and-drop, managing objects and folders.

Perform hands-on management of S3 objects by copying, moving, downloading, and deleting across buckets in different regions, while handling common not found errors.

Discover how Amazon S3 bucket policies, written in JSON, grant access to buckets and objects by specifying resource, action, principle, and effect, with a practical policy-building activity.

Learn to create an Amazon S3 bucket policy that enables public read access for objects using the policy generator, adjust block public access, and test object URLs.

Explore the three basic encryption options in Amazon S3: client-side encryption before upload, server-side encryption after upload, and no encryption, with practical contrasts for secure storage.

Learn how to enable and customize Amazon S3 server-side encryption using SSE-S3 or SSE-KMS, manage bucket keys with AWS KMS, and ensure new objects are automatically encrypted.

Learn how tags—key-value pairs—classify storage and allocate costs for S3 buckets and objects, including case sensitivity, unique keys, optional tags, and limits.

Learn to add and manage tags on Amazon S3 buckets and objects, use tags for cost tracking and grouping, and edit or remove tags during uploads and after.

Learn how Amazon S3 bucket versioning creates file versions and automatically updates objects. Roll back to a prior version using practical examples like index.html to master version control in S3.

Create a simple html file in notepad, save it as index.html, and drag it into the S3 resources folder to practice file management.

Follow this lab to create a simple HTML file on macOS using TextEdit set to plain text, save as index.html, and add it to your S3 resources folder.

Enable bucket versioning, upload and overwrite objects, then view versions and version IDs to roll back to earlier versions.

Learn how bucket versioning tracks changes, revert to previous object versions, and recover deleted files using versions and the delete marker in an Amazon S3 bucket.

Explore how Amazon S3 object lock prevents modification or deletion for a set time or indefinitely using the worm model. The instructor warns of careful, hands-on practice.

learn how to enable object lock at the bucket level, create a dedicated lock bucket, and configure retention in governance or compliance mode to prevent deletion for a set period.

Learn to use Amazon S3 transfer acceleration to speed up data uploads, compare accelerated and direct uploads with a regional speed simulation, and enable the accelerated endpoint while considering pricing.

Differentiate system metadata from user defined metadata in Amazon S3, noting metadata is managed by Amazon S3 (including object creation date) while user metadata uses case sensitive custom key–value pairs.

Practice adding and editing object metadata in Amazon S3 through a hands-on lab that demonstrates system defined and user defined metadata, inherited values, and per-object customization.

Delete S3 buckets after emptying their objects, remove object lock after expiry, verify no buckets remain, and prepare to create buckets via the AWS CLI.

Explore how to apply the course suggestion, balance using your own files and folders with course content, and manage buckets, objects, bucket policies, and JSON files.

Discover the AWS command line interface for managing services like S3, and learn high level commands for uploading, deleting, syncing, and moving files, plus low level S3 API operations.

Install and configure the AWS CLI on Windows, verify the installation, and set your credentials, default region us east two, and output format JSON.

Install Python 3.11.1 on Windows with the 64-bit installer, running as administrator to enable the path. Add python.exe to the path, then verify installation in cmd with python --version.

Prepare for the course by downloading the S3 CLI resources folder, organizing sample images and docs, and signing into AWS to observe an empty S3 bucket for CLI automation.

Carry out a hands-on lab to create an Amazon S3 bucket using the AWS CLI, configure credentials, and verify the bucket with aws s3 ls in US East 2.

Upload a file to an s3 bucket via the command line interface, verify object in the console, and list or rename uploads using AWS s3 cp and AWS s3 ls.

Master bulk uploads to Amazon S3 by using aws s3 cp with recursive, verify results with aws s3 ls, and navigate bucket structure and folders.

Learn to bulk upload files into a subfolder in an AWS S3 bucket using aws s3 cp with --recursive, and verify with aws s3 ls --recursive.

Learn to download single and multiple files from an Amazon S3 bucket using the CLI, creating downloads folders and handling exact file names and case sensitivity.

Learn to copy and move objects between S3 buckets across regions using the AWS S3 CLI. Create buckets, copy with cp --recursive, then move with mv --recursive, and verify.

Learn to delete aws s3 buckets and individual objects using the cli, including emptying buckets, force deletion of non-empty buckets, and recursively removing folders and files.

Learn bucket tag management in AWS S3 via the low level CLI: add, retrieve, and delete bucket tags using put bucket tagging, get bucket tagging, and delete bucket tagging.

Learn tag management with objects in AWS S3 by tagging, listing, retrieving, and removing tags using the AWS S3 API, including keys, buckets, and object keys.

Synchronize objects and buckets with the AWS S3 sync command, learn to upload only changed files, manage buckets, and replicate across regions.

Apply include and exclude filters to files in AWS S3 during uploads. Create and verify a bucket, then upload with recursive commands that include JPEGs and exclude TXT files.

Add metadata to uploaded objects in a new s3 bucket using cp with --metadata, including customer and priority. Verify with head object, and note metadata can be added after upload.

Set object storage classes in AWS S3 using the CLI by creating a bucket, copying files, applying standard-ia, verifying with head object, and applying batch changes by prefix.

Learn to enable bucket versioning on an Amazon S3 bucket via the CLI using AWS S3 API, then validate with get bucket versioning and switch between enabled and suspended states.

Explore bucket versioning, validate default server-side encryption with get bucket encryption, and delete the bucket using a force option after clearing objects for a clean teardown.

Perform a section cleanup by deleting the metadata bucket and the bucket demo using aws s3 rb --force to empty and remove, then verify with aws s3 ls.

Prepare the section by verifying there are no S3 buckets and downloading the S3 resources folder from the lecture resources, following a clear, structured sequence for setup.

Set up an s3 bucket and enable object upload notifications by routing s3 events to an sns topic, then email-subscribe and confirm the subscription.

Discover Amazon S3 access logging by sending requests to a dedicated logging bucket for audits of get, put, delete, and upload actions, with 24–48 hour log generation and Cloudtrail integration.

Enable server access logging for an S3 bucket by creating a logging bucket, configuring the destination path, and generating requests with uploads and deletions to populate logs.

Enable object level logging for S3 by creating a CloudTrail trail, selecting S3 data events, and monitoring logs with CloudWatch and SNS notifications.

Master metrics and inventory in Amazon S3 by measuring bucket size and object counts, and set up inventory reports in CSV to a destination bucket for compliance.

Evaluate S3 bucket health by reviewing total bucket size and object counts, and explore detailed storage and request metrics in CloudWatch with customizable timelines and filters.

Explore cross region replication and same region replication in Amazon S3, and learn how to enable versioning on source and destination buckets before moving objects.

Learn to set up S3 replication between an origin and a destination bucket, enabling versioning, configuring cross-region and same-region rules, and validating replication by uploading test objects.

Learn how to create an S3 bucket, upload objects, and manage storage classes—switching between standard, standard IA, and glacier for individual objects or folders.

Configure S3 lifecycle management rules to automatically move objects from standard to standard infrequent access, then to Glacier or one zone infrequent access, and finally delete your object.

Learn to set up lifecycle rules to automatically transition objects from the standard storage class to standard-ia after 30 days, with notes on glacier costs and rule management.

Change an S3 object's storage class to glacier flexible retrieval, initiate a restore, and download the object within minutes while understanding retrieval options and costs.

Explore cost management with AWS Cost Explorer to visualize costs and usage, switch between bar, line, and histogram charts, and filter by S3 or regions.

Empty your S3 bucket by deleting all objects, then delete the bucket to remove resources and prevent unwanted costs.

Explore data security in Amazon S3 by configuring bucket policies, access control lists, and public access settings, then manage access with IAM users, groups, and policies.

Prepare for the section by cleaning up existing S3 buckets, downloading the resources and S3 exercise folders, and configuring IAM with MFA to manage groups and users for real-world scenarios.

Enable public access via an ACL in a lab, using admin IAM with administrator access. Create and configure an S3 bucket, enabling ACLs to grant public read and list.

Learn to enable public access in AWS S3 using ACLs, adjust bucket and account block public access settings, and verify listing and viewing of objects via incognito testing.

Explore a real world exercise with a simulated IT department in Amazon S3, detailing project manager full access and programmer limited access, plus IAM policies for file permissions.

Explore how IAM policies grant or deny access across AWS services, with a focus on S3 bucket and object level permissions and practical examples for EC2, S3, and CloudFront.

Sign in as different IAM users (main, programmer one, project manager one) in an incognito window, switch between AWS consoles, and verify region settings and sign-in URLs.

Set up two s3 buckets, upload a secret file to private bucket, and create an iam policy granting list, get, put, and delete access for the project manager and programmer.

Learn to create a custom IAM policy for a project manager, attach it to a group, and test S3 bucket permissions for read, write, and object operations.

Sign in as administrator, configure programmer policy for Amazon S3, grant read/write access to the front end folder, and restrict deletion.

Test and enforce access in aws s3 by applying an iam policy to a programmer group, validating read and write permissions on a project bucket's front-end folder and index.html.

Configure an explicit deny in a project manager IAM policy to block get object on S3 front end folder, then test access as different users.

Explore how Amazon S3 bucket policies use JSON to grant access to buckets and objects, detailing resources, actions like S3:getobject, and a hands-on activity to create your own policies.

Create a bucket, upload objects, and apply a bucket policy that lets Programmer one list the bucket and get objects. Sign in as Programmer one to open or download files.

Demonstrates restricting access to S3 objects via bucket policies and object tags, using the tag is available set to yes to gate get object access for Programmer one.

Perform a hands-on section cleanup by emptying all S3 buckets, deleting IAM policies, users, and groups, then verify the remaining user has administrator access before moving on.

Prepare for this section by downloading the resources folder and organizing the S3 bucket, including index.html, error page, team page, and images, to host a static website with Amazon S3.

Discover how Route 53 acts as a DNS service, creating DNS records to map domain names to AWS resources, and implement simple, weighted, failover, and latency routing policies.

Register a domain name with AWS Route 53 and search for availability. Proceed through the three-phase checkout—pricing, contact information, and review—and track status while setting up hosted zones.

Create an S3 bucket named after your domain, enable public access via a bucket policy, and upload your site files. Enable static website hosting and set index.html as home page.

Configure a domain for an S3 static site by creating a redirect bucket, enabling public access via bucket policy, and using Route 53 aliases for www and root domain.

Configure a static website to display a custom error page by setting the error document to error.html, then test 404 redirects for invalid urls.

learn how to implement redirection rules in amazon s3 using json, including routing rule elements, conditions, and redirects for prefixes and http errors.

Explore how Amazon CloudFront, a content delivery network, caches content at edge locations from origins like Amazon S3 or HTTP origins to reduce latency and improve read performance.

Create a CloudFront distribution to securely serve your static website from an S3 bucket, enable http to https redirects, and bind a custom domain with an SSL certificate in us-east-1.

Disable the CloudFront distribution and wait five to ten minutes before deleting it. Remove Route 53 records and empty and delete the S3 buckets for complete resource cleanup.