Introduction
The Amazon S3 Glacier storage classes are purpose-built for data archiving, providing you with the highest performance, most retrieval flexibility, and the lowest cost archive storage in the cloud. To keep costs low yet suitable for varying retrieval needs, these storage classes support flexible retrieval options from milliseconds to several hours. The purpose of this tutorial is to show you how easy it is to begin storing your archive datasets in the Amazon S3 Glacier storage classes.
You can choose from three archive storage classes optimized for different access patterns and storage duration. For archive data that needs immediate access, choose the Amazon S3 Glacier Instant Retrieval storage class, an archive storage class that delivers the lowest cost storage with milliseconds retrieval. For archive data that does not require immediate access but needs the flexibility to retrieve large sets of data at no cost, choose Amazon S3 Glacier Flexible Retrieval (formerly S3 Glacier), with retrieval in minutes or free bulk retrievals in 5-12 hours. To save even more on long-lived archive storage, choose Amazon S3 Glacier Deep Archive, the lowest cost storage in the cloud with data retrieval within twelve hours.
By archiving on AWS you’ll have access to very low cost cloud storage, you’ll be able to digitally preserve and retain your data for the long term, and you’ll be able to leverage comprehensive security and compliance capabilities. The Amazon S3 Glacier storage classes are used by customers for their long-term enterprise archive data, media archives, backup data, and data lake archives.
Use the S3 console and S3 API to easily archive your data in Amazon S3. The S3 console and S3 API allow you to access all the features and functionality that the Amazon S3 service provides. Follow this tutorial to begin using the S3 console to store your archive datasets in the Amazon S3 Glacier storage classes.
What You Will Learn
- How to create an Amazon S3 bucket
- How to upload objects to the Amazon S3 Glacier storage classes
- How to restore your objects stored in the Amazon S3 Glacier Flexible Retrieval or Amazon S3 Glacier Deep Archive storage classes
Step 1: Create an Amazon S3 Bucket
- 1.1 — Sign in to the Amazon S3 console
- If you have not already done so, create an AWS account. Access this support page for more information on how to create and activate a new AWS account.
- Log into the AWS Management Console using your account information.
- From the AWS console services search bar, enter ‘S3’. Under the services search results section, select S3. You may notice an option for S3 Glacier. This option is for the Glacier service prior to integration with Amazon S3. We recommend all new S3 Glacier users use the S3 console.
- 1.2 — Create an S3 bucket
- Choose Buckets from the S3 menu on the left rail and then select the Create bucket button.
- 1.3 —
- Enter a descriptive globally unique name for your bucket. Select which AWS Region you would like your bucket created in. The default Block Public Access setting is appropriate for this workload, so leave this section as is.
- 1.4 —
- Next, enable bucket versioning to protect your data from accidental or malicious user deletes or overwrites. Read more about bucket versioning here. Then, add some tags to help track costs associated with our archive data over time. You can find more information about S3 bucket cost allocation tagging here.
- 1.5 —
- Next, you have the option of enabling default ‘at-rest’ encryption for the bucket. The settings here will apply to any objects uploaded to the bucket where you have not defined at-rest encryption details during the upload process. For this example, enable server-side encryption leveraging S3 service managed keys (SSE-S3). If your workload requirements are not satisfied by SSE-S3, you can also leverage AWS Key Management Service (KMS). More information about Amazon S3 and AWS KMS can be found here.
- 1.6 —
- Now you have the option to enable S3 Object Lock in the Advanced settings section. With S3 Object Lock, you can store objects using a write-once-read-many (WORM) model. S3 Object Lock can help prevent objects from being deleted or overwritten for a fixed amount of time, or indefinitely. S3 Object Lock can be used to help meet regulatory requirements that require WORM storage, or to simply add another layer of protection against object changes and deletion. For this workload, it is appropriate to enable S3 Object Lock to ensure important archived data is not deleted prematurely by unauthorized users.
- Choose the Enable option and check the check box to acknowledge enabling the S3 Object Lock settings. Then, select the Create bucket button.
- 1.7 — Configure S3 Object Lock
- Next, the S3 console will present a banner indicating the bucket creation was successful. The S3 console will also present a prompt informing you that additional configuration is needed to enable the S3 Object Lock feature. Select the bucket details link presented in the prompt. Making this selection will open the Properties tab for your newly created bucket.
- <Note: For this exercise, use Governance mode for the S3 Object Lock configuration. This will allow you to permanently delete your test object using an admin user after this tutorial has completed.>
- For more information about S3 Object Lock, read the blog featuring “Protecting data with Amazon S3 Object Lock.”
- 1.8 —
- On the bucket Properties tab, navigate to the Object Lock section and select the Edit button. Here you can set your default values for objects uploaded to your bucket. For this example, you want to enable retention for all objects uploaded to this bucket for 5 years. Select Enable for the Default retention option, choose governance mode by selecting the Governance option under Default retention mode and enter ‘5’ as the default retention period. Lastly, select Years for the unit of measure and then select the Save changes button.
