current position:Home>AWS serverless design-s3

AWS serverless design-s3

2022-04-29 07:57:24zoobuzas

AWS serverless Design -S3

Can you guess the usage from the bucket name ?

This is the same as naming variables , But if the name is right , If you look at the bucket name and don't know what it is used for , You have to check it . If you decide to include production... In the production bucket , You can reduce the number of operations .
 Insert picture description here

Whether to place the bucket in the area you want ?

ALB Logs can only be output to buckets in the same area .
If you use VPC Terminal node access S3, from EC2 Your access will be faster, but please note , It can only work with VPC Used in buckets in the same area .

Is the storage level reasonable ?

Infrequently accessed objects can be accessed through Standard-Infrequent Access,One Zone-Infrequent Access Etc , To reduce costs .
( Be careful One Zone-Infrequent Access because AZ Fail to access )

Whether the version control settings are appropriate ?

If you accidentally delete an object , If version control is enabled , You can undo it . however , You will also pay for past versions of the object .

Whether the life cycle rules are appropriate ?

Frequent visits in the first month , After that, the access frequency dropped sharply . under these circumstances , Setting life cycle rules to low frequency storage classes will reduce costs . If you want to delete the log after a certain time , You can also set deletion rules .

Whether the encryption settings are appropriate ?

Encrypt your important data . But there seem to be various restrictions , So be careful ( I'm not very familiar with , be it so ……)

Block public access Whether the setting is appropriate ?

If you open this , In the bucket policy /ACL Is incorrectly set to public
When you allow public access, it will give you an error .
 Insert picture description here


We ban ACL, It will be very simple. , Because you can only pass bucket Policy to control access , And when uploading , You're in trouble

Minimize bucket policy (Policy) The authority given


Minimize bucket policy (Policy) The authority given

When you don't know what permissions you need , It's easy to set such a bucket policy , But it's dangerous . Only the minimum write permission is allowed .

copyright notice
author[zoobuzas],Please bring the original link to reprint, thank you.

Random recommended