Amazon S3 (Simple Storage Service) is a highly scalable and durable object storage service that provides developers with a secure and cost-effective way to store and retrieve any amount of data. It offers a simple API interface and enables applications to easily store and retrieve images, videos, audio files, and other assets without worrying about capacity, availability, or data loss.
Asset Serving for API
Many APIs need persistent blob storage for artifacts/manifests/objects that aren’t suitable for storage in a database.
Amazon S3 provides an ideal solution for storing and delivering media assets, such as images, videos, and audio files, for web and mobile applications.
Backup and Disaster Recovery
S3 can be used to backup important application assets, such as code, configurations, and databases, to ensure they are always available in the event of a disaster or outage.
Machine Learning Model Storage
Large machine learning models can store model data in S3 and load it as needed by applications
This bundle is designed around the specific use-case of storing application assets in S3. For this reason, assumptions are made regarding the configuration of the bucket. For example, public access is disabled, object versioning is disabled.
Deploys regional S3 for High availability in the event of zonal failure
Dedicated KMS Key
Uses a dedicated KMS key with narrowly scoped permission for encryption
A KMS key is created and narrowly scoped to the bucket for encrypting all assets.
No public access is allowed to this bucket
The following policies are created for managing access to the S3 bucket.
read: Grants read access to objects in the bucket
write: Grants access to write objects to the bucket
Non-intentions / Out of Scope Use-cases (for this bundle)
- Eventing bucket for lambda ETL (would include notifications)
- Static Website Content (would include routing / endpoint configuration)
- Cold / Archival storage only
- Data Lake (analytics configuration and option for transfer accelerate configuration)
- Replication to other regions
- Requester Pays user content download
- Log Storage
|AWS Region to provision in.
|Enabling this will create an additional bucket for storing access logs