AWS S3 Application Asset Bucket
AWS S3 Bucket optimized for storing arbitrary application files like avatar images, CSV uploads, videos, and more.
Deployments
41
Made by
Massdriver
Official
Yes
No
Compliance
Clouds
Tags
aws-s3-application-asset-bucket
Amazon S3 (Simple Storage Service) is a highly scalable and durable object storage service that provides developers with a secure and cost-effective way to store and retrieve any amount of data. It offers a simple API interface and enables applications to easily store and retrieve images, videos, audio files, and other assets without worrying about capacity, availability, or data loss.
Use Cases
Asset Serving for API
Many APIs need persistent blob storage for artifacts/manifests/objects that aren’t suitable for storage in a database.
Media Storage
Amazon S3 provides an ideal solution for storing and delivering media assets, such as images, videos, and audio files, for web and mobile applications.
Backup and Disaster Recovery
S3 can be used to backup important application assets, such as code, configurations, and databases, to ensure they are always available in the event of a disaster or outage.
Machine Learning Model Storage
Large machine learning models can store model data in S3 and load it as needed by applications
Design
This bundle is designed around the specific use-case of storing application assets in S3. For this reason, assumptions are made regarding the configuration of the bucket. For example, public access is disabled, object versioning is disabled.
Best Practices
High Availability
Deploys regional S3 for High availability in the event of zonal failure
Dedicated KMS Key
Uses a dedicated KMS key with narrowly scoped permission for encryption
Security
KMS Encryption
A KMS key is created and narrowly scoped to the bucket for encrypting all assets.
Private ACL
No public access is allowed to this bucket
Policies
The following policies are created for managing access to the S3 bucket.
read
: Grants read access to objects in the bucketwrite
: Grants access to write objects to the bucket
Non-intentions / Out of Scope Use-cases (for this bundle)
- Eventing bucket for lambda ETL (would include notifications)
- Static Website Content (would include routing / endpoint configuration)
- Cold / Archival storage only
- Data Lake (analytics configuration and option for transfer accelerate configuration)
- Replication to other regions
- Requester Pays user content download
- Log Storage
Variable | Type | Description |
---|---|---|
bucket.force_destroy | boolean | WARNING Enabling this will delete all objects in the bucket during decommission. Disabling will block bucket deletion unless the bucket is empty. |
bucket.region | string | AWS Region to provision in. |
monitoring.access_logging | boolean | Enabling this will create an additional bucket for storing access logs |