Handling S3 Objects Events With Lifecycle Policies and Server Access Logging
Description
If you are a solutions architect, one of the most required things is to design and deploy efficient, cost-effective, and highly available storage solutions in the cloud. Then, if you are working on a storage solution that needs to better handle the objects, you should consider handling them automatically. For that reason, AWS allowed users to implement the Lifecycle Policies on the S3 buckets. As the name suggests, a lifecycle policy allows you to specify actions to perform on objects based on their lifecycle. You can implement various actions such as deleting them after a certain period of time, moving them between storage classes to implement a cost-effective solution, deleting incompleted multipart uploads.
To have a fully monitored storage solution, you can decide to implement server access logging. That means that each operation performed on a single bucket or object will be logged into another bucket. One of the most important things to remember is to not choose the origin bucket as the target bucket for logging; that would create an infinite recursive iteration and it could cost you a lot of money.
In this lab, you will create an S3 bucket where you will implement lifecycle policies, and you will create a second S3 bucket that will be used as the server access logging target for all the operations performed on the first one.
Lab Objectives
Upon completion of this Lab you will be able to:
- Setting up lifecycle policies for your S3 buckets
- Creating a server access logging S3 solution
Intended Audience
This lab is intended for:
- AWS Solutions Architect Associate exam candidates
- Cloud architects that need to design and deploy an object managed solution on S3
- Anyone curious about how objects can be automatically handled
Prerequisites
To get the most from this lab, you should be familiar with S3. You can follow these labs:
Updates
October 31st, 2023 - Updated screenshots to reflect the latest UI
October 18th, 2022 - improved explanation around how access is granted in the log delivery target bucket
December 30th, 2021 - Updated screenshots and instructions to reflect the latest UI