In this article we will do LAB on AWS S3 Bucket & its Versioning. We will run through on how to create a S3 bucket and understand its permission so that we can delegate the right users to access what bucket they should access.
Also we will run through the feature called “Versioning” a powerful way in which you can protect the modification or deletion of the file. Versioning basically stores all versions of an object and consider it as one of the great backup tool. We will also go through the restoration process which is quite easy.
Go to the services dashboard and select S3 storage service
You will notice while creating a bucket it also asks for the region, I have selected my nearest region as Mumbai
You cannot use the name which is already been used as discussed in our previous article the bucket namespace is global and it must be unique. It seems mumbucket is already been created so let’s create bucket name called mumbucket1
If you notice mumbucket1 is created
Click on mumbucket1, on the right pane you will notice its attribute and values associated
As you see below storage management features are now available in new console, let’s click on Opt-In to do our further Lab step in new console
Below is the Amazon S3 new console look
After clicking on the mumbucket1, the features associated to the object will be displayed as mentioned below
Clicking on permission option shows who has access to the bucket and what kind of permission is assigned. Below is the default root permission which is applied when the bucket was created. You can add other AWS users or assign permission to everyone whom you want to allow access from internet.
Let us upload file and then assign permissions
Here is my file from the desktop called test.txt to upload
You can assign the permission here as who can access what, the root account that is Charles*** has permission by default and while uploading we can assign other users permissions too. The file will not be accessible from internet as it is private by default. Notice there are two types of permission and below is explanation.
· Object Permission – When you select read or write option the users has access not to read the document but to modify or delete.
· Object Permission – when you assign read or write the user will be able to view who all users have the permission to that particular object and can modify that permission too.
Let’s leave the default and click on next to continue
We have gone through the previous article on the storage class and their features for this particular lab we will leave default option and click on next to continue
Review the settings and click on upload
The file is uploaded in the bucket as mumbucket1
Click on the file test.txt and you will notice the link to access the file but when you try to access it throws access denied error because we had not assigned any permission to access from internet.
You can select option make public so that the file is accessible from internet
Now you see the permission is updated and AllUsers is updated with permission is set to read on Object access
Now when you open the test.txt file link again you will notice it is opening without any access denied error.
So far we have created a bucket called mumbucket1 and uploaded a test.txt file, let’s enable versioning on bucket and the file containing inside the bucket will have multiple version when changes are made to it. To enable the versioning all we have to do is under properties of the bucket enable the versioning radio button.
One thing you must be aware that once you enable the versioning you cannot disable it except suspend that means will going forward not keep multiple version of file once the versioning is suspended but which was already had different versions of file will be kept as it is. If you want to delete it, the process is to manually select the appropriate version which you want to delete.
Versioning is now enabled
Notice on top there is a tab called latest version, you can drop down for multiple version of a file.
Let us now download the test.txt file, modify the content and upload it
I have updated the file with next line – “updating the downloaded file”. Notice the file name must not be changed or you should not replace it with same name file.
Let’s set the file permission so that it can be accessible from the internet and upload it.
Now when you see the file properties and drop down the latest version tab you will notice there are two files. Remember it will double the size of the size in your S3 storage and you might want to consider before enabling versioning feature.
Now when you try to access the test.txt file link, notice the updated content inside the text file.
You can also select the respective versions and delete unwanted and let’s say we delete the latest version
The test.txt will be showing the original file as mentioned below.
Now let’s delete the test.txt file and try to restore it. Select the test.txt file and under more option select the delete option and the file will be deleted.
File is deleted now. I was going through the AWS technical documentation but was unable to find a guide on how to restore object from a new portal. For this lab we will be going back to old console of S3 storage service.
Now when you are on the old console select the bucket mumbucket1
You will notice versions: Hide / Show
Those files now which are deleted are actually marked as deleted not hard deleted. All we have to do is click on show and select the file which has a remark (delete marker) and through the action drop down select delete to move it from Show to Hide tab.
You will notice now the test.txt file has been restored successfully.
So far what we have learned:
· Creating a S3 bucket and checking its permission – very critical
· Securing S3 bucket using permission
· Enabling versioning on a bucket and checking multiple version of files
· Deleting and restoring file from the S3 bucket.