4.2 Create an S3 Bucket

00:01

In this video

00:03

we will

00:04

create our first s three bucket.

00:07

We will upload

00:08

an object to our bucket.

00:11

We will make our object accessible from the Internet.

00:17

So in our last video,

00:19

we were introduced to Amazon s three

00:23

or Amazons. Simple storage service.

00:27

We learned about buckets,

00:29

version ing

00:30

and the different storage classes. The N W s offers for s3.

00:36

In this video, we will dive in and create our first s three bucket.

00:43

So from the AWS management console, we type in s three

00:49

and they didn't hit enter to be taken to the S three dashboard.

00:55

As you can see,

00:57

we don't have any buckets created yet.

01:00

Also,

01:02

if we go up to region

01:03

notice that this says global

01:07

s3 is one of the few aws global service is.

01:11

So let's click create bucket.

01:17

We have to give our bucket a d. N s compliant name.

01:21

Also, I am already in the North Virginia region.

01:25

But remember,

01:26

the S three buckets are global.

01:30

The copy the settings bucket

01:33

would enable us to clone an existing bucket. But since we haven't created any it

01:38

do that will not apply to us.

01:42

So back to the D N s compliant name

01:48

A bucket

01:49

has to be in all lower case characters or numbers.

01:53

If you try to put in anything other than that, it will throw in there.

01:57

Also, the bucket name was be unique,

02:00

meaning it can't exist anywhere else in de ns.

02:06

So if I try to name

02:07

my bucket

02:08

my first bucket, it will tell me that

02:13

that bucket name already exists.

02:15

So I will give this a unique name and call it

02:21

cyber ery dash rocks.

02:23

Oops. I have to make sure that I use all lower case characters.

02:38

I will just my screen

02:39

so that you can see the entire dialogue box.

02:44

Then we click next.

02:46

This takes us to the property screen.

02:51

Here we can enable version ing.

02:53

We can log request

02:55

for access to our bucket.

02:59

We can give our bucket attack for tracking purposes or two separate teams.

03:04

For example, I could say that this bucket belongs to the network department.

03:14

We could enable object level logging for auditing and cloudtrail.

03:20

We will discuss cloudtrail in future lessons.

03:23

We could also enable encryption on our bucket.

03:28

Under advanced settings, we could enable cloudwatch to monitor requests to our bucket

03:35

we will discuss cloudwatch in future lessons as well.

03:38

We could also enable object lock if we wanted to place locks on objects within our bucket.

03:46

So

03:47

let's leave all of the properties unchecked and then click next.

03:53

This takes us to the permission screen.

03:59

Here is how we can control public access to our bucket.

04:02

If you notice all the boxes are checked, indicating that by default as three buckets of private,

04:11

this wasn't always the case.

04:13

Early adapters to S three often place files in buckets,

04:17

not completely understanding that they would be available to anyone on the public Internet.

04:23

As you can imagine, this cause huge problems.

04:27

So now, by default buckets of private.

04:30

So let's click next.

04:33

This takes us to the review page where we can confirm the properties for the bucket that we want to create.

04:41

My buckets. Name is cyber very dash rocks.

04:46

We haven't enabled

04:47

any of the other properties, so this looks good.

04:51

So then we click create bucket

04:59

and there is our cyber Iraq's bucket.

05:02

We see that access is private,

05:11

so let's click on our bucket.

05:15

And of course, it's empty, since we just created it

05:17

and have not uploaded anything to it yet,

05:21

So let's click. Upload.

05:25

I am going to Dragon Image for much. Top to upload it to our bucket.

05:30

It's an image from one of my favorite TV shows, Mr Robot.

05:35

So

05:36

now the image is in our bucket.

05:43

If we click on it, then we could display its properties.

05:47

It's a J peg with the size of about 138 kilobytes.

05:53

This is the euro that has been assigned to it.

05:57

It's storage classes standard, which is the default,

06:01

and I am the owner of the file.

06:05

So next let's click the properties tap

06:10

these other properties that we left disabled when we created our bucket

06:15

version ING

06:16

server access logging.

06:19

We can convert our bucket into a static Web site if we chose to.

06:25

Here's object level logging and default encryption.

06:32

Then we scroll down and we could see a few more properties,

06:36

object lock

06:38

tags,

06:41

transfer acceleration, which we haven't discussed since. It's a bit beyond the scope of our course

06:46

here. We can set up notifications when certain events occur within our bucket.

06:53

Perhaps when we reach our 1,000,000 view and

06:55

something cool like that

06:59

and this is requested pays, which essentially charges the requester to view the object

07:03

within our bucket instead of the bucket owner.

07:08

Next, let's click the permissions tab.

07:11

Here we see sub taps.

07:14

The first is for managing our public access settings

07:18

on the access Control This tab

07:21

Weaken Grant Basic rewrite permission to other AWS counts.

07:29

The Bucket policy tab

07:30

is used to manage the policy of our entire bucket.

07:36

These are written in Java script object notation or Jason. For short.

07:44

The final tab

07:45

is for cross origin, resource sharing or cores For short.

07:50

This is an advanced topic, but in a nutshell,

07:54

it enables resource sharing between Web applications that may reside in different domains or organizations.

08:01

Next we clicked Management tat.

08:05

Here's where we can configure lifecycle management for the objects within our buckets toe automatically transition to different storage classes.

08:16

We will play around with this feature in the future lesson.

08:18

So let's go back to the overview tab

08:22

we can do this weekend. Display the properties for this object.

08:28

Now let's see what happens when we click the Mr Robot image in our bucket.

08:37

We get this XML error stating that access is denied.

08:43

Remember

08:43

that are images private by default.

08:46

So what if we want the public to be able to see this image?

08:52

How do we overcome this problem?

08:56

So let's head back to the overview tap.

09:00

We will go back to our s three buckets dashboard,

09:05

Then we click on our bucket,

09:07

then click Edit public access settings.

09:11

So if you recall when we first created our bucket

09:16

that the boxes below all had check marks by default.

09:20

Once we click edit public access settings, they disappear.

09:26

But

09:26

our object is still private.

09:30

To make our object public, we must first edit the bucket policy

09:33

for our bucket cyber, every rocks.

09:37

To do this,

09:39

we click, save.

09:41

And here we get this confirmation box from A W s where we actually have to type confirm

09:48

to edit our bucket settings.

09:50

So let's type confirm and then click confirm.

09:58

Close out the bucket properties.

10:03

Then let's go back into our bucket,

10:07

then select our object,

10:13

then under actions, select make public

10:18

that will take us to another confirmation screen, warning us that we're about to make this image public.

10:26

So let's click. Make public.

10:33

Now let's try to click our object again to verify that are changes were successful.

10:41

So we click the link and presto,

10:46

there is our Mr Robot image.

10:50

Also, I want to show you the operations tab that appears at the bottom.

10:56

This will let us know if our uploads or edits

11:00

are successful or not

11:16

learning. Check.

11:18

What are some of the rules for bucket naming an s3

11:26

bucket? Names must be unique across all existing bucket names.

11:31

Within Amazon s three

11:35

bucket names must comply with Dennis Naming conventions

11:41

A bucket name cannot be four minutes

11:43

like an I P address. For example, we can't use

11:46

an I p like 10 dot Tenn 10.0.10. About 10

11:52

bucket names must be at least three

11:56

and no more than 63 characters. Long

12:01

bucket names must not contain uppercase characters

12:05

or underscores.

12:09

Finally, bucket names must start

12:11

with a lower case letter or number.

12:24

This video

12:24

We created our first s three bucket.

12:30

We uploaded an object to our bucket.