S3 Bucket Creation and Interaction Demo

Step 1: Initial Setup

  1. Log into the IAM admin user within your general AWS account.

  2. Ensure you are in the Northern Virginia region (US East-1).

  3. Navigate to the S3 console by searching for S3 in the AWS services.

Step 2: S3 Console Overview

  1. Note: S3 uses a global namespace; region selection isn't needed on the landing page.

  2. The console shows buckets from all regions in your AWS account.

Step 3: Bucket Creation

  1. Click "Create bucket" to begin.

  2. Specify a unique name for your bucket. For example, use "koala campaign" followed by random numbers (e.g., koalacampaign1330337koalacampaign1330337).

Step 4: Understand Bucket Naming Rules

  1. Names must be:

    • Between 3 and 63 characters.

    • Composed of lowercase letters, numbers, dots, and hyphens.

    • Starting and ending with a letter or number.

    • Not formatted like an IP address.

    • Not beginning with "xn--".

    • Globally unique.

  2. Note: Specific rules apply for certain S3 features like static website hosting.

Step 5: Region Selection

  1. Choose a region for the bucket (US East-1 is recommended for consistency).

  2. Skip the option to copy settings from an existing bucket for a new setup.

Step 6: Object Ownership

  1. Skip object ownership settings for now; these will be covered in detail later.

Step 7: Block Public Access

  1. S3 buckets are private by default; only the creating account and root user have access.

  2. The IAM admin user has access due to granted admin permissions.

  3. The "Block Public Access" setting prevents unintentional public access.

  4. To allow public access:

    • Untick "Block Public Access".

    • Acknowledge the risk when unticking.

  5. Note: Unticking doesn't automatically make the bucket public.

Step 8: Other Settings

  1. Skip bucket versioning, tags, default encryption, and advanced settings for this demo.

Step 9: Complete Bucket Creation

  1. Click "Create bucket" to finalize.

  2. If the name is taken, add more random digits.

  3. The created bucket appears in the list with its name, region, access overview, and creation date.

  4. The access overview indicates if objects can be public, not if they are public.

Step 10: Understand Bucket Details and Amazon Resource Names (ARNs)

  1. Click the bucket name to navigate inside.

  2. Each bucket has a unique Amazon Resource Name (ARN).

  3. ARN format: arn:aws:s3:::bucketnamearn:aws:s3:::bucket-name

  4. ARN structure: arnarn (Amazon resource name), awsaws (partition), s3s3 (service name), and the bucket name.

  5. Note: Region and account number are not in the ARN because bucket names are globally unique.

Step 11: Bucket Tabs Overview

  1. Objects Tab: Overview of objects in the bucket.

  2. Properties Tab: Configuration options (bucket versioning, tags, encryption, logging, CloudTrail data events, transfer acceleration, object lock, request to pay, static website hosting).

  3. Permissions Tab: Fine-grained permissions settings.

  4. Metrics Tab: CloudWatch metrics for the bucket.

  5. Management Tab: Access management functionality.

  6. Access Points Tab: Advanced functionality (covered later).

Step 12: Uploading Objects

  1. Click "Upload" in the Objects tab.

  2. Upload files and folders.

  3. Add files by clicking "Add files."

  4. Select the three image files (koalanom1.jpg, koalanom2.jpg, koalazzz.jpg) from the downloaded folder.

Step 13: Configure Upload Settings

  1. Verify the destination shows your S3 bucket name.

  2. Note: With version control disabled, overwriting objects is possible.

  3. Select storage class (standard is the default).

  4. Skip other options and click "Upload".

Step 14: Emulate Folder Creation

  1. Click "Create folder" to emulate a folder structure.

  2. Create a folder named "archive".

  3. Note: S3 is a flat structure, so folders use prefixes.

  4. Upload koalazzz.jpg into the "archive" folder.

  5. The actual object name becomes archive/koalazzz.jpgarchive/koalazzz.jpg.

Step 15: Accessing Objects

  1. Select an object to open its overview screen.

  2. The object URL, if opened directly, will result in an access denied error due to missing authentication.

  3. S3 objects are private by default.

  4. Clicking "Open" on the object overview screen works because it includes authentication.

Step 16: Cleaning Up

  1. Empty the bucket before deleting it. Select the bucket and click "Empty".

  2. Confirm by typing "permanently delete".