AWS re:Invent 2022
Beyond 11 9s of Durability Data Protection with Amazon S3 Stg338

Title

AWS re:Invent 2022 - Beyond 11 9s of durability: Data protection with Amazon S3 (STG338)

Summary

  • The session focused on data protection features in Amazon S3, excluding security aspects like IAM policies and encryption.
  • The speakers, Pete Imming, Dave DeLuca, and Yuri Zarubin, have over 50 years of combined experience in data protection and storage.
  • Amazon S3 is presented as the safest place to store data, with 11 nines of durability and 4 nines of availability.
  • The session covered S3's architecture, including regions, availability zones, and how S3 stores data across multiple devices in at least three AZs.
  • Storage classes were discussed, including the importance of choosing the right class for cost optimization.
  • S3's durability is designed to honor both put and delete requests, but additional layers of protection are available to safeguard against accidental, intentional, or malicious deletions.
  • Features such as S3 Object Versioning, Object Lock, and Replication were explained in detail.
  • S3 Storage Lens was introduced as a tool to audit and manage data protection features across S3.
  • The session also introduced S3 Multi-Region Access Point Failover Controls, allowing users to control failover and traffic routing to different regions.
  • Additional AWS services and partner solutions that complement S3's data protection capabilities were mentioned, including AWS Config, Amazon Macie, AWS Backup, and Amazon GuardDuty.
  • The session concluded with a call to action for attendees to enable versioning on their S3 buckets and to use S3 Storage Lens to audit their data protection status.

Insights

  • S3's durability and availability are foundational, but AWS emphasizes the importance of additional, optional data protection features to address various risks.
  • The speakers highlighted the need for a comprehensive approach to data protection, including accidental deletion, malicious activity, and regional disruptions.
  • S3 Object Versioning is a simple yet powerful feature to protect against accidental deletions and overwrites, and it is recommended for all S3 users.
  • Object Lock is crucial for creating immutable storage, protecting against malicious deletions, and meeting regulatory compliance requirements.
  • S3 Replication is a robust feature for creating secondary copies of data, supporting various use cases and backup strategies, including the 3-2-1 backup rule.
  • The introduction of S3 Multi-Region Access Point Failover Controls is significant for businesses that require high availability and quick failover capabilities.
  • AWS Config, Amazon Macie, AWS Backup, and Amazon GuardDuty are additional tools that can enhance S3's data protection capabilities, providing configuration management, sensitive data discovery, centralized backup solutions, and anomaly detection.
  • The session's emphasis on S3 Storage Lens suggests that AWS is prioritizing visibility and management of data protection features as a key aspect of using S3 effectively.
  • The speakers' expertise and the introduction of new features at AWS re:Invent 2022 indicate AWS's commitment to continuous innovation in cloud storage and data protection.
Better Faster and Lower Cost Storage Optimizing Amazon S3 Stg202Beyond Five 9s Lessons from Our Highest Available Data Planes Arc310