S3 Cheat Sheet


  • Object store, or a file store with extra features
  • Object stored across 3+ AZs

Multipart Upload

  • Upload large files in parts concurrently 🎓

S3 VPC Endpoint

  • Access S3 from private subnet
  • No need for NAT, no traversing the Internet
  • CANNOT use private IP in aws:SourceIp in bucket policy to restrict access to certain VPC, because new VPC with same CIDR may be created thus bypass the restriction
    • Instead, you can specify VPC directly in bucket policy
    • Or use your routing table

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s