At the latest re-invention, Amazon announced the S3 Glacier Instant Retrieval Storage class, a new storage class for rarely used data that requires milliseconds. A new Bucket Owner Applicable option allows customers to disable the ACLs associated with the Bucket and its items.
The new Glacier Instant Retrieval Storage class is aimed at customers who store rarely used data for many years but need the data to be highly available and immediately accessible. Marcia Villalba, senior developer advocate for AWS, highlights the key benefits of the latest addition:
BuildKite chief engineer Paul Ensley warns that the new class may not take advantage of cases where the objects are small:
Dive into the new Glacier Instant Retrieval Storage Class pricing from AWS S3. Total cost of uploading (many) small items, switching to Standard-IA or Glacier-IR and expiring/deleting after 6 months. Cheaper than the standard ones under 200 KiB.
With the new Glacier Instant Retrieval storage class, there are now seven different storage classes on Amazon S3 with varying costs and limitations, making it sometimes hard for developers to choose.
To reduce complexity and lifecycle rules, the new storage class is supported by S3 Intelligent-Tiering, a storage class that automatically moves objects between access tiers to optimize cost. Designed for data with unpredictable or changing access patterns, the S3 Intelligent-Tiering automatically stores objects in three access tiers: the Frequent Access Tier, the Infrequent Access Tier, and the Archive Instant Access Tier.
I’m delighted to see the expansion of S3 intelligent tying with Glacier’s new instant retrieval tier; Intelligent tiering should definitely be your default S3 storage tier right now, unless you have otherworldly insight into the lifecycle of your data.
To simplify access control on S3, AWS announced a new ownership setting called “Bucket Owner Enforced” to disable all ACLs associated with a bucket and its objects, and to access data using only policies Is. Once implemented, ownership changes automatically and applications writing data to Bucket no longer need to specify an ACL. When creating a new bucket, developers can now choose whether ACLs are enabled or disabled.
Since its launch 15 years ago, the Amazon S3 bucket has been private by default. In the beginning, the only way to provide access to objects was to use ACLs. In 2011, AWS Identity and Access Management (IAM) was announced, enabling the use of policies to define permissions and control access to buckets and objects in Amazon S3.
Today, you have several ways to control access to your data in Amazon S3, including IAM policies, S3 bucket policies, S3 access point policies, S3 block public access, and ACLs.
The cloud provider also announced free data transfer expansion and cost reductions in a subset of regions for its standard-exclusive Access, One Zone-Infrequent Access and S3 Glacier Flexible Retrieval Storage classes. In addition, AWS Backup, a managed, policy-based service for centralizing and automating backups across 12 AWS services, introduced support for Amazon S3 in preview.