1 00:00:06,427 --> 00:00:09,051 - Welcome to this demonstration. 2 00:00:09,051 --> 00:00:09,997 In this demo 3 00:00:09,997 --> 00:00:14,997 we are going to create an S3 bucket using the AWS console. 4 00:00:15,100 --> 00:00:18,710 So we can either go to recently visited if S3 shows 5 00:00:18,710 --> 00:00:23,710 up in there, or we can search for it using the search bar. 6 00:00:25,700 --> 00:00:30,330 Now, once we're in the console, again, bright orange buttons 7 00:00:30,330 --> 00:00:31,770 that's gonna help us create the bucket 8 00:00:31,770 --> 00:00:36,608 but we can also use this little nav right here to expand 9 00:00:36,608 --> 00:00:38,816 and give us other options, 10 00:00:38,816 --> 00:00:42,540 in this case we're gonna go ahead and just create the bucket 11 00:00:44,547 --> 00:00:48,060 and this wizard can either be really simple 12 00:00:48,060 --> 00:00:52,560 or maybe add a little bit of complexity. 13 00:00:52,560 --> 00:00:54,600 Let's start with our bucket name. 14 00:00:54,600 --> 00:00:56,812 So what are we gonna call our bucket? 15 00:00:56,812 --> 00:01:01,363 We will call it bright key live lessons bucket. 16 00:01:03,070 --> 00:01:07,420 Now this bucket name does have to be globally unique 17 00:01:07,420 --> 00:01:10,543 and it also has to conform to DNS standards. 18 00:01:12,290 --> 00:01:14,085 If we go a little bit further. 19 00:01:14,085 --> 00:01:15,495 We get to pick a region 20 00:01:15,495 --> 00:01:17,420 and we have all these different options here. 21 00:01:17,420 --> 00:01:20,045 I will stick with US east one. 22 00:01:20,045 --> 00:01:22,530 Now here's an interesting option. 23 00:01:22,530 --> 00:01:24,500 We can choose to copy the settings 24 00:01:24,500 --> 00:01:27,267 from an existing bucket to the new one. 25 00:01:27,267 --> 00:01:29,645 As we go down a little bit further 26 00:01:29,645 --> 00:01:32,010 we have an option that says 27 00:01:32,010 --> 00:01:36,593 do you want to disable ACLs on your bucket entirely? 28 00:01:37,820 --> 00:01:40,703 There are certain features of AWS 29 00:01:42,140 --> 00:01:46,140 like cloud front access logs, S3 access logs, 30 00:01:46,140 --> 00:01:50,423 pre-signed URLs, and so forth that require ACLs. 31 00:01:51,340 --> 00:01:54,900 But for most use cases 32 00:01:54,900 --> 00:01:58,500 you can simply disable them entirely. 33 00:01:58,500 --> 00:02:02,320 And it simplifies permissions management because 34 00:02:02,320 --> 00:02:06,885 it's no longer possible to utilize ACLs on the bucket. 35 00:02:06,885 --> 00:02:09,100 So we go down a little bit further. 36 00:02:09,100 --> 00:02:12,333 Now we have the block public access settings. 37 00:02:14,470 --> 00:02:17,760 The default is for everything to be turned on 38 00:02:17,760 --> 00:02:22,150 meaning you cannot use bucket policies or ACLs 39 00:02:22,150 --> 00:02:27,150 to grant public access to either the bucket or an object. 40 00:02:27,460 --> 00:02:29,290 And so if we uncheck this 41 00:02:29,290 --> 00:02:32,960 we have the ability to check individual boxes. 42 00:02:32,960 --> 00:02:35,700 This is something that we can change later if 43 00:02:35,700 --> 00:02:37,324 we choose to do so. 44 00:02:37,324 --> 00:02:39,550 So we keep going further. 45 00:02:39,550 --> 00:02:41,730 This is where we enable versioning. 46 00:02:41,730 --> 00:02:46,580 We will leave that disabled and we can apply tags. 47 00:02:46,580 --> 00:02:49,173 So for this tag, we will add a cost center. 48 00:02:52,580 --> 00:02:54,560 We can deal with default encryption. 49 00:02:54,560 --> 00:02:57,830 This is a pretty easy win to enable encryption 50 00:02:57,830 --> 00:02:59,290 of data at rest. 51 00:02:59,290 --> 00:03:01,810 So when we click on enable, we have options 52 00:03:01,810 --> 00:03:06,740 we can use Amazon managed keys where Amazon owns 53 00:03:06,740 --> 00:03:10,510 the entire chain of trust, or we can use our own. 54 00:03:10,510 --> 00:03:14,910 But if we do, we have to be more specific. 55 00:03:14,910 --> 00:03:19,500 Do we use the KMS key that is default for all of S3 56 00:03:19,500 --> 00:03:24,500 in our account in the region, or do we choose from our own 57 00:03:24,690 --> 00:03:28,530 from a list or do we just enter an ARN? 58 00:03:28,530 --> 00:03:32,120 So I'm going to stick with Amazon managed 59 00:03:32,120 --> 00:03:34,987 for this one and under advanced settings, 60 00:03:34,987 --> 00:03:39,787 the only thing we have here at this time is object lock. 61 00:03:39,787 --> 00:03:43,650 And it explains to you that if you enable it 62 00:03:43,650 --> 00:03:46,883 it permanently allows objects in this bucket to be locked. 63 00:03:47,760 --> 00:03:51,170 So this is going to be another one of those configurations 64 00:03:51,170 --> 00:03:54,630 kind of like the glacier vault lock that can be 65 00:03:54,630 --> 00:03:59,630 used to disable the ability to delete data. 66 00:04:00,040 --> 00:04:03,037 And so we'll leave that disabled as well 67 00:04:03,037 --> 00:04:04,753 and create the bucket. 68 00:04:05,910 --> 00:04:08,910 Now let's see bucket with the save name already exists. 69 00:04:08,910 --> 00:04:11,290 So apparently I've created one 70 00:04:11,290 --> 00:04:14,360 of these in one of my other accounts. 71 00:04:14,360 --> 00:04:18,640 So we can call this bright key live lessons 72 00:04:18,640 --> 00:04:20,883 S3 demo instead, 73 00:04:22,670 --> 00:04:26,423 scroll down to the bottom and create bucket. 74 00:04:27,550 --> 00:04:28,640 Now, remember the bucket, 75 00:04:28,640 --> 00:04:29,760 there's no data here. 76 00:04:29,760 --> 00:04:32,780 It's just configuration and access control. 77 00:04:32,780 --> 00:04:34,490 If we want to add data 78 00:04:34,490 --> 00:04:38,413 we have to actually upload it into the bucket directly. 79 00:04:39,270 --> 00:04:41,170 And that completes this demonstration.