BrainyBeeBrainyBee
Study Guide820 words

Amazon S3 Lifecycle Management & Object Governance

Managing S3 object lifecycles

Amazon S3 Lifecycle Management & Object Governance

Learning Objectives

After studying this guide, you should be able to:

  • Configure S3 Lifecycle rules to automate data transitions and deletions.
  • Distinguish between Transition and Expiration actions.
  • Explain the relationship between S3 Versioning and Lifecycle management.
  • Compare Object Lock modes (Governance vs. Compliance) for regulatory needs.
  • Identify cost-optimization strategies using storage class tiering.

Key Terms & Glossary

  • Lifecycle Rule: A set of configurations applied to an S3 bucket to manage objects automatically over their lifetime.
  • Transition Action: Moving an object from one storage class to another (e.g., S3 Standard to S3 Glacier).
  • Expiration Action: Defining when objects should be permanently deleted by Amazon S3.
  • S3 Versioning: A means of keeping multiple variants of an object in the same bucket to protect against accidental deletes.
  • Prefix/Tag Filter: A mechanism to apply lifecycle rules to specific subsets of data within a bucket rather than the entire bucket.
  • WORM: "Write Once, Read Many"—a data storage technology that prevents files from being edited or deleted.

The "Big Idea"

Managing S3 object lifecycles is primarily about balancing cost with accessibility. As data ages, its value typically decreases, making it inefficient to pay for high-availability "Standard" storage. Lifecycle management automates the "downward" movement of data to cheaper tiers and its eventual disposal, ensuring that human administrators don't have to manually delete trillions of objects while still meeting regulatory compliance.

Formula / Concept Box

FeatureCore LogicKey Constraint
TransitionAge > X Days \rightarrow Move ClassMin. 30 days in Standard before IA
ExpirationAge > Y Days \rightarrow DeletePermanent; cannot be undone
Prefix Filterfolder/subfolder/*Rules apply only to matching keys
Object LockRetention PeriodCompliance mode cannot be bypassed by Root

[!IMPORTANT] You cannot transition directly from S3 Standard to Reduced Redundancy. Additionally, most transitions require a minimum residency of 30 days in the current class.

Hierarchical Outline

  • S3 Lifecycle Components
    • Transition Actions: Automating cost reduction by moving data to colder tiers.
    • Expiration Actions: Automating cleanup of logs, temporary files, or old versions.
  • Filtering & Scope
    • Bucket-wide: Affects all objects.
    • Prefix-based: Affects specific "folders" (e.g., logs/).
    • Tag-based: Affects objects with specific metadata tags.
  • Object Protection (Object Lock)
    • Governance Mode: Protected from most, but users with s3:BypassGovernanceRetention can delete.
    • Compliance Mode: Hard lock. No one, including the AWS Root account, can delete until the timer expires.
  • Versioning Interplay
    • Current Versions: Active files used by applications.
    • Noncurrent Versions: Older copies kept after an overwrite or delete; managed by specific lifecycle rules.

Visual Anchors

Lifecycle Transition Flow

Loading Diagram...

Object Lifecycle Timeline

\begin{tikzpicture}[node distance=2cm, every node/.style={font=\small}] \draw[->, thick] (0,0) -- (10,0) node[right] {Time (Days)}; \draw (0,0.2) -- (0,-0.2) node[below] {0 (PUT)}; \draw (3,0.2) -- (3,-0.2) node[below] {30 (To IA)}; \draw (6,0.2) -- (6,-0.2) node[below] {90 (To Glacier)}; \draw (9,0.2) -- (9,-0.2) node[below] {365 (Expire)};

code
\node at (1.5,0.5) {Standard}; \node at (4.5,0.5) {Infrequent Access}; \node at (7.5,0.5) {Archive};

\end{tikzpicture}

Definition-Example Pairs

  • Transition: Moving an object to a cheaper class.
    • Example: Moving raw video footage to S3 Glacier after the project is edited and delivered.
  • Expiration: The automatic deletion of an object.
    • Example: Setting a 7-day expiration rule on a temp/ folder used for intermediate data processing.
  • Noncurrent Version Transition: Moving only the older versions of a file.
    • Example: Keeping the current config.json in Standard, but moving the 10 previous versions to S3 One Zone-IA after 30 days to save money.

Worked Examples

Scenario: Log File Management

Goal: Store application logs. Logs are accessed frequently for 30 days, kept for 1 year for compliance, then deleted.

The Solution (JSON Configuration Logic):

  1. Filter: Prefix logs/.
  2. Transition: After 30 days, move to STANDARD_IA (Standard-Infrequent Access).
  3. Transition: After 90 days, move to GLACIER.
  4. Expiration: After 365 days, delete the object.
json
{ "ID": "ArchiveLogsRule", "Filter": { "Prefix": "logs/" }, "Status": "Enabled", "Transitions": [ { "Days": 30, "StorageClass": "STANDARD_IA" }, { "Days": 90, "StorageClass": "GLACIER" } ], "Expiration": { "Days": 365 } }

Checkpoint Questions

  1. What is the difference between Governance mode and Compliance mode in S3 Object Lock?
  2. Can you transition an object from S3 Standard to S3 Standard-IA after only 15 days? Why or why not?
  3. If a bucket has versioning enabled, what happens to an object when an "Expiration" lifecycle rule is triggered?
  4. Why would a company use a "Prefix" in a lifecycle rule instead of applying it to the whole bucket?
  5. True or False: S3 Intelligent-Tiering requires you to manually define transition days for every object.
All AWS Certified Solutions Architect - Associate (SAA-C03) Study Resources

Ready to study AWS Certified Solutions Architect - Associate (SAA-C03)?

Practice tests, flashcards, and all study notes — free, no sign-up needed.

Start Studying — Free