AWS Challenge # 1: Amazon S3 - Bi-Directional Cross-Region Replication (CRR)


Amazon S3 - Bi-Directional Cross-Region Replication (CRR)

Objective
This exercise will show you the steps for using object replication through Amazon S3 bucket AWS Regions (Cross region replication).
By the end of this exercise, you will be able to:
• Perform Auto-Replication of Objects in Amazon S3 Buckets
• Automate Disaster Recovery (DR) for Applications Using Objects in Amazon S3
• Search for logs on CloudTrail to improve understanding how cross-region replication works.
Estimated Duration: 20 minutes

 

Introduction
This lab will guide you to increase the resilience of applications that rely on objects in Amazon S3. The functionality of Amazon S3 replication (CRR), allows asynchronous copying to another AWS Region.

 

Execution
AWS Console


Create the First Bucket on Amazon S3

  1. Go to the Amazon S3 console: https://s3.console.aws.amazon.com/s3. Note: The Amazon S3 Service Console is Global, meaning buckets from all regions will be listed.
  2.  Choose Create bucket (Create Bucket).
  • Enter a name for your primary bucket (Example: Bucket-Account-Number-Primary
  • Select the region us-east-2 (Ohio)
  •  
  • On the same page, enable the Bucket object versioning option.
  • Select the option Create bucket (Create Bucket)

 

Create a Second Bucket on Amazon S3

  1. Go to the Amazon S3 console: https://s3.console.aws.amazon.com/s3.
  2. Choose Create bucket (Create Bucket).
  • Enter a name for your primary bucket (Example: Bucket-Account-Number-Secondary
  • Select the region us-west-2 (Oregon)
  • On the same page, enable the Bucket object versioning option.
  • Select the option Create bucket (Create Bucket)

 

Primary Bucket Replication Rule for Secondary Bucket

  1. In the Amazon S3 console, select the first bucket created (primary).
  2. Go to the tab Management
  3. In the section Replication rules (Replication rules), select Create replication rule (Create Replication Rule).
  • Enter a name for your rule (Example: copy-to-secondary).
  • In the section Source Bucket (source bucket), change the scope rule to the option This rule applies to all objects in the bucket
  • In the section Destination enter the name of your secondary bucket (Example:Bucket-Account-Number-Secondary).
  • In the section IAM role select the option Create new role.

 

Amazon S3 cannot replicate objects without your permission. You grant permissions with *roll* of the IAM specified in the replication configuration. Amazon S3 assumes *roll* from IAM to replicate objects on your behalf.

  • In the section Additional replication options Check all options as shown in the screenshot below:
  •  Select Save (Save)

 

Secondary Bucket Replication Rule for Primary Bucket

  1. In the Amazon S3 console, select the second bucket created (secondary).
  2. Go to the tab Management
  3. In the section Replication rules (Replication rules), select Create replication rule (Create Replication Rule).
  • • Enter a name for your rule (Example: copy-to-primary).
  • • In the section Source Bucket (source bucket), change the scope rule to the option This rule applies to all objects in the bucket
  • • In the section Destination enter the name of your secondary bucket (Example:Bucket-Account-Number-Primary).
  • • In the section IAM role select the option Create new role.
  • • In the section Additional replication options Check all options as shown in the screenshot below:
  • • Select Save (Save)

 

Check replication rules

  1. Perform file upload to the primary bucket.
  2. Perform the upload of files to the secondary bucket.
  3. Verify that the files are copied to the secondary bucket. Cross-bucket replication is expected to occur in a maximum of 15 minutes for 99.99% of objects.

 

Cleaning up
1. Delete the two created buckets.