1. Amazon Simple Storage Service (Amazon S3) Challenge

Amazon Simple Storage Service (Amazon S3) Challenge

Lab Steps

lock
Amazon Simple Storage Service (Amazon S3) Challenge
Need help? Contact our support team

Here you can find the instructions for this specific Lab Step.

If you are ready for a real environment experience please start the Lab. Keep in mind that you'll need to start from the first step.

 

Your Mission

Amazon Simple Storage Service (Amazon S3) is storage for the cloud. Amazon S3 ubiquitous with building solutions in Amazon Web Services.

In this challenge, you will be provided with a set of five tasks to complete. These are common Amazon S3 tasks that you will be expected to understand when you sit for AWS certification examinations, and when you are implementing solutions to fulfill business requirements.

The following instructions log you into the AWS Management console and prepare you to work on the challenge.

 

Instructions

​ 1. To start the lab challenge, open the AWS Management Console by clicking the Open Environment button:

alt

 

2. Enter the following credentials created just for this lab, and click Sign In:

  • Account ID or alias: Keep the pre-populated value
  • IAM user name:
  • Password:

 

3. In the search bar at the top, enter S3 and under Services click the S3 result:

alt

The Buckets list page will load and you will see five buckets listed.

 

4. To start the challenge, click Go to Validation Steps.

Validation checks
5Checks
Enable versioning

For the Amazon S3 bucket whose name begins with cloudacademylabs-1-, perform the following:

  • Enable versioning
Amazon S3
Make object public

For the Amazon S3 bucket whose name begins with cloudacademylabs-2-, perform the following:

  • Upload a file (can be any file)
  • Set the storage class of the object to Intelligent-Tiering
  • Make the object publicly accessible

Note: The storage class should be set on the object, not the bucket.

Amazon S3
Restrict access to an IP address

For the Amazon S3 bucket whose name begins with cloudacademylabs-3-, create and apply a bucket policy that satisfies the following:

  • Uses the IpAddress condition to restrict actions to the source IP address 1.2.3.4
  • Allows all actions on any object by any principal for the above condition

Note: It is recommended to use the Policy generator to create the policy.

Note: The policy must apply to all prefixes and objects recursively.

Note: The network failure error can be safely ignored.

Amazon S3
Allow encrypted uploads

For the Amazon S3 bucket whose name begins with cloudacademylabs-4-, create and apply a bucket policy that satisifies the following:

  • Has a StringEquals condition that allows server-side encrypted uploads for the PutObject action
  • Allows any principal for the above condition
  • Specifies AES256 encryption

Note: It is recommended to use the Policy generator to create the policy.

Note: The policy must apply to all prefixes and objects recursively.

Amazon S3
Configure bucket to host a static website

For the Amazon S3 bucket whose name begins with cloudacademylabs-5-, perform the following:

  • Download this zip archive containing a static website
  • Extract the zip file locally
  • Upload the contents of the zip file to the bucket
  • Configure the bucket for Static website hosting
    • Use index.html for the index document and error/index.html for the error document
  • Make all objects in the bucket publicly accessible
  • Ensure that the site is available by visiting the Bucket website endpoint in your web browser

Note: The objects index.html and error/index.html must be at the top level of the bucket.

Amazon S3