Getting Started / Hands-on / ...

Getting started with Amazon S3 Multi-Region Access Points

TUTORIAL

Introduction

CREATE AMAZON S3 BUCKETS

create s3 multi-region access point

configure s3 replication

Failover Configuration

IAM Permissions

use your multi-region access point

vpc endpoints

monitor s3 replication and requests

clean up resources

Module 6: Use Your Multi-Region Access Point

You will learn how to use Multi-Region Access Points to access data in your buckets by using a subset of Amazon S3 API operations.

Overview

You can use Multi-Region Access Points to access data in your buckets by using a subset of Amazon S3 API operations. The S3 operations that Multi-Region Access Point ARNs can accept are listed here.

Time to complete

10 minutes

Implementation

6.1 - Set up

If you don't already have it installed, install the AWS CLI by following these instructions, Your AWS CLI will need to be configured with an Access key ID and Secret access key for your user you gave permissions to in Step 5.
- To use a Multi-Region Access Point the AWS CLI will need to be version 2.2.35 or newer. If you wish to use GetMultiRegionAccessPointRoutes and SubmitMultiRegionAccessPointRoutes to view and adjust the failover configuration, you will require AWS CLI version 2.9.2 or newer. Run aws --version to check.
You will need your S3 Multi-Region Access Point’s Amazon Resource Name (ARN), which you noted earlier. At the command line of your favorite terminal, set the ARN as an environment variable with mrap_arn=MultiRegionAccessPoint_ARN or your shell's equivalent.

6.2 - Reading and writing

Note: When you submit a request to a Multi-Region Access Point, the request will be routed to the S3 bucket in the physically closest AWS Region that is set to active in your failover configuration.

To list the contents of the closest active bucket, use the following command:

aws s3 ls $mrap_arn

To use the copy command to download (GET) an object from the closest active S3 bucket to the current folder of your command shell, use the following commands (updating the file name as required).

aws s3 cp s3://$mrap_arn/object_name.ext local_filename.ext

Reverse the place order (putting the local file before the S3 object) to upload (PUT) a file by copying from your local folder to closest active S3 bucket. This new object will be replicated to all your new buckets using your replication rules. Use the following command:

aws s3 cp local_filename.ext $mrap_arn/object_name.ext

6.3 - Object metadata

To view an object’s metadata, use the following command:

aws s3api head-object --bucket $mrap_arn --key object_name.ext

Note: For objects in scope of a replication rule, head-object will return a value for x-amz-replication-status. Original (source) objects will have a status of PENDING, COMPLETED or FAILED, while replica objects will have the status REPLICA. You can use this status to determine which bucket an object was written to via an S3 Multi-Region Access Point. Replication status is also displayed in the properties of an object in the Amazon S3 console.

Conclusion

In this module, you learned how to use Multi-Region Access Points to access data in your buckets.

You are now ready to learn how to create a VPC endpoint to use with your Multi-Region Access Point.

Start Module Seven

VPC endpoints