A Guide to Accessing Data Across Regions with Amazon S3 Multi-Region Access Points

Overview

Amazon Simple Storage Service (Amazon S3) is a widely used storage solution known for its scalability and security. AWS has introduced “Amazon S3 Multi-Region Access Points,” a feature streamlining data access and replication across regions. This blog explores this feature, delving into its workings and offering a practical guide for implementation.

Amazon S3 Multi-Region Access Points

Amazon S3 Multi-Region Access Points is a feature designed to simplify and enhance how you access and replicate data stored in Amazon S3 across different AWS regions.

Key Features

1. Unified Access: Multi-Region Access Points allow you to access data in multiple AWS regions using a single DNS name. This simplifies your application’s configuration, as it can seamlessly switch between regions based on your defined routing policies.
2. Load Balancing: With the ability to route requests to different regions, Multi-Region Access Points can balance the load across your storage resources in different regions, improving overall application performance.
3. Replication: You can easily configure cross-region replication, ensuring that your data is available in multiple locations helping you meet compliance and disaster recovery requirements.
4. Simplified Data Management: Managing data in a multi-region setup can be complex. Multi-Region Access Points simplify this by allowing you to manage data access policies centrally.

How do Amazon S3 Multi-Region Access Points Work?

To understand how Amazon S3 Multi-Region Access Points work, let’s break it down into a few key components:

1. Access Point: An Access Point is a unique DNS name for a specific bucket, which can be in one or more AWS regions. Each Access Point has its own access policies and routing rules. When creating an Access Point, specify its associated bucket and configure its regional settings.
2. Access Point Policies: Each Access Point can have its access policies, allowing fine-grained control over who can access the data in the associated bucket. This is a powerful feature for controlling access across regions.
3. Routing Rules: Amazon S3 Multi-Region Access Points use routing rules to define how requests are distributed to the various regional endpoints. You can define these rules to meet your application’s performance, availability, and cost requirements.
4. Regional Endpoints: Each AWS region associated with an Access Point has its endpoint. These endpoints provide access to the data stored in the corresponding bucket in that region. Requests made to an Access Point’s DNS name are automatically routed to the appropriate regional endpoint based on your routing rules.

Steps to Create and Use Amazon S3 Multi-Region Access Points

Step 1: Create an Amazon S3 Bucket

• Once you’ve signed in to your AWS Console, navigate to Services > All Services, locate “S3” through search, and select it to access the Amazon S3 dashboard.
• Head to the Amazon S3 Dashboard and select the “Create Bucket” button to generate a new storage bucket.

• Please provide a unique name for the bucket. If you receive an error stating, “Bucket with the same name already exists,” kindly attempt a different name until you find one globally unique.

• Ensure you create the buckets in distinct AWS Regions and activate Bucket Versioning for each.

Step 2: Create the second Bucket on Amazon S3

• Proceed through the identical steps as previously outlined in Step 1, but this time, modify the bucket name and select a region of your preference (I am opting for Mumbai).

• You’ve successfully created two buckets, each located in a distinct region.

Step 3: Creating the Multi-Region Access Points

• Navigate to the Multi-Region Access Points section in the left panel of the Amazon S3 Dashboard.
• Select the “Create Multi-Region Access Point” option to generate an MRAP.

• Input a distinct Access Point name, ensuring it’s clear and descriptive, as this cannot be modified once the MRAP is created.
• Select “Add buckets” and choose both buckets to include them within the MRAP.

• Keep all other configurations unchanged and proceed by clicking on “Create Multi-Region Access Point.”

• Please wait until the status changes from “Creating” to “Ready” before proceeding further.

Note: AWS mentions that creating an MRAP might take 30 minutes to 24 hours. However, in most cases, it typically takes around 10 minutes for the process to complete.

Step 4: Set up replication between the buckets.

• Navigate to the access point you’ve created, then access the Replication and Failover tab.

• Review the Failover configuration and observe that both buckets are in an ‘Active/Active’ Routing status when you scroll down.

• Scroll further down the page and select “Create replication rules.”

• Given the ‘Active/Active’ setup, in the “Choose template” field, opt for the ‘Replicate objects among all specified buckets’ template.

• In the Buckets section, choose both buckets for replication by selecting them.

• Within the Scope section, choose “Apply to all objects in the bucket.” You can retain the default settings for “Additional replication options” and proceed by clicking “Create replication rules.”

• You’ll notice that the replication is now established.

Step 5: Testing the Multi-Region Access Points using Cloud Shell

• Access CloudShell to open a command-line interface.

• Input the subsequent commands to generate data within the shell and transfer it to the MRAP.

• Access the Amazon S3 console within the MRAP section and copy the ARN (Amazon Resource Name) associated with the bucket.

• Execute the command below to transfer the created file to the Amazon S3 bucket via the MRAP.

• The MRAP automatically redirects to the nearest Amazon S3 bucket it serves. In my situation, the closest Amazon S3 bucket was AP-SOUTH-1 (Mumbai). Now, inspect the buckets, and you will notice the file in one, subsequently replicated to the second bucket.

Conclusion

Amazon S3 Multi-Region Access Points are a powerful addition to the already versatile Amazon S3 service. They enable you to simplify data access and replication across multiple AWS regions, enhancing the availability, performance, and resilience of your applications. By creating Access Points, configuring routing rules, and setting up cross-region replication, you can streamline data management and improve disaster recovery capabilities.

Drop a query if you have any questions regarding Amazon S3 Multi-Region Access Points and we will get back to you quickly.

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more. CloudThat is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, Microsoft Gold Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, and many more.

To get started, go through our Consultancy page and Managed Services Package, CloudThat’s offerings.