For this Lab, you should be logged into AWS using your IAM "Admin" User (User A) credentials. In this step, you will first be creating an S3 bucket and upload an object to the bucket.

 

1. On the main AWS Management Console page, type in "S3" within the Services search bar at the top. 
2. For this lab, you will use the following PREFIX for your S3 bucket names.
   1. Prefix is the string of characters your S3 bucket name STARTS with.
   2. For example: If your school username is bsmith006, your bucket name should BEGIN with: sec325-bsmith006
3. For Bucket 1, set the following below, then click on Create bucket button to complete.
   1. Bucket name: -encrypt 

Region: US East (N. Virginia) us-east-1

Block all public access: Leave Checked (default)

1. Select the S3 bucket you just created from the bucket list to open it.
2. Next, click on the Upload buttonto upload an object (file) from your local computer (can be any file).
3. Click on the Add File button, select your file, and click on Open to upload it.
4. At the bottom page, click on the Upload button to complete.
5. In the upper right of your page, click on the Exit button to return to your bucket.
6. Remain on this page and continue on to Section 2.

 

Section 2: Enable encryption on S3 bucket

 

For this step, we will be enabling encryption on your S3 bucket and uploading a second object to it.

 

1. Within your bucket, select the Properties tab, then scroll down to the Default Encryption section.
2. Click on the Edit button, select Enable, then Amazon S3 key (SSE-S3), and choose Save changes.
3. Click on the Objects tab.
4. Next, click on the Upload button
5. Select a new object (or file) to your S3 bucket. The object should have a different name than the first object you uploaded.
6. At the Review page, click on the Upload button to complete. Then, click on Exit button.
7. Within your bucket list, you should now see two (2) separate objects.
8. For each object, click on the object name link. Then scroll down to the Server-side encryption settings section.
9. Take a screenshot of the information presented on the encryption status for BOTH objects. You will need these files to complete the lab assignment in Canvas. 
10. Navigate back to the main S3 page, and continue on to Section 3.

 

 

Section 3: Enable Cross-region replication (CRR)

 

Within this step, you will use your S3 bucket to enable cross-region replication.

 

1. Create a second S3 bucket, set Bucket 2 with the following below, then click on Create bucket button to complete.
   1. Bucket name: -crr

Region: EU (Ireland) eu-west-1

Block all public access: Leave Checked (default)

1. On the main S3 page, select the first S3 bucket (Bucket 1) you created Section 1 and click on it to open.
2. Next, select the Management tab, then locate the Replication rules section.
3. To enable cross-region replication, click on the Create replication rule button.
4. Within the Replication rule window, at the top you should see a notification about versioning not enabled on the bucket. 
5. Click on the Enable versioning button to enable s3 versioning on your bucket.
6. Type in a Replication rule name, then scroll down to the Destination section.
7. Select Choose a bucket in this account, then click on the Browse S3.
8. Click on Bucket 2 that you created in Step 1, and select Choose Path button.
9. Next, select Enable bucket versioning.

 

1. Under IAM role, click on the drop down and select Create new role.
2. Lastly, click on the Save button to complete.
3. Take a screenshot of the information presented under Replication rules. You will need this file to complete the lab assignment in Canvas. 
4. Navigate back to the main S3 page.
5. You should now see the destination bucket you just created within your bucket list.

 

Section 4: Object Replication

 

For this section, you will upload objects to your main S3 bucket and view the replicated objects in your destination bucket. For this task, you first want to open two (2) separate browser windows.

 

1. From the main S3 page in your first browser window, select Bucket 1 and open it.
2. Open a second browser window, select Bucket 2 and open it.
3. On your local computer, create a new object (or file) and save it on your computer.
4. Next, upload your file to Bucket 1. Follow steps 4 through 6 in Section 2.
5. In Bucket 1, click on the new object to open it. Scroll down to the Object management overview section.
6. Take a screenshot of the information presented under Replication status on the right. You will need this file to complete the lab assignment in Canvas. 
7. Within your second browser window, refresh the page and you should see the replicated object in Bucket 2.
8. Click on the replicated object, and scroll down to the Object management overview section.
9. Take another screenshot of the information presented under Replication status on the right. You will need this file to complete the lab assignment in Canvas. 

 

1. After enabling encryption on the S3 bucket, why did the first object that was uploaded remain unencrypted?
2. What action could be performed to encrypt that first object?
3. Discuss the differences you found between the object you uploaded in your source S3 bucket, and the replicated object in your destination bucket after enabling cross-region replication (CRR).
    

A Replication requires versioning to be enabled for the destination bucket. Enable object versioning on this bucket to continue creating the replication rule or select a different bucket. Enable bucket versioning