Get in touch with us
Cloud consulting is what we do best - whether it's about taking your business to the next level or working for us we'd love to hear from you.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Backup Your AWS Service With Sase Via S3 Cross Region Replication

David So
February 5, 2021

Managing backup for your cloud services can be a tedious process, it takes a lot of time and planning to come up with an actual design, today l am going to provide an alternative to you which can be easily rolled out and cost effective. As you may have already known, Amazon S3 is an object storage service built to store and retrieve data from AWS, what you may not aware is that you can use S3 to perform automatic backup and in addition replicating across region. Cross-Region Replication can help you do the following:

·      Comply with compliance requirements — AlthoughAmazon S3 stores your data across multiple geographically distant AvailabilityZones by default, compliance requirements might dictate that you store data at even greater distances. Cross-region replication allows you to replicate data between distant AWS Regions to satisfy these requirements.

·      Minimize latency — If your customers are in two geographic locations, you can minimize latency in accessing objects by maintaining object copies in AWS Regions that are geographically closer to your users.

·      Increase operational efficiency — If you have compute clusters in two different AWS Regions that analyze the same set of objects, you might choose to maintain object copies in those Regions.

·      Maintain object copies under different ownership— Regardless of who owns the source object you can tell Amazon S3 to change replica ownership to the AWS account that owns the destination bucket. This is referred to as the owner override option. You might use this option restrict access to object replicas.

·      Minimise management — you can easily automate process such as bucket policy, retention period, lifecycle rules to move files between storage class (e.g. s3 glacier) to maintain period of backup or files that may need occasional access

·      Security — In terms of administering the permission of management, you can configure IAM roles or policy to grant specific user action. On the storage layer, you can also enable encryption as require say for compliance reason

·      Cost — S3 cross region replication as a backup service can be achieved at a fraction of cost compare with traditional on-premises solution

To setup Cross-Region Replication (CRR) between two S3buckets in separate regions:

1.    Set up relevant IAM role and policy so that S3 can list and retrieve objects from the source bucket and to initiate replication operations on the destination bucket.

2.    Create and configure source and destination buckets, make sure Bucket versioning is enable as this is a requirement for the backup to work.

3.    Enable Cross-Region Replication on a bucket. You can replicate an entire bucket, a specific folder within a bucket, or any objects with a specified tab, this can be achieved via Cross-Region Replication policies. However, objects that already exist in the bucket before replication is enabled will NOT be replicated.

4.    Configure replication, this can be done in a number of options such as policy or tags

5.    Verify destination bucket has successfully replicated source file

In summary, S3 is a powerful storage tool whenever you are building an application, if you like to find out more information, kindly check the AWS documentation below.


David So
David is a IT Support Engineer with more than 10 years of experience in infrastructure planning, deployment, administering and troubleshooting of various operating system in an Enterprise environment. This can include but not limited to; firewall/ network configuration, Active Directory and Exchange, Clustering architecture, Storage/SAN Management Products, Backup and Disaster Recovery to the Clouds for Microsoft Azure and AWS.

Recent Blog Posts