AWS S3 Bucket with Multiple Regions

T

4

10

I have an AWS S3 bucket which is set for the US Standard region but I want it to work in Singapore too. I have researched but could not find a way for the same bucket to work i multiple regions.

It would be great if someone could find a solution!

Thanks,
Maanit

Troika answered 6/9, 2015 at 17:22 Comment(0)

D

9

You're looking for Cross-Region Replication:
Blog Post
AWS Documentation

Cross Region Replication allows for the automatic and asynchronous copying of your objects between S3 buckets in different regions.

Disfigurement answered 6/9, 2015 at 17:30 Comment(3)

Thank you. Does this mean that if someone goes to the same link in Singapore, it will show the same results? – Troika 6/9, 2015 at 18:51

@Troika no, the "same link" to an S3 resource only points to exactly one bucket; all buckets work globally, but typically faster/better when the requester is nearer to the bucket. This answer, while potentially containing useful information, seems to have assumed that you already understood that the bucket "region" only impacts where the data is physically stored and served from, not where it is accessible from. With apologies to the author, this isn't the answer to this question. – Wolsky 6/9, 2015 at 20:42

Thank you @Michael-sqlbot . This is exactly what I wanted to hear. – Troika 6/9, 2015 at 20:52

W

11

An S3 bucket exists in one region, not in multiple regions, but you can access that bucket from anywhere.

Now, while you can access a US Standard bucket quite happily from Singapore, the latency will be high so you might want to consider using CloudFront as a CDN.

Wellwisher answered 6/9, 2015 at 19:50 Comment(2)

An S3 bucket can exist in multi regions using Cross-Region Replication. – Vassallo 11/6, 2016 at 11:17

@Vassallo That's two buckets: a source bucket in one region and a destination bucket in another region. – Wellwisher 11/6, 2016 at 13:38

D

9

You're looking for Cross-Region Replication:
Blog Post
AWS Documentation

Cross Region Replication allows for the automatic and asynchronous copying of your objects between S3 buckets in different regions.

Disfigurement answered 6/9, 2015 at 17:30 Comment(3)

Thank you. Does this mean that if someone goes to the same link in Singapore, it will show the same results? – Troika 6/9, 2015 at 18:51

@Troika no, the "same link" to an S3 resource only points to exactly one bucket; all buckets work globally, but typically faster/better when the requester is nearer to the bucket. This answer, while potentially containing useful information, seems to have assumed that you already understood that the bucket "region" only impacts where the data is physically stored and served from, not where it is accessible from. With apologies to the author, this isn't the answer to this question. – Wolsky 6/9, 2015 at 20:42

Thank you @Michael-sqlbot . This is exactly what I wanted to hear. – Troika 6/9, 2015 at 20:52

S

2

AWS Solutions has lanuched new solution to all replication across regions.

For example, you can create objects in Oregon, rename them in Singapore, and delete them in Dublin, and the changes are replicated to all other regions. This solution is designed for workloads that can tolerate lost events and variations in replication speed. You can find more information here https://aws.amazon.com/solutions/multi-region-asynchronous-object-replication-solution/

Sunder answered 17/2, 2020 at 16:47 Comment(0)

F

0

Now the S3 have new service feature called Multi Region Access Point which allows to have distributed and synced S3 buckets across the globe.

The documentation tells that it does not work together with Cloudfront, but it is possible to make it work with Edge Lambda.

Demo Applications to illustrate how it works - here

If you are using nodejs then look into @aws-sdk/signature-v4-crt for signing the request.

const CrtSignerV4 = require("@aws-sdk/signature-v4-crt").CrtSignerV4;

module.exports.signer = async (data) => {
  const { AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN } =
    process.env;

  const sigv4 = new CrtSignerV4({
    region: "*",
    credentials: credentials,
    signingAlgorithm: 1,
  });

  const { method, region, service, headers, pathname, protocol, hostname } =
    data;
  return sigv4.sign(
    {
      service: service,
      region: region,
      method: method,
      hostname: hostname,
      path: pathname,
      protocol: protocol,
      headers: headers,
    },
    {
      signingService: service,
    }
  );
};

For the aws-cdk, at the moment it does not have L2 constructs. Therefore use:

const accessPoint = new core.aws_s3.CfnMultiRegionAccessPoint(
      this,
      "AccessPoint",
      {
        regions: [
          {
            bucket: `bucket-${account}-eu-central-1`,
          },
          {
            bucket: `bucket-${account}-eu-north-1`,
          },
        ],
        name: "access-point",
      }
    );

Gotchas with cloudfront:

If you are not using legacy caching in behavior then you need to override the Host header with origin.
With Signed you manually need to add Host header to signable headers (python code does it automatically)

Farthest answered 11/8, 2022 at 9:1 Comment(0)

Recommended topics

Hot tags