Task Statement 4.1: Design cost-optimized storage solutions.
📘AWS Certified Solutions Architect – (SAA-C03)
AWS Storage Access Options for Cost Optimization
When designing storage solutions, AWS gives you several options for who can access your storage and who pays for data transfer. Choosing the right access option can save costs, especially for large-scale storage systems.
1. Standard Access vs. Requester Pays
a. Standard S3 Bucket Access
- By default, the bucket owner pays for all requests and data transfer.
- Example:
- Your company stores logs or backups in an S3 bucket.
- Every time someone downloads data, your company pays the cost for the data transfer.
- This is simple but can be expensive if many external users download data frequently.
b. Requester Pays
- Requester Pays is an access option you can enable on an S3 bucket.
- In this setup:
- The requester (the person accessing the data) pays for the data transfer and request costs, not the bucket owner.
- Useful for scenarios where:
- You want to share data with external clients or partners.
- Your bucket contains large datasets (like logs, analytics data, or software releases).
- You want to avoid paying for external downloads.
How it works:
- You enable
Requester Payson an S3 bucket. - Any user who wants to access objects must include a special flag in their request.
- AWS charges the requester for GET requests and data transfer, not you (the bucket owner).
Key points for exams:
- Bucket owner still pays for storage costs.
- Requester pays for requests and data transfer.
- Works for S3 APIs, AWS SDKs, and AWS CLI.
- Cannot be used for public buckets (the requester must have AWS credentials).
2. Other S3 Access Options to Know
Besides Requester Pays, understanding who can access your data helps optimize costs:
a. Bucket Policies
- Control who can read/write objects.
- Helps prevent unauthorized access, avoiding accidental data transfer costs.
b. IAM Roles and Permissions
- Assign fine-grained access to users, applications, or services.
- You can make objects accessible only to internal applications, reducing unwanted downloads.
c. Pre-signed URLs
- Temporary URLs that allow external users to access specific objects.
- The requester still downloads the data, but you control time-limited access, preventing unnecessary costs.
d. S3 Access Points
- Create custom access policies per application.
- Useful if you have multiple teams accessing the same bucket differently.
- Helps reduce operational complexity and ensures cost control for different access patterns.
3. How Access Options Affect Cost
When designing cost-optimized storage, you need to consider who triggers charges:
| Access Option | Who Pays Storage | Who Pays Requests/Data Transfer | Use Case |
|---|---|---|---|
| Default (Standard) | Bucket owner | Bucket owner | Internal use, no external downloads |
| Requester Pays | Bucket owner | Requester | Shared datasets, large downloads by external users |
| Pre-signed URL | Bucket owner | Bucket owner | Temporary access to specific objects |
| IAM Roles & Policies | Bucket owner | Bucket owner | Internal access control |
| Access Points | Bucket owner | Bucket owner | Multiple apps/teams with controlled access |
Exam Tip: AWS wants you to recognize when Requester Pays is ideal: large datasets shared externally, reducing the bucket owner’s cost.
4. Summary for the Exam
- Access options determine who pays for requests and data transfer, which directly affects cost optimization.
- Requester Pays:
- External users pay for downloading your data.
- You still pay for storing the objects.
- Ideal for large datasets shared externally.
- Other access options (IAM, policies, pre-signed URLs, access points) help control access, which can indirectly reduce costs by preventing unnecessary or unauthorized data transfers.
✅ Key Exam Takeaways:
- Requester Pays is a bucket-level setting to shift transfer costs to the user.
- Only GET and LIST requests incur requester charges.
- Always think about who is accessing data and how frequently to choose the best access option.
- Combine access controls with storage classes (like S3 Standard, S3 Glacier) for full cost optimization.
