This chapter covers S3 Lifecycle Policies and Storage Classes, a critical topic for the SOA-C02 exam. You will learn how to automate data lifecycle management to optimize storage costs, compliance, and performance. Approximately 10-15% of exam questions touch on S3 storage classes and lifecycle policies, often in scenario-based questions where you must choose the right storage class or lifecycle rule for a given use case. Mastery of this topic is essential for passing the SysOps exam and for real-world cost optimization.
Jump to a section
Imagine a large warehouse with multiple storage zones: a 'Hot Zone' near the loading dock for frequent access, a 'Warm Zone' further inside for less frequent items, a 'Cold Zone' deep in the back for rarely accessed goods, and a 'Shredder' for disposal. You are the warehouse manager and you create a set of rules: 'Items that haven't been touched in 30 days should be moved from the Hot Zone to the Warm Zone. Items untouched for 90 days go to the Cold Zone. Items untouched for a year go to the shredder.' You also have a rule: 'Any item that was accessed in the last 30 days stays in the Hot Zone.' The warehouse workers follow these rules automatically every night. They don't ask; they just execute. If a rule says 'move after 30 days', they count 30 days from the item's arrival date (or last modified date) and move it exactly on the 31st day. They don't care if the item is valuable or not—they follow the rules blindly. If you make a mistake, like forgetting to set a rule for a new item, it stays in the Hot Zone forever, costing you more money. Your job is to define the rules precisely, test them, and monitor the warehouse to ensure items are in the right zone. This is exactly how S3 Lifecycle Policies work: you define rules (transitions and expirations) based on object age, and S3 automatically moves or deletes objects without further intervention. The 'storage zones' are S3 storage classes: S3 Standard (Hot), S3 Standard-IA (Warm), S3 Glacier (Cold), S3 Glacier Deep Archive (Deep Freeze), and Delete (Shredder).
What are S3 Storage Classes?
Amazon S3 offers a range of storage classes designed for different access patterns and durability requirements. Each class offers a trade-off between cost, availability, and retrieval time. The exam expects you to know the characteristics of each class, including durability, availability, minimum storage duration, retrieval fees, and use cases.
S3 Standard: 99.999999999% durability (11 9's), 99.99% availability. No minimum storage duration. No retrieval fee. Use for frequently accessed data.
S3 Intelligent-Tiering: Automatically moves data between two access tiers (frequent and infrequent) based on changing access patterns. No retrieval fees, but a monthly monitoring and automation fee per object. Minimum storage duration: 30 days for the infrequent access tier.
S3 Standard-IA (Infrequent Access): 99.9% availability. Lower storage cost than Standard, but has a retrieval fee and a minimum storage duration of 30 days. Use for data accessed less frequently but requires rapid access when needed.
S3 One Zone-IA: Same as Standard-IA but stored only in a single Availability Zone. Durability is 99.999999999% (since S3 replicates within the zone), but availability is 99.5%. Lower cost. Minimum storage duration: 30 days. Use for non-critical, reproducible data.
S3 Glacier Instant Retrieval: Archive storage with millisecond retrieval. Minimum storage duration: 90 days. Use for data accessed once per quarter.
S3 Glacier Flexible Retrieval: Low-cost archive storage with retrieval times from minutes to hours. Minimum storage duration: 90 days. Use for backup and archival data.
S3 Glacier Deep Archive: Lowest-cost storage with retrieval times of 12 hours (standard) to 48 hours (bulk). Minimum storage duration: 180 days. Use for long-term archival.
S3 Outposts: For data stored on-premises in AWS Outposts environments.
All S3 storage classes offer the same durability (11 9's) except One Zone-IA (also 11 9's within a single AZ, but not resilient to AZ loss). Availability varies: Standard (99.99%), Standard-IA and One Zone-IA (99.9%), Glacier Instant Retrieval (99.9%), Glacier Flexible Retrieval (99.99%), Glacier Deep Archive (99.99%).
Lifecycle Policies: Automation Rules
Lifecycle policies are sets of rules that automate the transition of objects between storage classes or their deletion. A lifecycle configuration is applied to a bucket. Each rule consists of:
Filter: Selects objects by prefix, tags, or object size. You can also apply to the entire bucket.
Transitions: Define when to move objects to another storage class. You can have multiple transition actions per rule.
Expiration: Define when to delete objects permanently.
Noncurrent version transitions/expirations: For versioned buckets, you can manage noncurrent versions separately.
Abort incomplete multipart uploads: Automatically abort multipart uploads after a specified number of days.
How Lifecycle Policies Work Internally
S3 evaluates lifecycle rules once per day (at midnight UTC). The policy is applied based on the object's creation date (or last modified date for versioned objects). For transitions, the age is calculated as the number of days since the object was created. For example, if you set a transition to Standard-IA after 30 days, S3 will move the object on the 31st day (or the next day after 30 full days have passed). The transition happens asynchronously; you cannot predict the exact time, but it will occur within 24 hours of the rule's effective date.
Important: Lifecycle transitions are one-way. You can only move to colder storage classes (e.g., Standard -> Standard-IA -> Glacier -> Deep Archive). You cannot automatically move back to a hotter class. (Intelligent-Tiering is an exception, but it's a storage class, not a lifecycle action.)
Key Values, Defaults, and Timers
Minimum storage duration charges: Standard-IA and One Zone-IA have a 30-day minimum. If you delete or transition an object before 30 days, you are charged for 30 days. Glacier Instant Retrieval and Glacier Flexible Retrieval have a 90-day minimum. Glacier Deep Archive has a 180-day minimum.
Transition cost: There is a per-object cost for transitioning between storage classes (e.g., from Standard to Standard-IA). The cost is based on the number of objects transitioned, not size.
Expiration: When you set an expiration action, S3 deletes the object permanently. For versioned buckets, you can expire current versions or delete noncurrent versions. Deletion markers are also managed.
Abort incomplete multipart uploads: You can specify the number of days after initiation to abort. This is critical for cost control.
Filtering: You can use prefixes (e.g., logs/) and tags (e.g., key=value). You can also specify object size to apply rules only to objects larger than a certain size (e.g., > 128 KB). This is useful because small objects may not benefit from transition due to minimum charges.
Configuration and Verification
Lifecycle policies are configured at the bucket level. You can use the AWS Management Console, AWS CLI, SDKs, or CloudFormation. The CLI command is:
aws s3api put-bucket-lifecycle-configuration --bucket my-bucket --lifecycle-configuration file://lifecycle.jsonExample lifecycle.json:
{
"Rules": [
{
"Id": "Move-old-logs",
"Status": "Enabled",
"Filter": {
"Prefix": "logs/",
"Tags": [
{
"Key": "type",
"Value": "archive"
}
]
},
"Transitions": [
{
"Days": 30,
"StorageClass": "STANDARD_IA"
},
{
"Days": 90,
"StorageClass": "GLACIER"
}
],
"Expiration": {
"Days": 365
}
}
]
}To verify, use:
aws s3api get-bucket-lifecycle-configuration --bucket my-bucketYou can also use S3 Inventory to list objects and their storage classes, and S3 Storage Lens to analyze storage usage and costs.
Interaction with Related Technologies
S3 Versioning: Lifecycle policies can manage noncurrent versions separately. For example, you can transition noncurrent versions to Glacier after 30 days and delete them after 365 days. This is crucial for backup and compliance.
S3 Object Lock: If you enable Object Lock (retention or legal hold), lifecycle expiration actions are blocked until the retention period expires or the legal hold is removed. Transitions are still allowed.
S3 Replication: Lifecycle policies are applied after replication. If you replicate objects to another bucket, the destination bucket can have its own lifecycle policies independent of the source.
S3 Event Notifications: You can trigger events on lifecycle transitions (e.g., s3:LifecycleTransition) to notify other services like Lambda.
AWS Cost Explorer: Use to analyze cost savings from lifecycle policies.
Common Exam Scenarios
The exam loves to test your understanding of:
Minimum storage duration charges: If you transition an object to Standard-IA after 20 days, you are charged for 30 days. If you then transition to Glacier after another 20 days (40 total), you are charged for the remaining 10 days of Standard-IA minimum, plus the 90-day minimum for Glacier starts from the transition date.
The order of transitions: You cannot transition from Standard directly to Deep Archive without a middle class? Actually, you can skip classes. For example, you can transition from Standard to Glacier after 30 days, then to Deep Archive after 180 days. Or you can go directly from Standard to Deep Archive after 180 days. The exam may ask which transitions are valid.
Intelligent-Tiering vs. Lifecycle: Intelligent-Tiering automatically moves objects between frequent and infrequent access tiers based on access patterns, but it does not move to Glacier or delete. Lifecycle policies are needed for archival and deletion.
Lifecycle rules for versioned buckets: Managing noncurrent versions is a common exam topic. You can set NoncurrentVersionTransitions and NoncurrentVersionExpiration. The NewerNoncurrentVersions parameter allows you to limit the number of noncurrent versions retained.
Abort incomplete multipart uploads: This is a best practice to avoid storage costs from failed uploads. The exam may ask about the appropriate number of days (commonly 7 days).
Performance and Scale
Lifecycle policies are designed to handle billions of objects. However, there are limits: you can have up to 1,000 lifecycle rules per bucket. Each rule can have up to 1,000 transitions (but practically you use a few). The evaluation happens once per day, so there may be a delay between when an object becomes eligible and when it is transitioned. For large-scale transitions, S3 batches the operations; you can monitor progress via CloudTrail events.
Troubleshooting
Common issues:
Objects not transitioning: Check that the rule is enabled, filter matches, and the storage class is lower in the transition hierarchy. Also check that the object is not under retention (Object Lock).
Unexpected deletion: Double-check expiration rules. Use S3 Versioning to recover deleted objects.
High costs: Verify that you are not transitioning small objects frequently. Use object size filter to exclude objects < 128 KB from transition rules.
Identify Access Patterns
Analyze your data to determine how often each object is accessed. Use S3 Storage Lens or S3 Inventory to gather metrics. For example, log files may be accessed frequently for the first 30 days, then rarely. Determine the appropriate storage class for each phase: S3 Standard for hot data, Standard-IA for warm data, Glacier for cold data, and Deep Archive for frozen data. Also decide on deletion timelines for compliance or data retention policies.
Define Lifecycle Rules
Create a lifecycle configuration with rules that match your access patterns. Each rule can have multiple transitions and one expiration. Use filters (prefix, tags, object size) to target specific objects. For example, a rule for logs: transition to Standard-IA after 30 days, to Glacier after 90 days, delete after 365 days. For versioned buckets, add noncurrent version transitions (e.g., after 30 days) and expiration (e.g., after 365 days). Set abort incomplete multipart uploads to 7 days to clean up failed uploads.
Apply Lifecycle Policy to Bucket
Use the AWS Management Console, CLI, or SDK to apply the lifecycle configuration to the S3 bucket. For CLI, use `put-bucket-lifecycle-configuration`. Ensure the policy is valid JSON. For example: `aws s3api put-bucket-lifecycle-configuration --bucket my-bucket --lifecycle-configuration file://lifecycle.json`. Verify the policy with `get-bucket-lifecycle-configuration`. The policy takes effect immediately, but transitions and expirations are evaluated once per day at midnight UTC.
Monitor and Verify Transitions
After the policy is applied, monitor the bucket to ensure objects are transitioning as expected. Use S3 Inventory to list objects and their storage classes. Use CloudTrail to log lifecycle events (e.g., `s3:LifecycleTransition`). Check for errors: if a transition fails (e.g., due to insufficient permissions), S3 retries internally. You can also use S3 Storage Lens to visualize storage class distribution and cost savings. Adjust rules if needed based on actual access patterns.
Optimize and Iterate
Review your lifecycle policies periodically. Use AWS Cost Explorer to analyze storage costs. If you find that objects are being transitioned too early (incurring minimum storage charges), adjust the days. For example, if you transition to Standard-IA after 20 days, you pay for 30 days minimum. Change to 30 days to avoid extra charges. Also consider using Intelligent-Tiering for unpredictable access patterns. Test changes on a small subset first. Document your lifecycle strategy for compliance and audits.
Enterprise Scenario 1: Log Archival for a SaaS Platform
A SaaS company generates terabytes of application logs daily. Logs are stored in S3 Standard for the first 30 days for real-time debugging. After 30 days, logs are rarely accessed but must be retained for 7 years for compliance. The company implements a lifecycle policy: transition to Standard-IA after 30 days, to Glacier after 90 days, and to Deep Archive after 365 days. They also set an expiration after 2555 days (7 years). They use S3 Inventory to verify transitions and CloudTrail to audit deletions. A common pitfall: they initially did not use an object size filter, so small log entries (e.g., 1 KB) were transitioned, incurring minimum storage charges that exceeded the storage cost. They added a filter to exclude objects < 128 KB from transition rules, reducing costs by 40%.
Enterprise Scenario 2: Media Content Lifecycle
A media company stores video files. New uploads are stored in S3 Standard for fast delivery. After 60 days, they become less popular, so they are transitioned to Standard-IA. After 180 days, they are moved to Glacier Flexible Retrieval for archival. The company also has a requirement to permanently delete content after 5 years. They use lifecycle rules with tags (e.g., type=video) to apply transitions. They also enable S3 Versioning to preserve previous versions; they set noncurrent version transitions to Glacier after 30 days and delete after 365 days. A challenge: they forgot to abort incomplete multipart uploads, leading to thousands of partial uploads accumulating costs. They added a rule to abort uploads after 7 days, saving $500/month.
Enterprise Scenario 3: Backup and Disaster Recovery
An enterprise uses S3 for backups. They replicate backups to a second region using S3 Cross-Region Replication. The source bucket has a lifecycle policy to transition to Standard-IA after 15 days and to Glacier after 90 days. The destination bucket has its own lifecycle policy to transition to Glacier after 30 days and delete after 3 years. They discovered that objects replicated to the destination were not transitioning because the replication destination bucket had a different lifecycle policy. They learned that lifecycle policies are independent per bucket. They also found that if an object is under legal hold, expiration is blocked. They now use Object Lock with retention periods to ensure compliance before deletion.
Exactly What SOA-C02 Tests
The SOA-C02 exam objective 3.3 covers 'Implement and manage lifecycle policies and storage classes.' Expect scenario-based questions where you must choose the correct storage class or lifecycle rule for a given use case. Key areas:
- Storage class characteristics: Durability, availability, minimum storage duration, retrieval fees, and use cases. You must know the exact numbers: 30-day minimum for Standard-IA and One Zone-IA, 90-day for Glacier Instant Retrieval and Glacier Flexible Retrieval, 180-day for Deep Archive.
- Lifecycle rule actions: Transitions, expiration, noncurrent version transitions, noncurrent version expiration, abort incomplete multipart uploads. Know the order: transition to colder classes only.
- Filtering: Prefix, tags, object size. The exam may ask which filter to use to exclude small objects.
- Versioning interaction: How lifecycle handles current vs. noncurrent versions. The NewerNoncurrentVersions parameter (maximum number of noncurrent versions to retain) is a new exam topic.
Common Wrong Answers and Why
Choosing S3 Standard-IA for data accessed once a month: Wrong because Standard-IA has a retrieval fee and 30-day minimum. Glacier Instant Retrieval is better for quarterly access. Candidates often pick Standard-IA because it sounds like 'infrequent' but forget the minimum storage duration.
Assuming lifecycle transitions are immediate: Wrong. Transitions happen once per day at midnight UTC. Candidates think it's real-time.
Using a lifecycle rule to transition from Glacier to Standard: Wrong because transitions are one-way (colder only). Candidates may think you can move back.
Setting expiration on current versions without considering versioning: In a versioned bucket, expiration of current version creates a delete marker, not permanent deletion. Candidates forget this.
Not using object size filter: Transitioning small objects (< 128 KB) can incur minimum storage charges that exceed savings. The exam tests this optimization.
Specific Numbers and Terms
Minimum storage duration: 30 days for STANDARD_IA and ONEZONE_IA, 90 days for GLACIER and GLACIER_IR, 180 days for DEEP_ARCHIVE.
Transition costs: per 1,000 objects for each transition.
Lifecycle evaluation: once per day at midnight UTC.
Maximum lifecycle rules per bucket: 1,000.
Abort incomplete multipart uploads: commonly set to 7 days.
Edge Cases
Object Lock: If an object has a retention period, expiration is blocked until retention expires. Transitions are still allowed.
Intelligent-Tiering: If you enable lifecycle on an Intelligent-Tiering bucket, you can transition to Glacier after 90 days, but you cannot delete before 30 days because Intelligent-Tiering has its own minimum.
Cross-Region Replication: Lifecycle policies on source and destination buckets are independent. Replicated objects inherit the source object's last modified date, so lifecycle rules on the destination bucket apply from that date.
How to Eliminate Wrong Answers
Use the underlying mechanism: storage classes trade off cost for retrieval speed. If the question says 'millisecond retrieval', eliminate Glacier Flexible Retrieval and Deep Archive. If it says 'lowest cost', eliminate Standard and Intelligent-Tiering. For lifecycle, remember the 'one-way' rule and the daily evaluation. Also, check for minimum storage duration: if the data is deleted before 30 days, Standard-IA is not cost-effective. Always consider the retrieval fee: if data is accessed frequently, Standard-IA is more expensive than Standard due to retrieval fees.
S3 Standard-IA and One Zone-IA have a 30-day minimum storage duration; Glacier Instant Retrieval and Glacier Flexible Retrieval have 90 days; Glacier Deep Archive has 180 days.
Lifecycle transitions are one-way only: you can only move to colder storage classes (Standard -> Standard-IA -> Glacier -> Deep Archive).
Lifecycle policies are evaluated once per day at midnight UTC; transitions and expirations occur within 24 hours after eligibility.
Use object size filter (e.g., > 128 KB) to avoid transitioning small objects that incur minimum storage charges.
For versioned buckets, noncurrent version transitions and expiration must be configured separately; expiring current versions creates delete markers.
Abort incomplete multipart uploads via lifecycle to avoid storage costs from failed uploads; typically set to 7 days.
S3 Intelligent-Tiering automatically moves between frequent and infrequent tiers but does not archive to Glacier or delete.
These come up on the exam all the time. Here's how to tell them apart.
S3 Intelligent-Tiering
Automatically moves objects between frequent and infrequent access tiers based on access patterns.
No retrieval fees, but charges a monthly monitoring and automation fee per object.
Best for unpredictable or changing access patterns.
Cannot transition to Glacier or delete objects; only moves between two tiers.
Minimum storage duration of 30 days for the infrequent access tier.
Manual Lifecycle Policies
You define explicit rules for transitions and expiration based on object age.
No per-object monitoring fee, but you pay for transition operations (per 1,000 objects).
Best for predictable access patterns (e.g., logs transition after 30 days).
Can transition to any colder storage class (Standard-IA, Glacier, Deep Archive) and delete objects.
Can filter by prefix, tags, and object size for granular control.
Mistake
Lifecycle transitions happen immediately when the object reaches the specified age.
Correct
Lifecycle policies are evaluated once per day at midnight UTC. Objects are transitioned within 24 hours after they become eligible, not instantly.
Mistake
You can transition objects from Glacier back to Standard using a lifecycle policy.
Correct
Lifecycle transitions are one-way only, moving to colder storage classes. To move back to Standard, you must manually restore or copy the object.
Mistake
S3 Standard-IA is always cheaper than S3 Standard for infrequently accessed data.
Correct
Standard-IA has a retrieval fee and a 30-day minimum storage charge. For data accessed more than once a month or stored for less than 30 days, Standard may be cheaper.
Mistake
Expiring current versions in a versioned bucket permanently deletes the object.
Correct
Expiring a current version creates a delete marker, making the object noncurrent. To permanently delete, you must also expire noncurrent versions or delete the delete marker.
Mistake
Lifecycle policies can be applied to individual objects.
Correct
Lifecycle policies are applied to a bucket or a filtered subset of objects (by prefix, tag, or size). You cannot apply a policy to a single object directly.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
30 days. If you delete or transition an object out of Standard-IA before 30 days, you are charged for the full 30 days. For example, if you transition an object to Standard-IA after 20 days and then delete it 10 days later, you pay for 30 days of Standard-IA storage. Always consider this when designing lifecycle rules to avoid unexpected costs.
No. Lifecycle transitions are one-way, moving only to colder storage classes (e.g., Standard -> Standard-IA -> Glacier -> Deep Archive). To move from Glacier back to Standard, you must manually restore the object using S3 Glacier restore or copy it to a new object in Standard. Lifecycle policies cannot automate this reverse transition.
You can set separate rules for current and noncurrent versions. For current versions, expiration creates a delete marker. For noncurrent versions, you can transition them to colder storage (e.g., after 30 days) and expire them (e.g., after 365 days). Use the `NewerNoncurrentVersions` parameter to limit the number of noncurrent versions retained. This is critical for cost control in versioned buckets.
Intelligent-Tiering automatically moves objects between frequent and infrequent access tiers based on actual access patterns, with no retrieval fees but a monthly monitoring fee per object. Lifecycle policies require you to define explicit age-based rules for transitions and expiration. Intelligent-Tiering cannot move objects to Glacier or delete them; lifecycle policies can. Use Intelligent-Tiering for unpredictable patterns and lifecycle for predictable archival and deletion.
Possible reasons: (1) The rule is disabled. (2) The filter (prefix/tags/size) does not match the objects. (3) The object is under Object Lock (retention or legal hold) which blocks expiration but not transitions. (4) The transition is to a warmer storage class (not allowed). (5) The object was created less than the specified days ago. (6) The bucket is in a region that does not support the target storage class. Check the policy using `get-bucket-lifecycle-configuration` and verify object metadata.
Transition costs are per 1,000 objects, not per GB. For example, transitioning from Standard to Standard-IA costs $0.01 per 1,000 objects (varies by region). There is also a cost for transitioning from Standard-IA to Glacier. Additionally, storage costs for each class apply per GB per month. Always consider transition frequency and object count when optimizing costs.
Yes, but with caveats. Object Lock retention periods (retention until date or indefinite legal hold) prevent lifecycle expiration actions from deleting the object until the retention period expires or the legal hold is removed. Transitions to colder storage classes are still allowed. If you need to delete objects after a compliance period, ensure the retention period aligns with your lifecycle expiration.
You've just covered S3 Lifecycle Policies and Storage Classes — now see how well it sticks with free SOA-C02 practice questions. Full explanations included, no account needed.
Done with this chapter?