04 Storage Flashcards

1
Q

Describe FSx for Windows File Server.

A

FSx for Windows File Server is a Windows-native shared storage solution that uses SMB, integrates with Directory Service or self-managed Active Directory, and can operate in single or multi-AZ mode.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How can backups be managed in FSx for Windows File Server?

A

Backups in FSx for Windows File Server can be performed on-demand or scheduled.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explain how FSx can be accessed.

A

FSx can be accessed using SMB directly in a VPC, through peering, VPN, or Direct Connect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the purpose of FSx for Lustre?

A

FSx for Lustre is designed for shared HPC storage specifically for Linux clients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define the two modes of operation for FSx for Lustre.

A

FSx for Lustre operates in two modes: Scratch, optimized for short-term storage with maximum performance and no replication, and Persistent, used for longer-term storage with self-healing and high availability within a single AZ.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How does the Lustre file-system interact with S3?

A

The Lustre file-system can be lazy loaded from an S3 bucket, providing high-performance access to S3 objects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the availability options for EFS?

A

EFS can be configured for multi-AZ or single zone availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe the purpose of S3 storage classes.

A

S3 storage classes allow optimization of the service for specific workloads.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is S3 Express One Zone?

A

S3 Express One Zone is the most expensive S3 option, offering better performance than S3 Standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Define lifecycle configurations in S3.

A

Lifecycle configurations are rules that transition objects between storage classes and delete them based on a period of time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How do lifecycle rules operate in S3?

A

Lifecycle rules in S3 are based on a period of time rather than access patterns, and can be configured based on object versions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the minimum waiting period for transitioning from Standard to an infrequent tier in S3?

A

A minimum of 30 days must be waited before transitioning from Standard to an infrequent tier, and another 30 days to move to Glacier tiers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Explain the purpose of replication in S3.

A

Replication in S3 mirrors content from one bucket to another in a different region and/or accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What role does IAM play in S3 replication?

A

An IAM role added to the replication configuration grants S3 the required permissions to perform the replication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Describe the requirement for cross-account replication in S3.

A

A bucket policy on the destination is required for cross-account replication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How can filters be used in S3 replication?

A

Filters can be used to replicate objects based on prefix and/or tags.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Define the storage class configuration in S3 replication.

A

The storage class used in the destination bucket can be configured.

18
Q

What is the default ownership of new objects in the destination bucket during replication?

A

By default, new objects in the destination are owned by the source bucket’s account, but this can be overridden.

19
Q

Explain Replication Time Control (RTC) in S3.

A

Replication Time Control (RTC) adds a 15-minute SLA to replication; otherwise, replication is best effort.

20
Q

How is replication direction configured in S3?

A

Replication is one-way by default, but bi-directional replication can be enabled.

21
Q

What types of encrypted objects can be replicated in S3?

A

Replication of encrypted objects using SSE-KMS and SSE-C is supported.

22
Q

Which storage classes cannot be replicated in S3?

A

Objects stored in Glacier and Glacier Deep Archive cannot be replicated.

23
Q

Define the encryption method used by SSE-S3 in S3.

A

SSE-S3 performs AES-256 encryption using keys managed by S3, and it is now the default encryption method.

24
Q

What is a limitation of SSE-S3 regarding role separation?

A

SSE-S3 does not allow role separation; anyone with GetObject permissions can also decrypt objects.

25
Q

How does SSE-C differ from SSE-S3?

A

SSE-C uses a customer-provided key which is passed with requests to the S3 API, unlike SSE-S3 which uses S3-managed keys.

26
Q

What is the advantage of using SSE-KMS in S3?

A

SSE-KMS uses a key managed in KMS, allowing for key rotation and other management features.

27
Q

What are bucket keys in the context of SSE-KMS?

A

Bucket keys allow KMS to share keys across multiple objects in a bucket, reducing costs.

28
Q

What are pre-signed URLs in S3?

A

Pre-signed URLs give time-limited permissions to download or upload an object, based on the identity that created the URL.

29
Q

How do S3 Select and Glacier Select optimize data retrieval?

A

S3 Select and Glacier Select use a SQL-like syntax for server-side filtering, reducing the amount of data that needs to be fetched.

30
Q

Describe the purpose of Access Points in S3.

A

Access Points simplify the management of permissions by creating multiple endpoints, each with different policies and networking controls.

31
Q

How can Access Points be secured in S3?

A

Access Points can be paired with VPC endpoints to ensure they can only be accessed via a specific VPC endpoint.

32
Q

What is the function of Object Lock in S3?

A

Object Lock protects object versions for a specific period of time or indefinitely.

33
Q

Explain retention periods in the context of Object Lock.

A

Retention periods are for a fixed period of time and can be extended but not removed.

34
Q

Describe the difference between compliance mode and governance mode in legal holds.

A

In compliance mode, nobody can overwrite the legal hold, while in governance mode, object versions can be overwritten with special permissions.

35
Q

How does Amazon Macie enhance data security in S3?

A

Amazon Macie uses machine learning to detect personally identifiable information (PII) and other sensitive data in S3 objects.

36
Q

Define EBS and its purpose in AWS.

A

EBS, or Elastic Block Store, provides high-performance, resilient storage for EC2 instances.

37
Q

What are EBS Snapshots and how do they function?

A

EBS Snapshots are incremental backups of EBS volumes, allowing for efficient data backup and recovery.

38
Q

Explain the role of Amazon Data Lifecycle Manager.

A

Amazon Data Lifecycle Manager automates the creation and management of EBS Snapshots.

39
Q

How do Instance Store Volumes differ from EBS volumes?

A

Instance Store Volumes are attached directly to the underlying EC2 instance and are lost if the instance is stopped and then started again.

40
Q

Describe the function of AWS Transfer.

A

AWS Transfer facilitates the transfer of data to and from S3 and EFS using non-native protocols such as SSH (SFTP) and FTP.