Amazon S3 Flashcards
How many bytes can files be in S3?
0 bytes to 5 TB
You create your buckets within a _____
You create your buckets within a Region
There’s no ____ for objects within a bucket
There’s no ____ for objects within a bucket
hierarchy
S3 delivers strong ___ ___ ____ consistency
read-after-write consistency
You can use an object key name (prefix) to _____ folders
You can use an object key name (prefix) to mimic folders
What is the max default bucket amount per account?
100 buckets per account by default
What file type does S3 support?
any file type
Each object is ____ and _______ by a unique key
Each object is ____ and _______ by a unique key
stored, retrieved
Objects are stored in the region they are setup in unless you setup __________
setup replication
Bucket Policies are _________-based policies
Bucket Policies are resource-based policies
Bucket policies can only be attached to Amazon __ _______
Bucket policies can only be attached to Amazon S3 buckets
AWS generally recommends using ___ _____ policies or ___ policies rather than ACLS
AWS generally recommends using S3 bucket policies or IAM policies rather than ACLS
;
Use IAM policies if you have numerous S3 buckets that require ________ permissions
Use IAM policies if you have numerous S3 buckets that require different permissions
Bucket policies allow you to grant ____-______ access to your S3 environment, without using IAM _____
Bucket policies allow you to grant cross-account access to your S3 environment, without using IAM roles
Versioning-enabled buckets enable you to recover objects from accidental ________ or ________
Versioning-enabled buckets enable you to recover objects from accidental deletion or overwrite
Transition actions are when objects transition to another _______ _____
Transition actions are when objects transition to another storage class
Expiration actions are when an object ______ or gets ______ by S3
Expiration actions are when an object expires or gets deleted by S3
You can transition any storage class to which two storage classes?
S3 Glacier or S3 Glacier Deep Archive
You can’t transition any storage class to
S3 standard
You can’t transition the S3 One Zone-IA storage class to which two storage classes?
Standard-IA or S3 Intelligent-Tiering storage classes
MFA Delete Adds MFA requirement for bucket owners to perform the following actions: (2)
- Changing the __________ state of a bucket
- Permanently _______ an object version
Changing the versioning state of a bucket
- Permanently deleting an object version
The second factor of MFA Delete is a _____ _________ by a hardware device or ________ program
The second factor of MFA Delete is a token generated by a hardware device or software program
Versioning can be enabled by: (3)
- _____ owners
- AWS account that ________ the bucket
- _________ IAM users
- Bucket owners
- AWS account that created the bucket
- Authorized IAM users
MFA delete can be enabled by the ______ owner or ____ account
MFA delete can be enabled by the Bucket owner or root account
MFA-protected API access is used to enforce the ___________ factor (MFA code) when accessing AWS ________
MFA-protected API access is used to enforce the authentication factor (MFA code) when accessing AWS resources
ServerSideEncryption SSE-S3 works by using ___ existing encryption key for ________
ServerSideEncryption SSE-S3 works by using S3’s existing encryption key for AES-256
With ServerSideEncryption Client SSE-C you upload your own _______ encryption key which S3 uses when it ______ objects
With ServerSideEncryption Client SSE-C you upload your own AES-256 encryption key which S3 uses when it writes objects
ServerSideEncryption SSE-KMS uses a key generated and managed by ___ ___
ServerSideEncryption SSE-KMS uses a key generated and managed by AWS KMS
How does client-side encryption work in regards to S3?
You encrypt objects using your own local encryption process before uploading to S3
Amazon S3 encrypts objects before saving them to disk and decrypts them when
Amazon S3 encrypts objects before saving them to disk and decrypts them when the objects are downloaded
S3 Event Notifications can possibly be sent to which three AWS services?
- Simple Notification Service (SNS) topics
- Simple Queue Service (SQS) queues
- AWS Lambda
S3 Multipart Upload can be used for objects from _____ up to _____
S3 Multipart Upload can be used for objects from 5 MB up to 5 TB
S3 Transfer Acceleration leverages Amazon __________ ____ Location
S3 Transfer Acceleration leverages Amazon CloudFront Edge Location
S3 Transfer Acceleration is used to accelerate object uploads to S3 over ____ ________ to minimize _____
S3 Transfer Acceleration is used to accelerate object uploads to S3 over long distances to minimize latency
S3 Transfer Acceleration is as secure as a ______ upload to S3
S3 Transfer Acceleration is as secure as a direct upload to S3
With S3 Transfer Acceleration, you are charged only if there was a ______ in ______ times
With S3 Transfer Acceleration, you are charged only if there was a benefit in transfer times
For S3 Transfer Acceleration, to work you need to _____ transfer acceleration on the __ _____
For S3 Transfer Acceleration, to work you need to enable transfer acceleration on the S3 bucket
S3 Copy API objects up to __ GB in size
S3 Copy API objects up to 5 GB in size
S3 Copy API can be used to (3)
- Move objects across AWS ______
- Change object _______
- ______ objects
- Move objects across AWS ∫regions
- Change object metadata
- Rename objects
S3 Copy API can be used to change the copy’s ________ class or __________ at rest status
S3 Copy API can be used to change the copy’s storage class or encryption at rest status
Server Access Logging provides ________ records for the ______ that are made to a bucket
Server Access Logging provides detailed records for the requests that are made to a bucket
Server Access Logging is ______ by default
Server Access Logging is disabled by default
Server Access Logging only pay for the ______ _____ used
Server Access Logging only pay for the storage space used
Server Access Logging must grant _____ permissions to the Amazon S3 log delivery group on the __________ bucket
Server Access Logging must grant write permissions to the Amazon S3 log delivery group on the destination bucket
S3 Performance Optimizations increase ____ and _____ performance by _________ reads
S3 Performance Optimizations increase read or write performance by parallelizing reads
S3 Performance Optimizations retry requests for _______-Sensitive _________
S3 Performance Optimizations retry requests for Latency-Sensitive Applications
S3 Performance Optimizations combine Amazon __ and Amazon ___ in the Same AWS ______
S3 Performance Optimizations combine Amazon S3 and Amazon EC2 in the Same AWS Region
S3 Glacier Deep Archive retrieval time is within __ hours, which makes it the ______ cost storage class
S3 Glacier Deep Archive retrieval time is within 12 hours, which makes it the lowest cost storage class
S3 Glacier Deep Archive is Ideal for highly-regulated industries that need to retain data for
__-__ years or longer to meet _________ compliance requirements.
S3 Glacier Deep Archive is Ideal for highly-regulated industries that need to retain data for
7-10 years or longer to meet regulatory compliance requirements.
S3 Glacier Flexible Retrieval Features configurable retrieval times, from _______ to _____, with free ____ retrievals
S3 Glacier Flexible Retrieval Features configurable retrieval times, from minutes to hours, with free bulk retrievals
S3 Glacier Flexible is ideal for _______ and ________ recovery use cases when large sets of data need to be retrieved in ______, without concern for _____
S3 Glacier Flexible is ideal for backup and disaster recovery use cases when large sets of data need to be retrieved in minutes, without concern for costs
S3 Glacier Instant Retrieval provides data with the same speed, durability, and availability as S3 Standard. What is the main difference between the two?
S3 Glacier Instant Retrieval is a fraction of the price
S3 Glacier Instant Retrieval is ideal for archival data that needs immediate access such as
medical images, or new media
S3 One Zone-IA is ideal for customers who want a lower-cost option for infrequently accessed data but do not require the availability and resilience of which two S3 storage classes?
S3 Standard or S3 Standard Infrequent Access
The combination of low cost and high performance makes S3 Standard-IA ideal for? (3)
Long-term storage
Backups
Disaster recovery files
If your IAM policies are reaching their size limits you should
switch to using bucket policies
What is the max number of objects that can be stored in S3?
Unlimited
S3 Lifecycle management automates ________ objects between the different ________ tiers
S3 Lifecycle management automates moving objects between the different storage tiers
S3 Lifecycle management can be used in conjunction with versioning which would apply to the _______ and _______ versions
S3 Lifecycle management can be used in conjunction with versioning which would apply to the current and previous versions
Use S3 Object Lock to store objects using a Write _____ Read _____ model
Use S3 Object Lock to store objects using a Write Once Read Many (WORM) model
Object Lock can be applied to an individual _____ or the entire _____
Object Lock can be applied to an individual object or the entire bucket
With Governance mode, users can’t __________ or ______ an object _____ unless they have special permissions.
With Governance mode, users can’t overwrite or delete an object version unless they have special permissions.
With Governance mode, users can’t _____ a version ____ settings unless they have special permissions.
With Governance mode, users can’t modify a version lock settings unless they have special permissions.
What two modes does object lock come in?
Governance Mode
Compliance Mode
With compliance mode an object version can’t be ___________ or _______ by any user including the ____ ____
With compliance mode, an object version can’t be overwritten or deleted by any user including the root user
You can get better performance with S3 by spreading reads across different prefixes. For example, if you are using 2 prefixes, you can achieve _____ as many ______ per second
You can get better performance with S3 by spreading reads across different prefixes. For example, if you are using 2 prefixes, you can achieve twice as many requests per second
S3 Glacier Deep Archive is used in which three industries?
__________ Services, Healthcare, and _____ Sectors
Financial Services, Healthcare, and Public Sectors
S3 One Zone-IA stores data in one AZ while the other S3 Storage Classes store data in a minimum of __ AZs
S3 One Zone-IA stores data in on AZ while the other S3 Storage Classes store data in a minimum of 3 AZs
Object Lock can help prevent objects from being deleted or overwritten for a ______ amount of time or ____________
Object Lock can help prevent objects from being deleted or overwritten for a fixed amount of time or indefinitely.
Object Lock works only in _________ buckets
Object Lock works only in versioned buckets
S3 One Zone Infrequent Access is best used for data that requires ______ access when needed.
S3 One Zone Infrequent Access is best used for data that requires rapid access when needed.
S3 One Zone Infrequent Access is a good choice for storing ________ _______ copies
S3 One Zone Infrequent Access is a good choice for storing secondary backup copies
