Amazon S3

Question 1

S3

Answer 1

Advertised as ”infinitely scaling” storage

Question 2

What do Buckets (directories) do?

Answer 2

stores objects (files)

Question 3

What must you use when uploading more than 5GB?

Answer 3

Must use “multi-part upload”

Question 4

What is an Amazon S3 User-Based security?

Answer 4

IAM Policies

Question 5

What are three types of Amazon S3 Resource-Based security?

Answer 5

1. Bucket Policies
2. Object Access Control List
3. Bucket Access Control List

Question 6

What does an IAM principal need to access an S3 object?

Answer 6

The user IAM permissions ALLOW it
OR
the resource policy ALLOWS it
AND
there’s no explicit DENY

Question 7

What is necessary for object encryption in Amazon S3?

Answer 7

Encryption keys

Question 8

What allows you to:
1. Grant public access to the bucket
2. Force objects to be encrypted at upload
3. Grant access to another account (Cross account)

Answer 8

S3 bucket policies

Question 9

S3 can host ………….. and have them……….

Answer 9

static websites, accessible on the Internet

Question 10

What does Versioning do?

Answer 10

Allows safe updating of website

Question 11

CRR

Answer 11

Cross-Region Replication

Question 12

SRR

Answer 12

Same-Region Replication

Question 13

Permanent deletion of a specific version does noes not replicate. True or False.

Answer 13

True

Question 14

Durability is the…… for all ………

Answer 14

same, storage classes

Question 15

Availability varies depending on storage class. True or false?

Answer 15

True

Question 16

Which storage features:
- 99.99% Availability
- Used for frequently accessed data
- Low latency and high throughput
- Sustain 2 concurrent facility failures

Answer 16

General Purpose

Question 17

• Low-cost object storage meant for archiving / backup
• Pricing: price for storage + object retrieval cost

Answer 17

Amazon S3 Glacier Storage Classes

Question 18

• Millisecond retrieval, great for data accessed once a quarter
• Minimum storage duration of 90 days

Answer 18

Amazon S3 Glacier Instant Retrieval

Question 19

• Expedited (1 to 5 minutes), Standard (3 to 5 hours), Bulk (5 to 12 hours) – free
• Minimum storage duration of 90 days

Answer 19

Amazon S3 Glacier Flexible Retrieval (formerly Amazon S3 Glacier)

Question 20

• Standard (12 hours), Bulk (48 hours)
• Minimum storage duration of 180 days

Answer 20

Amazon S3 Glacier Deep Archive – for long term storage

Question 21

• For data that is less frequently accessed, but requires rapid access when needed
• Lower cost than S3 Standard

Answer 21

S3 Storage Classes – Infrequent Access

Question 22

• 99.9% Availability
• Use cases: Disaster Recovery, backups

Answer 22

Amazon S3 Standard-Infrequent Access (S3 Standard-IA)

Question 23

• High durability (99.999999999%) in a single AZ; data lost when AZ is destroyed
• 99.5% Availability
• Use Cases: Storing secondary backup copies of on-premises data, or data you can recreate

Answer 23

Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)

Question 24

What has these use cases?:
- Backup and storage
- Disaster Recovery
- Archive
- Hybrid Cloud storage
- Application hosting
- Media hosting
- Data lakes & big data analytics
- Software delivery
- Static website

Answer 24

Amazon s3

Question 25

Where are buckets defined?

Answer 25

Defined at the region level

Question 26

S3 looks like a ….. but buckets are created in a…..

Answer 26

global service, region

Question 27

What results in an “Access Denied” message due to the bucket’s security settings.

Answer 27

Attempting to open the file using a public URL.

Question 28

What doesn’t carry authentication?

Answer 28

A bucket’s public URL

Question 29

Why does using the AWS console not results in an “Access Denied” message due to the bucket’s security settings

Answer 29

The AWS console uses pre-signed URLs that include a signature verifying the user’s permissions.

Question 30

What does an IAM policy do?

Answer 30

Allows API calls for a specific user from IAM

Question 31

What are Bucket Policies?

Answer 31

Bucket wide rules from the S3 console.

Question 32

What type of Resource based security allows cross account access?

Answer 32

Bucket Policies

Question 33

Which kind of Bucket Policy allows finer grain control & can be disabled?

Answer 33

Object Access Control List (ACL)

Question 34

Which Bucket Policy is less common and can be disabled?

Answer 34

Bucket Access Control List (ACL)

Question 35

Replication use cases:
1. compliance
2. lower latency access
3. replication across accounts

Answer 35

CRR (Cross-region Replication)

Question 36

Replication use cases:
1. log aggregation
2. live replication between production
3. test accounts

Answer 36

SRR (Same-Region Replication)

Question 37

Both CRR & SRR must enable…….. in……. and…….. buckets

Answer 37

Versioning, source, destination

Question 38

Both CRR & SRR buckets can be in…… AWS accounts

Answer 38

different

Question 39

Is CRR & SRR asynchronous?

Answer 39

Yes

Question 40

Both CRR & SRR must give proper ……… to S3

Answer 40

IAM permissions

Question 41

Why does permanent deletion of a specific version not replicate?

Answer 41

This ensures the file remains in the replica bucket.

Question 42

What represents how many times an object is lost?

Answer 42

Durability

Question 43

…….. durability of objects across multiple AZ

Answer 43

High

Question 44

What measures how readily available a service is?

Answer 44

Availability

Question 45

S3 Standard General Purpose storage has 99.99% Availability. True or False.

Answer 45

True

Question 46

Use Cases for which storage:
-Big Data analytics
-mobile & gaming applications
-content distribution…

Answer 46

General Purpose