AWS S3 101

Question 1

S3 Description

Answer 1

Secure, durable, highly-scalable object storage.

Web service interface to store & retrieve any amount of data from anywhere on the web

Question 2

Is S3 Object-Based?

Answer 2

Yes

Question 3

Object-Based storage

Answer 3

S3 Storage
Not for file systems, booting
videos, flat-files, pictures, etc.
Flat files

Question 4

Block-Based storage

Answer 4

EC2 storage

For file systems, booting

Question 5

S3 File Size limits

Answer 5

0 bytes to 5 Terabytes

Question 6

Is there unlimited storage?

Answer 6

yes

Amazon keeps adding storage

Question 7

S3 is a universal namespace

Answer 7

names must be globally unique

Question 8

Bucket Name Format

Answer 8

https: //s3-REGION.amazonaws.com/BUCKETNAME
https: //s3-eu-west-1.amazonaws.com/stevesbucket

Question 9

HTTP response code for successful upload

Answer 9

HTTP 200

Question 10

Data Consistency Model for S3 PUTS

Answer 10

Read after Write consistency for PUTS of new objects

Question 11

S3 has atomic updates

Answer 11

You get new data or old data.

Don’t get partial or corrupted data

Question 12

S3 is a key-value store

object based and objects consist of what?

Answer 12

Key - filename of object (salt if many files w/similar names)
Value - data of file
Version ID
Metadata
Subresources (2 types ACL’s and Torrent (bit torrent)

Question 13

S3 Availability, as-built

Answer 13

Built for 99.99%

Question 14

S3 Availability, guaranteed by Amazon (SLA)

Answer 14

99.9%

Question 15

S3 Durability

Answer 15

eleven nines

99.999999999%

Question 16

Lifecycle Management

Answer 16

Move data based on age to cheaper/slower/archival storage

Question 17

Does S3 support versioning?

Answer 17

Yes

Question 18

Does S3 support Encryption?

Answer 18

Yes

Multiple methods

Question 19

Two ways to secure data in S3

Answer 19

Access Control Lists

Bucket Policies

Question 20

S3 Storage Tier / Class: S3 Standard

Answer 20

99.99% Availability
eleven nines durability
stored redundantly across multiple devices in multiple facilities and can sustain loss of 2 facilities concurrently

Question 21

S3 Storage Tier / Class: IA (infrequently accessed)

Answer 21

99.9% Availability
eleven nines durability
For data accessed infrequently but requires rapid access
Cheaper than S3
Charged retrieval fee

Question 22

S3 Storage Tier / Class: RRS (Reduced Redundancy Storage)

Answer 22

99.99% Availability
99.99% Durability
Use for data that can be regenerated (thumbnails)

Question 23

S3 Storage Tier / Class: Glacier

Answer 23

99.9% Availability (after restore)
eleven nines durability
Archival only
Takes 3-5 hours to restore
Very cheap, has retrieval fee

Question 24

What are you charged for with S3?

Answer 24

storage
requests
storage management pricing (tags)
data transfer pricing (moving data within S3, inter-region)
transfer acceleration

Question 25

S3 Transfer Acceleration

Answer 25

enables fast, easy, secure transfer of files over long distances between users and an S3 bucket.

Utilizes global CLOUDFRONT edge locations, then gets routed to S3 over optimized path

Question 26

Data consistency model for S3 overwrite puts and deletes

Answer 26

Eventual Consistency for OVERWRITE PUTS and DELETES

can take some time because changes propagate across the redundant storage

Question 27

S3 Version, do you pay for each stored version?

Answer 27

Yes

Question 28

What happens when you delete an object that has versioning enabled

Answer 28

It puts a delete marker on the object, but doesn’t remove it

Question 29

Can versioning be disabled?

Answer 29

No. Only suspended. Have to delete bucket to fully remove versioning

Question 30

Does versioning integrate with lifecycle rules?

Answer 30

yes

Question 31

Does versioning integrate with lifecycle management?

Answer 31

yes

Question 32

Does cross-region replication require versioning?

Answer 32

yes

Question 33

Does cross-region replication require versioning?

Answer 33

yes

Question 34

Rules for transitioning to IA storage class

Answer 34

128Kb and 30 days after creation date

Question 35

Rules for archiving to Glacier storage class

Answer 35

30 days after going to IA.

If not using IA, can go immediately after going into S3

Question 36

Cloudfront edge location

Answer 36

where content is cached

Question 37

Cloudfront origin

Answer 37

origin of all files the CDN will distribute
Route 53
S3 bucket
EC2 instance
ELB

Question 38

Cloudfront Distribution

Answer 38

Name of the CDN, consists of collection of edge locations

Question 39

Web distribution

Answer 39

for websites

Question 40

RTMP distributions

Answer 40

media streaming

Question 41

Are edge locations read-only

Answer 41

no.

can write to them

Question 42

How long are objects cached on Edge location

Answer 42

depends on the TTL

default is 24 hours

Question 43

Are you charged for clearing cached objects at edge locations?

Answer 43

yes

Question 44

What are the access controls on new buckets?

Answer 44

private

Question 45

2 methods to secure buckets

Answer 45

Bucket Policies

Access Control Lists

Question 46

Can you configure S3 buckets to create access logs?

Answer 46

yes. Send them to another bucket

Question 47

Server side encryption (SSE) options

Answer 47

S3 managed keys: SSE-S3. Amazon managed keys. Uses AES 256

AWS KMS: SSE-KMS
Like SSE-S3 but more options, more expensive
Provides audit trail of key usage

Customer Provided keys: SSE-C

Question 48

File Gateway

Answer 48

Uses NFS

For storing flat files on S3

Question 49

Volume Gateway - Stored Volumes

Answer 49

iSCSI storage. Block based storage
Presents your apps with disk volumes using iSCSI
1GB - 16TB volume size
Entire dataset stored on-site and asynchronously backed up to S3
Data can be stored as EBS snapshots

Question 50

Volume Gateway - Cached Volumes

Answer 50

iSCSI storage. Block based storage.
1GB - 32TB volume size
Entire dataset stored on S3.
most frequently accessed data cached on site.

Question 51

Gateway Virtual Tape Library (VTL)

Answer 51

Used for backups

iSCSI presentation to backup programs

Question 52

Snowball Standard

Answer 52

Storage
Starts at 50TB
AES-256

Question 53

Snowball Edge

Answer 53

Storage and compute (can run Lambda)

mini version of AWS data center

Question 54

Snowmobile

Answer 54

100 Petabytes, in 40 foot trailer

Question 55

S3 transfer acceleration

Answer 55

people upload to edge location, then it goes to S3

Question 56

S3 transfer acceleration

Answer 56

people upload to edge location, then it goes to S3
Uses unique URL
like bucketname.s3-accelerate.amazonaws.com

Question 57

How to speed uploads to S3

Answer 57

use multipart upload

Question 58

How to speed uploads to S3. Allows larger files.

Answer 58

use multipart upload

Question 59

Default amount of buckets per account

Answer 59

100

Question 60

Do individual objects inherit the bucket’s tags?

Answer 60

No

Question 61

What can you use MFA delete for in S3 versioning?

Answer 61

changing version state of your bucket

permanently deleting an object version

Question 62

Are existing files in a bucket replicated automatically?

Answer 62

No.

All subsequent files replicate automatically

Question 63

Are delete markers replicated?

Answer 63

yes

Question 64

Can you replicate to multiple buckets?

Answer 64

No

Question 65

Are individual versions or delete markers replicated?

Answer 65

No

Question 66

Can you use Use Signed URLs or

Signed Cookies to restrict access to cloud front or S3?

Answer 66

Yes

Question 67

Can ACL’s apply to individual objects as well as buckets?

Answer 67

yes

Question 68

Client Side encryption options

Answer 68

encrypt data yourself and upload to S3

Question 69

AWS Storage Gateway

Answer 69

local software appliance that connects local IT environment to AWS storage

Question 70

General Info on Volumes Gateway

Answer 70

Uses iSCSI
Block Based Storage
Could use for running Operating systems, databases, etc.

Question 71

URL Format for static website in S3

Answer 71

yourbucketname.s3-website-yourregion.amazonaws.com

Question 72

S3 Rate “limits”

Answer 72

100 PUT / LIST / DELETE requests per second

300 GETS per second

S3 will autoscale but if you expect more than 300 and 800, contact support to prepare for workload

Question 73

When to use S3 performance recommendations?

Answer 73

(for routinely > 100 requests per second)

Question 74

What workloads do you use appropriate key names for, to ensure better performance?

Answer 74

mixed GET, PUT, DELETE or Get Bucket requests

Question 75

What workloads do you use Cloudront CDN for, to improve perfomance?

Answer 75

when workload is mostly GET requests

Question 76

What do you do with file names (key names) to improve performance?

Answer 76

Give files random names to avoid sequential key names

ie salt them with a hex hash prefix

Question 77

Why do sequential file names cause performance problems?

Answer 77

They can all get stored in the same index, and rapid operations can overwhelm that particular disk IO

Randomizing them spreads out the workload

Question 78

IAM Policies

Type of Access Control for accounts and users

Answer 78

AWS Account-Level Control - NO

User-Level Control - YES

Question 79

ACL’s

Type of Access Control for accounts and users

Answer 79

AWS Account-Level Control - YES

User-Level Control - NO

Question 80

Bucket Policies

Type of Access Control for accounts and users

Answer 80

AWS Account-Level Control - YES

User-Level Control - YES