AWS S3

Question 1

________ provides secure, durable, highly scalable object storage.

Answer 1

S3

Question 2

What are three key points about S3?

Answer 2

1. Object Storage
   S3 provides secure, durable, highly scalable object storage.
2. Scalable
   S3 allows you to store and retrieve any amount of data from anywhere on the web at a very low cost.
3. Simple
   Amazon S3 is easy to use, with a simple web service interface.

Question 3

S3 is _________ storage.

Answer 3

S3 is object-based storage.

Question 4

S3 manages data as _________.

Answer 4

S3 manages data as objects rather than in file systems or data blocks.

Question 5

True or False: You can upload any file type you can think of in S3.

Answer 5

True.

Question 6

Can you upload photos, videos, code, documents and text files into S3?

Answer 6

Yes.

Question 7

Can you run an operating system from S3?

Answer 7

No.

Question 8

Does S3 allow unlimited storage?

Answer 8

Yes.

The total volume of data and the number of objects you can store is unlimited.

Question 9

What’s the smallest and largest permitted size of objects stored in S3?

Answer 9

S3 objects can range in size from a minimum of 0 bytes to a maximum of 5 terabytes.

Question 10

In S3, files are stored in ________.

Answer 10

Buckets. In S3 files are stored in buckets (which is similar to folders).

Question 11

Define S3 “Universal Namespace” requirement.

Answer 11

Universal Namespace

All AWS accounts share the S3 namespace. Each S3 bucket name must be globally unique.

Question 12

In S3, the URL structure is:

https://_________.s3.Region.amazonaws.com/____

Answer 12

https: //bucket-name.s3.Region.amazonaws.com/key-name
https: //yourcompany.s3.Region.amazonaws.com/afilename.csv

Question 13

What HTTP code do you receive when you successfully upload a file to an S3 bucket?

Answer 13

200

You received HTTP 200 code when you successfully upload a file to an S3 bucket.

Question 14

What are the 4 aspects of S3 “Key-Value Store”?

Answer 14

1. Key - the name of the object (ralphie.jpg)
2. Value - the data itself, which is made up of a sequence of bytes
3. Version ID - important for storing multiple versions of the same object
4. Metadata - data about the data you are storing (e.g., content-type, last-modified, etc.)

Question 15

How does S3 make it a safe place to store your files?

Answer 15

S3 is a safe place to store your files because the data is spread across multiple devices and facilities to ensure availability and durability.

Question 16

What’s the details on S3’s availability and durability?

Answer 16

1. S3 is built for availability
   Built for 99.95% - 99.99% service availability, depending on the S3 tier.
2. S3 is designed for durability
   Designed for 99.99999999% (9 decimal places) durability for data stored in S3.

Question 17

True or False: S3 storage is designed for frequently accessed data.

Answer 17

True

Question 18

What kind of workloads is S3 suitable for?

Answer 18

S3 is suitable for most workloads.
It’s the default storage class.
Use cases include websites, content distribution, mobile and gaming applications, and big data analytics/

Question 19

Give some use cases for S3.

Answer 19

Use cases include:
. websites
. content distribution
. mobile and gaming applications
. big data analytics/

Question 20

There are 3 characteristics of S3: storage, lifecycle and versioning. Describe these.

Answer 20

1. Tiered Storage
   S3 offers a range of storage classes designed for different use cases.
2. Lifecycle Management
   Define rules to automatically transition objects to a cheaper storage tier or delete objects that are no longer required after a set period of time.
3. Versioning
   With versioning, all versions of an object are stored and can be retrieved, including deleted objects.

Question 21

True or False: You can’t recover a deleted object in S3.

Answer 21

False. If you have versioning turned on, you can remove the delete marker on the object to undelete it.

Question 22

True or False: You can setup up S3 to move unused objects to a different storage tier.

Answer 22

True.

With Lifecycle Management, you can define rules to automatically transition objects to a cheaper storage tier or delete objects that are no longer required after a set period of time.

Question 23

How do you secure S3 data?

Answer 23

1. Server-Side Encryption
   You can set default encryption on a bucket to encrypt all new objects when they are stored in the bucket.
2. Access Control Lists (ACLs)
   Define which AWS accounts or groups are granted access and the type of access. You can attach S3 ACLs to individual objects within a bucket.
3. Bucket Policies
   S3 bucket policies specify what actions are allowed or denied. (e.g., allow user Alice to PUT but not DELETE objects in the bucket).

Question 24

What are the two aspects of S3 read/write consistency?

Answer 24

Strong Read-After-Write Consistency

1. After a successful write of a new object (PUT) or an overwrite of an existing object, any subsequent ready request immediately receives the latest version of the object.
2. Strong consistency for list operations, so after a write, you can immediately perform a listing of the objects in a bucket with all changes reflected.

Question 25

S3 is is _______ ________ that allows you to upload files.

Answer 25

S3 is is object-based storage that allows you to upload files.

Question 26

Files can be up to ____ in size in S3.

Answer 26

Files can be up to 5TB. They can be from 0 bytes to 5TB.

Question 27

Is S3 suitable for database storage?

Answer 27

No. S3 is not suitable for install of an operating system or run a database on.

Question 28

Is there a limit on S3 storage?

Answer 28

No. The total volume of data and the number of objects you can store is unlimited.

Question 29

What is used to store S3 data?

Answer 29

Buckets.

Question 30

S3 is a ___________ namespace.

Answer 30

S3 is a universal namespace.

Question 31

How do you secure your S3 bucket?

Answer 31

1. Buckets are private by default. When you create an S3 bucket, it is private by default (including all objects within it). You have to allow public access on both the bucket and its objects in order to make the bucket public.
2. Object ACLs: You can make individual objects public using object ACLs.
3. Bucket policies: You can make entire buckets public using bucket policies.
4. When you upload an object to S3 and it’s successful, you will receive an HTTP 200 code.

Question 32

Can you host a website on S3?

Answer 32

Yes, as long as it is static.

Question 33

What are the requirements for hosting a static website on S3?

Answer 33

1. You can make entire buckets public using bucket policies.
2. You can use S3 to host static content only (not dynamic).
3. S3 scales automatically with demand.

Question 34

What are the 5 exam tips for Versioning S3 Object?

Answer 34

1. All versions of an object are stored in S3. This includes writes and even if you delete an object.
2. It can be a great backup tool.
3. Once enabled, versioning cannot be disabled - only suspended.
4. Versioning can be integrated with lifecycle rules.
5. Versioning can support multi-factor authentication.

Question 35

This S3 storage class is suitable for most workloads (e.g., websites, content distribution, mobile and gaming applications, and big data analytics).

Answer 35

S3 Standard

Can be shared among >= 3 AZs.

Question 36

This storage class is for long-term, infrequently access critical data (e.g., backups, data store for disaster recovery files, etc.)

Answer 36

S3 Standard-Infrequent Access

Can be shared among >=3 AZs.

Question 37

This storage class is for long-term, infrequently accessed, non-critical data.

Answer 37

S3 One Zone-Infrequent Access

Only stored in a single (1) AZ.

Question 38

This storage class is for long-term data archiving that occasionally needs to be access within a few hours or minutes.

Answer 38

S3 Glacier

Can be shared among >=3 AZs.

Question 39

This storage class is for rarely accessed data archiving with a default retrieval time of 12 hours (e.g., financial records for regulatory purposes).

Answer 39

S3 Glacier Deep Dive

Can be shared among >=3 AZs.

Question 40

This storage class is for unknown or unpredictable access patterns.

Answer 40

S3 Intelligent-Tiering

Can be shared among >=3 AZs.

Question 41

This S3 storage class only uses a single AZ.

Answer 41

S3 One Zone - Infrequent Access

Question 42

List the 6 storage classes in S3.

Answer 42

1. S3 Standard
2. S3 Standard - Infrequent Access
3. S3 One Zone - Infrequent Access
4. S3 Glacier
5. S3 Glacier Deep Archive
6. S3 Intelligent-Tiering

Question 43

True or False: All storage classes except S3 Glacier provide 11 9’s (99.999999999%) of durability.

Answer 43

False. ALL storage classes provide 11 9’s durability.

Question 44

Which storage classes provide only 99.9% Availability?

Answer 44

1. S3 Standard - Infrequent Access

2. S3 Intelligent-Tiering

Question 45

What storage class provides the lowest availability and what’s the percentage?

Answer 45

S3 One Zone - Infrequent Access

Provides 99.5% availability.

Question 46

What are the 3 tips for Lifecycle Management?

Answer 46

1. Lifecycle manage automates moving your objects between the different storage tiers.
2. It can be used in conjunction with versioning.
3. It can be applied to current versions and previous versions.

Question 47

What are the 3 highlights of “S3 Object Lock and Glacier Vault Lock”?

Answer 47

1. Use S3 Object Lock to store objects using a write once, read many (WORM) model.
2. Object Lock can be on individual objects or applied across the bucket as a whole.
3. Object Lock comes in two modes: governance mode and compliance mode.

Question 48

What does S3’s ‘governance’ mode do?

Answer 48

With governance mode, users can’t overwrite or delete an object version or alter its lock settings unless they have special permissions.

Question 49

What does S3’s “compliance mode” do?

Answer 49

With compliance mode, a protected object version can’t be overwritten or deleted by any user, including the root user in your AWS account.

Question 50

What does S3 Glacier Vault Lock do?

Answer 50

S3 Glacier Vault Lock allows you to easily deploy and enforce compliance controls for individual S3 Glacier Vaults with a vault lock policy. You can specify controls, such as WORM, in a vault lock policy and lock the policy from future edits. Once locked, the policy can no longer be changed.

Question 51

What protocols are used to encrypt S3 files in transit?

Answer 51

SSL/TLS

HTTPS

Question 52

What types of encryption can be applied to files at rest in S3?

Answer 52

. Server-side encryption
. SSE-S3 (AES 256-bit)
. SSE-KMS
. SSE-C

Question 53

What server side encryption method is equivalent to AES 256-bit?

Answer 53

SSE-S3

Question 54

What is client-side encryption?

Answer 54

Client-side encryption is where you encrypt the files yourself before you upload them to S3.

Question 55

How do you enforce encryption with a Bucket Policy?

Answer 55

You enforce encryption with a bucket policy. The bucket policy would need to deny all PUT requests that don’t include the x-amz-server-side-encryption parameter in the request header.

Question 56

What is the purpose of putting x-amz-server-side-encryption parameter in a PUT request header?

Answer 56

You’d use the x-amz-server-side-encryption parameter in a PUT request header to ENFORCE ENCRYPTION via the BUCKET POLICY.

Question 57

What are the three high-level methods of optimizing performance within S3?

Answer 57

1. Folder structure (structured folder method helps ‘index’ the data in a way)
   mybucketname/folder1/subfolder1/myfile.jpg > /folder/subfolder1
2. You can also achieve a high number of requests using the proper folder structure. For example 3,500 PUT/COPY/POST/DELETE and 5,500 GET/HEAD requests per seconds, per prefix (bucket folder).
3. You can get better performance by spreading your reads across different prefixes. For example, if you are using 2 prefixes, you can achieve 11,000 requests per second.

Question 58

When using SSE-KMS to encrypt your objects, what are the limits?

Answer 58

1. Uploading/downloading will count towards the KMS quota.
2. Region-specific, however, it’s either 5,500, 10,000 or 30,000 requests per second.
3. (There used to be a limit where you can’t ask for a KMS quota increase, but it’s now available.)

Question 59

Multipart uploads in S3 require or help with these things:

Answer 59

Multipart Uploads:

1. Increase performance when uploading files to S3.
2. Should be used for any files over 100MB and must be used for any file over 5GB.
3. Use S3 byte-range fetches to increase performance when downloading files to S3.

Question 60

You have files that are greater than 5GB to upload to S3. What must you do to upload the files?

Answer 60

Use multipart uploads.

Multipart uploads should be used for any files over 100MB and must be used for any file over 5GB.

Question 61

What is S3 Replication?

Answer 61

S3 Replication:

1. Is where you replicate objects from one bucket to another.
2. However, objects in an existing bucket are not replicated automatically.
3. And delete markers are not replicated by default.

Question 62

Are delete markers replicated by default?

Answer 62

No.

Question 63

Are objects in an existing bucket replicated automatically?

Answer 63

No.

Question 64

If you want to persistently copy files from one bucket to another, you’d use this service.

Answer 64

S3 Replication

Question 65

Can you replicate within the same region?

Answer 65

Yes.

Question 66

Can you replicate across regions?

Answer 66

Yes.