AWS S3 Flashcards
S3 core parts
What are S3 standard properties?
Versioning Server Access Logging Static website hosting Object level logging Default encryption
What are S3 advanced properties?
Object lock Tags Transfer Acceleration Events Requester Pays
What are versioning states?
Unversioned - default
Versioning enabled
Versioning suspended
How can versioning be removed?
Versioning cannot be removed. Once enabled it cannot be disabled but can be suspended. The old versions will remain and no new versions will be created in suspended state
What is the version of the objects that have uploaded before the versioning have been enabled?
Null
What happens when a versioned object is deleted?
All versions stay. A new version is created with ‘delete marker’. This ensures no object is returned when a GET request on the document is issued
What is the guarantee of Server Access Logging?
No guarantee. It is executed on a best effort basis
What inputs have to be provided to enable Server Access Logging?
Target Bucket
Prefix
Can I have target bucket in a different region?
No
Static web Hosting? Does it support HTTPS?
No. Only http. Bucket and contents must be marked as public. No Requester Pays
How to enable public access to contents in your bucket?
Through setting a bucket policy
What are the steps to Static Website Hosting?
Enable static website hosting
Add index.html file
Enable bucket for public access
Add bucket policy to access bucket contents
Which other AWS service is S3 object level logging closely related?
AWS CloudTrail
What is Default Encryption?
Encrypt objects uploaded to bucket
What happens to object uploaded prior to enabling default encryption?
They remain unencrypted
What options are provided in default encryption?
AES-256 => SSE-S3
KMS
When can object lock be enabled?
During creation time only
What other S3 feature should be enabled to enable object lock?
Versioning
How do I disable object lock?
Can’t be disabled
What are the object lock retention modes?
Governance mode
Compliance mode
What is the key difference between the governance mode and compliance mode?
Nobody can delete an object under compliance mode. Not even the root user during the retention period
Can I delete an object whose retention period has expired but has a legal hold on it?
No. Only when the legal hold has been removed
What are tags?
Tags are used to categorization. Also called cost allocation tags. Can be enabled in billing for reporting
Which AWS service does Transfer Acceleration use?
AWS CloudFront
For Transfer Acceleration to work what feature should your bucket name adhere to?
It should be DNS compliant
Which S3 operation Transfer Acceleration does not support?
GET service (list bucket)
PUT Bucket (create bucket)
DELETE Bucket
Cross Region copies using PUT Object
Where can S3 events be sent?
Lambda function
SNS Topic
SQS Queue
Which part of the cost is borne by the owner and which part by the Requester?
Owner - Storage
Requester - Requests, Data transfer
What types of HTTP requests are paid by the requester?
POST
GET
HEAD
What HTTP header key should be part of the GET request for requester pay enabled bucket?
x-amz-requester-payer>