IAM & S3

Question 1

Are credentials region centric in IAM, when created?

Answer 1

No, it is universal

Question 2

Are delete markers replicated

Answer 2

yes

Question 3

Are deletions (delete markers) replicated in Cross Region Replication Replication?

Answer 3

Yes

Question 4

Are edge location read only?

Answer 4

No, you can write and it will replicate to origin

Question 5

Are Edge locations writable?

Answer 5

Yes

Question 6

Are IAM configurations global or regional?

Answer 6

Global

Question 7

Are lifecycle rules available only for the current version?

Answer 7

No. Lifecycle rules are also available for previous versions.

Question 8

Are S3 buckets by default public or private?

Answer 8

By default, all newly created buckets are private (and also all objects stored inside them)

Question 9

Are the Access Key ID/Secret Access Key like a password?

Answer 9

No, you cannot use the Access Key ID/Secret Access Key to login to the AWS Console. You can use this to access AWS via the APIs and Command Line however.

Question 10

Are the deletions of delete markers replicated in Region Replication Replication?

Answer 10

No

Question 11

Are the deletions of individual versions replicated in Region Replication Replication?

Answer 11

No

Question 12

By default all buckets are public?

Answer 12

No

Question 13

By default, when you create a new user in the IAM console, what level of access do they have?

Answer 13

No access to any AWS service

Question 14

Can be versioning on S3 disabled?

Answer 14

No. It can only be suspended

Question 15

Can Cross Region Replication be used between buckets of the same region?

Answer 15

No

Question 16

Can Cross Region Replication be used to replicate to multiple buckets or use daisy chaining?

Answer 16

No

Question 17

Can folders in S3 be tagged?

Answer 17

No. Folders don’t really exist on S3. In Amazon S3, buckets and objects are the primary resources, where objects are stored in buckets. Amazon S3 has a flat structure with no hierarchy like you would see in a file system. However, for the sake of organizational simplicity, the Amazon S3 console supports the folder concept as a means of grouping objects. Amazon S3 does this by using a shared name prefix for objects (that is, objects that have names that begin with a common string). Object names are also referred to as key names. For example, you can create a folder in the console called photos, and store an object named myphoto.jpg in it. The object is then stored with the key name photos/myphoto.jpg, where photos/ is the prefix.

Question 18

Can lifecycle policies capture versions also?

Answer 18

Yes

Question 19

Can S3 be used to host static websites?

Answer 19

Yes (serverless, very cheap, scales automatically, no dynamic site hosting)

Question 20

Can you clear data from edge cache?

Answer 20

Yes, but at a cost

Question 21

Can you configure multiple bucket replication?

Answer 21

no

Question 22

Can you create and customize your own password rotation policies?

Answer 22

Yes

Question 23

Can you have two buckets with the same name?

Answer 23

No. S3 is a universal namespace and names must be globally unique

Question 24

Can you install a DB in S3?

Answer 24

No. Its object based not block based

Question 25

Can you log in to the AWS web console using the Access Key Id and Secret Access Key?

Answer 25

No. You must generate a password for the user and supply the user with this password, as well as the unique link to sign in to the AWS console.

Question 26

Data consistency model of Amazon S3

Answer 26

Amazon S3 buckets in all Regions provide read-after-write consistency for PUTS of new objects and eventual consistency for overwrite PUTS and DELETES.

Question 27

Describe the S3 consistency model

Answer 27

Read after write consistency for PUTS of new objectsEventual consistency for overwrite PUTS and DELETES

Question 28

Do I need to know the final object size in advance to use Multipart Upload?

Answer 28

No. With Multipart Upload you can begin an upload before you know the final object size - You can upload an object as you are creating it.

Question 29

Do objects within the bucket inherit the bucket tags?

Answer 29

No

Question 30

Do you need versioning enabled to use a lifecycle policy?

Answer 30

No

Question 31

Does an edge location have to be in a defined region?

Answer 31

No

Question 32

Does Multipart Upload deliver improved throughput?

Answer 32

Yes. You can upload parts in parallel to improve throughput.

Question 33

Does Multipart Upload deliver quick recovery from network issues?

Answer 33

Yes. Smaller part size minimizes the impact of restarting a failed upload due to a network error.

Question 34

Does Multipart Upload deliver the ability to append data into an open data file?

Answer 34

No

Question 35

Does Multipart Upload deliver the ability to pause and resume object uploads?

Answer 35

“Yes”. You can upload object parts over time. Once you initiate a multipart upload there is no expiry; you must explicitly complete or abort the multipart upload. Then, “pause and resume object uploads” means “pausing in between parts” (but you would need to implement this manually).

Question 36

Does versioning is required for Lifecycle rules?

Answer 36

No. Lifecycle rules can be used in conjunction with versioning but is not required

Question 37

Glacier Expedited Retrievals retrieval time

Answer 37

1-5 minutes (for a flat rate of $0.03 per GB retrieved)

Question 38

Groups

Answer 38

A way to group our users and apply policies to them collectively

Question 39

How am I charged for accessing Amazon S3 through the AWS Management Console?

Answer 39

Normal Amazon S3 pricing applies when accessing the service through the AWS Management Console.

Question 40

How am I charged for using Versioning?

Answer 40

Normal Amazon S3 rates apply for every version of an object stored or requested.

Question 41

How can I delete large numbers of objects?

Answer 41

You can use Multi-Object Delete to delete large numbers of objects from Amazon S3. This feature allows you to send multiple object keys in a single request to speed up your deletes. Amazon does not charge you for using Multi-Object Delete.

Question 42

How can you audit the access to S3 resources?

Answer 42

S3 buckets can be configured to create access logs which log all requests made to the S3 bucket. This can be done to another bucket (even in another AWS account)

Question 43

How can you setup access control to a bucket?

Answer 43

Using: - Bucket policies - Access control lists

Question 44

How do you secure S3 buckets?

Answer 44

Bucket policies and S3

Question 45

How does Gateway Virtual Tape Library work?

Answer 45

Virtual tape infrastructure to replace physical tapes

Question 46

How does Volume Gateway/Cached Volumes work?

Answer 46

Entire dataset is stored on S3 and the most frequently accessed data is cached on site

Question 47

How does Volume Gateway/Stored Volumes work?

Answer 47

Entire dataset is stored on site and is asynchronously backed up to S3

Question 48

How is distributed the AWS Storage Gateway software?

Answer 48

Is available for download as a VM image that you instal on a host on your datacenter (VMWare ESXi or Microsoft Hyper-V).

Question 49

How is S3 date encrypted in transit?

Answer 49

SSL/TLS

Question 50

How many S3 buckets can be created in an account by default?

Answer 50

100

Question 51

How many times can you view the Access Key ID/Secret Access Key when created?

Answer 51

Once. If you lose them, you have to regenerate them, so save them in a secure location.

Question 52

How much time is needed to restore from Glacier?

Answer 52

Between 3 and 5 hours

Question 53

How to control access to buckets?

Answer 53

ACLbucket policy

Question 54

IAM consists of:

Answer 54

Users, Groups, Roles, Policy Documents

Question 55

In what language are policy documents written in?

Answer 55

JSON

Question 56

Is S3 object or block based storage?

Answer 56

Object

Question 57

Is S3 object or block based?

Answer 57

S3 is object based

Question 58

Is S3 versioning incremental?

Answer 58

No. Stores all versions of an object.

Question 59

Is there a hard limit of PUT/POST/DELETE per second in S3? What’s an expected “limit” for PUT/POST/DELETEs and GETs per second in S3?

Answer 59

There’s no hard limit (there was a hard limit of 100 PUTs per second until 2018). Your application can achieve at least 3,500 PUT/POST/DELETE and 5,500 GET requests per second per prefix in a bucket. There are no limits to the number of prefixes in a bucket. It is simple to increase your read or write performance exponentially. For example, if you create 10 prefixes in an Amazon S3 bucket to parallelize reads, you could scale your read performance to 55,000 read requests per second.

Question 60

Objects in the distribution are cahce for the life of what?

Answer 60

TTL

Question 61

One way to copy the contents of a bucket to another?

Answer 61

Using the CLI: aws s3 –recursive s3://src s3://dst

Question 62

Policy documents are written in

Answer 62

JSON, represented by a key-value pair

Question 63

Power User access allows….

Answer 63

Access to all AWS services except for management of groups and users within IAM.

Question 64

S3 durability

Answer 64

99.999999999% (11 x 9s) (Legacy S3-RRS was 99.99%)

Question 65

S3 EC2 instances, ELB or R53 can all be what in relation to Cloudfront?

Answer 65

Origins

Question 66

S3 min and max files size?

Answer 66

0-5TB

Question 67

S3 storage class for scenario requiring maximum durability and minimum cost? S3 standard, S3 One Zona-IA or S3 RRS?

Answer 67

S3 One Zona-IA. It has the same durability as S3 standard (but reduced availability) and RRS is deprecated (and more expensive).

Question 68

S3 storage class for scenario requiring minimum cost and immediate access without mattering if some objects are lost. S3 RRS, S3 IA or Glacier?

Answer 68

S3 IA. Legacy S3-RRS is the most expensive one now and is deprecated. Glacier is not intended for direct access.

Question 69

Scope of the S3 buckets names

Answer 69

Bucket names must be unique globally.

Question 70

Should you set up MFA on your root account?

Answer 70

ALWAYS!

Question 71

Storage limit in S3

Answer 71

There is unlimited storage in S3

Question 72

True or false. A new bucket is publically available and permissions are wide open.

Answer 72

false

Question 73

True or False.Newly created buckets are private

Answer 73

True

Question 74

True or false: You can replicate buckets in the same region

Answer 74

false

Question 75

Using SAML you can give your federated users SSO access to the AWS Management Console (true or false)

Answer 75

True

Question 76

What actions can be done with Lifecycle Rules?

Answer 76

Transition to Standard-IA Transition to One Zone-IA Archive to Glacier Permanently delete

Question 77

What are Amazon S3 event notifications?

Answer 77

Amazon S3 event notifications can be sent in response to actions in Amazon S3 like PUTs, POSTs, COPYs, or DELETEs. Notification messages can be sent through either Amazon SNS, Amazon SQS, or directly to AWS Lambda.

Question 78

What are IAM groups?

Answer 78

A collection of users under a set of permissions

Question 79

What are IAM roles?

Answer 79

IAM roles are a secure way to grant permissions to entities that you trust, such as: - IAM user in another account - Application code running on an EC2 instance that needs to perform actions on AWS resources - Etc.

Question 80

What are new users assigned when first created?

Answer 80

Access Key ID, Secret Access Key

Question 81

What are the attributes of S3 versioning?

Answer 81

Stores all versionsgreat for backupsversioning cannot be disabled, only suspendedIntegrates with lifecycle rulesMFA delete provides and additional layer of security

Question 82

What are the characteristics of cached volume gateway service?

Answer 82

caches frequently accessed data on-siteminimizes on-prem storageMax 32 TBiSCSIStored in S3

Question 83

What are the characteristics of snowball edge

Answer 83

100 TBContains compute as well as storage

Question 84

What are the characteristics of snowmobile?

Answer 84

45 foot container100 PB storage

Question 85

What are the characteristics of tape gateway

Answer 85

leverage existing tape backuppreconfigured media changer and tape drives

Question 86

What are the characteristics of the file gateway service?

Answer 86

VM deployed onsiteFiles stored as objects in S3 bucketsperms are stored in the S3 user-metadata of the objectObjects can be managed like any other S3 object

Question 87

What are the characteristics of the snowball service?

Answer 87

Disk appliance80 TB max

Question 88

What are the characteristics of the stored volume volume gateway service?

Answer 88

VM deployed onsiteOnprem virtual disk that backs up to AWSpresents an application with disk volumesISCSI block-based storageUses on-prem storagecan be synchronously backed up with snapshot and stored on EBS

Question 89

What are the core fundamentals of S3?

Answer 89

key (name)Value (data)version ID (metadata)MetadataSubresources - ACL and torrent

Question 90

What are the costs associated with S3?

Answer 90

Storage Requests Storage Management Pricing (tags) Data Transfer Pricing (on cross-region replication) Transfer Acceleration (using CloudFront)

Question 91

What are the file size limits in S3?

Answer 91

Files can be from 0 bytes to 5 TB.

Question 92

What are the five types of storage gateways?

Answer 92

File gateway (NFS)Volume gateway (iSCSI)-stored volumes-cached volumesVTL gateway (VTL)

Question 93

What are the key components of cloud front?

Answer 93

Edge locations

OriginDistributions

Question 94

What are the possible configurations on an S3 object?

Answer 94

Details: - Storage class - Server side encryption Permissions Metadata Tags

Question 95

What are the S3 object permissions?

Answer 95

OwnerAccountsPublic

Question 96

What are the S3 tiers?

Answer 96

S3 Standard

S3 - IA

S3 One Zone -IA

S3 - Intelligent Tiering

S3 - Glacier

S3 - Glacier Deep Archive

Question 97

What are the security features of a snowball?

Answer 97

256 bit encrypt.TPM ensures security and chain of custody

Question 98

What are the three types of server-side encryption at rest?

Answer 98

S3 managed keys - SS3-S3AWS Key mgmt - SSE-KMSserver-side encryption with customer-provided keys - SSE-CClient-side encryption

Question 99

What are the three types of snowballs?

Answer 99

snowballsnowball edgesnowmobile

Question 100

What are the two types of cloudfront distributions?

Answer 100

Web and RTMP

Question 101

What are the two types of volume gateways?

Answer 101

stored volumes and cached volumes

Question 102

What are the types of AWS Storage Gateway?

Answer 102

File Gateway

Volume Gateway-Stored Volumes

Volume Gateway-Cached

Volumes Gateway Virtual Tape Library (VTL)

Question 103

What are the types of distributions?

Answer 103

Web and RTMP

Question 104

What are the use cases for snowball edge

Answer 104

import/exporttemp storage or support workloads in remote sites

Question 105

What are you asked when creating a bucket?

Answer 105

Bucket name, region, etc.

Question 106

What aws service would be best for a static website?

Answer 106

S3

Question 107

What can versioning integrate with to provide enhanced data protection?

Answer 107

lifecycle rules

Question 108

What can you use to secure buckets?

Answer 108

Bucket policies and ACLs

Question 109

What determines a time data will live in the edge location?

Answer 109

TTL

Question 110

What do I have to take into account if I plan to use S3 static website hosting with Route53?

Answer 110

The bucket name must be equals to the domain name.

Question 111

What does a CDN do?

Answer 111

It stores and delivers data to users based on geographic location to ensure reduced latency

Question 112

What does read after write consistency mean?

Answer 112

The file is available immediately after writing

Question 113

What does S3 stands for?

Answer 113

Simple Storage Service

Question 114

What encryption does S3 manage keys - SS3-S3use?

Answer 114

AES256

Question 115

What encryption methods are supported for “in transfer” S3 resources?

Answer 115

SSL/TLS

Question 116

What encryption methods are supported for the Server Side Encryption (“at rest”) of S3 resources?

Answer 116

SSE-S3 (Managed keys) SSE-KMS (Key Management Service) SSE-C (Customer Provided Keys)

Question 117

What happens whe an item is written to an edge location?

Answer 117

It is sent to the origin

Question 118

What import/export destinies/sources are supported by Snowball?

Answer 118

Import to S3 Export from S3

Question 119

What is a distribution made up of?

Answer 119

Edge locations

Question 120

What is a distribution?

Answer 120

A collection of edge locations

Question 121

What is an additional way to secure IAM for both the root login and new users alike?

Answer 121

Implement MFA (multi factor authentication) for all accounts

Question 122

What is an alternative to upload big objects to S3 apart from a single PUT?

Answer 122

The Multipart Upload API

Question 123

What is an edge location?

Answer 123

A location where content will be cached?

Question 124

What is an origin?

Answer 124

Data source, S3 bucket EC2 instance or ELB

Question 125

What is an S3 lifecycle policy?

Answer 125

A mechanism to transition data to tiered storage.

Question 126

What is AWS Storage Gateway?

Answer 126

AWS Storage Gateway is a service that connects an on-premises software appliance with cloud-based storage to provide seamless and secure integration between your on-premises IT environment and the AWS storage infrastructure in the cloud.

Question 127

What is AWS storage GW?

Answer 127

a software service connects on-prem storage to AWS cloud storage

Question 128

What is client side encryption?

Answer 128

Data is encrypted then uploaded to S3

Question 129

What is cloudfront?

Answer 129

It is a CDN content delivery network

Question 130

What is one of the formats of the S3 objects URL?

Answer 130

https://s3-[region].amazonaws.com/[bucketName]

Question 131

What is required for Cross Region Replication?

Answer 131

Versioning enabled on the source and target buckets

Question 132

What is required to enable cross region replication?

Answer 132

versioning on both sidesunique regions

Question 133

What is RTMP used for

Answer 133

media streaming

Question 134

What is S3 acceleration?

Answer 134

Leverages cloudfront edge locations to accelerate S3 uploads. Distinct URL

Question 135

What is S3 Transfer Acceleration?

Answer 135

Instead of uploading directly to your S3 bucket, you can use a distinct URL to upload directly to an Edge Location which will then transfer the file to S3

Question 136

What is s3 versoning?

Answer 136

stores all versions of an object ( including writes and deletes)

Question 137

What is snowball?

Answer 137

AMS import export service

Question 138

What is the consistency for overwrite of PUTS and deletes for S3?

Answer 138

Eventual consistency

Question 139

What is the consistency of puts for S3

Answer 139

read after write consistency

Question 140

What is the guarantee durability of S3

Answer 140

99.999999999%

Question 141

What is the HTTP PUT size limit in S3?

Answer 141

5G

Question 142

What is the max size for cached volume gateway storage?

Answer 142

32 TB

Question 143

What is the max file min file size eligible for transition?

Answer 143

128Kb

Question 144

What is the max size of store volumes?

Answer 144

16 TB

Question 145

What is the proper format for a s3bucket name?

Answer 145

Https://s3-region.amazonaws/bucketname

Question 146

What is the S3 availability SLA

Answer 146

99.9

Question 147

What is the S3 bucket url format?

Answer 147

region.amazonaws.com/bucket name

Question 148

What level of access does the root account has? (Read only, Power user, Administrator or No access)

Answer 148

Administrator access

Question 149

What S3 class is lowest cost and does not have redundancy?

Answer 149

S3 one zone - IA

Question 150

What S3 classes changes a retrieval fee?

Answer 150

S3 IA

Question 151

What serivce will provide an HTTP 200 status code and when?

Answer 151

S3 when uploading files

Question 152

What service utilizes the edge network to accelerate uploads to S3?

Answer 152

S3 transfer acceleration

Question 153

What snowball version has compute services?

Answer 153

Snowball edge

Question 154

What storage solution would you use for data archive?

Answer 154

Glacier

Question 155

What type of in transit encryption does S3 use?

Answer 155

SSL/TLS

Question 156

What type of locations cache content in cloudfront

Answer 156

Edge locations

Question 157

What type of storage gateway would you use for file storage?

Answer 157

File gateway

Question 158

What type of storage gateway would you use for installing an OS?

Answer 158

Volume gateway (iSCSI)

Question 159

What types of Snowball exist?

Answer 159

Snowball Snowball Edge (with computing capabilities) Snowmobile (truck)

Question 160

What was AWS Import/Export Disk? (deprecated)

Answer 160

An Import/Export service where the customer sent his disks to AWS in order to: * Import to EBS * Import to S3 * Import to Glacier * Export from S3

Question 161

What would you use volume gateway for?

Answer 161

block based storage

Question 162

What’s an additional security measure to prevent accidental deletions of S3 objects?

Answer 162

Versioning’s MFA delete capability

Question 163

What’s the HTTP status code for a successful S3 write?

Answer 163

HTTP 200 OK

Question 164

When can an object be transferred to Glacier with Lifecycle rules?

Answer 164

30 days after IA (Standard or One Zone) or 1 day after created (if not IA)

Question 165

When can an object be transferred to IA (Standard or One Zone) with Lifecycle rules?

Answer 165

30 days after the creation date

Question 166

When editing permissions (policies and ACLs), to whom does the concept of the “Owner” refer?

Answer 166

The “Owner” refers to the identity and email address used to create the AWS account.

Question 167

When is the Root account created and what access does it have?

Answer 167

account created when first setup your AWS account. It has complete Admin access

Question 168

When performing cross region replication are delete markers replicated?

Answer 168

yes

Question 169

When performing cross region replication are existing files in the bucket previous to configuration replicated?

Answer 169

no

Question 170

When users are first created, they have

Answer 170

NO permissions

Question 171

When would you use file gateway

Answer 171

flat files

Question 172

When you activate Cross Region Replication, does existing objects are replicated?

Answer 172

No. Existing objects will not be replicated. Cross-Region Replication replicates every future upload of every object to another bucket.

Question 173

Which is the URL format for S3 static website hosting?

Answer 173

http://s3-[region].amazonaws.com/bucketname

Question 174

Which storage gateway service retains 100% of all data onsite?

Answer 174

Stored volume gateway

Question 175

Will deleted individual version or delete markers be replicated?

Answer 175

No

Question 176

Will you be charged to clear objects in a cloudfront distribution?

Answer 176

Yes

Question 177

You delete an object in a bucket. Will that deletion marker in versioning be replicated?

Answer 177

Yes

Question 178

You have an S3 bucket and want to provide an additional layer of protection from accidental deletion?

Answer 178

MFA delete

Question 179

You have just setup a lifecycle policy. You notice not all files were transitioned to the next tier. Why?

Answer 179

The files creation date must be older than 30 days and the file larger than 128KB

Question 180

You manually copy over items from one bucket to another. Items at the source were publically available, but are not at the destination. Why?

Answer 180

The object is copied but not permissions.

Question 181

You need a storage gateway but have limited disk space on-prem, but need to ensure any frequently requested data is readily available. Which storage gateway should you use?

Answer 181

cached volumes

Question 182

You need to a storage gateway that will ensure all data that may be required is readily available. Which would you choose?

Answer 182

stored volumes

Question 183

You need to ensure encryption is enabled on your S3 bucket. Governance has indicated its required to capture an audit trail of all encrypts and decrypts with the key. What type of encryption would you recomend

Answer 183

AWS Key mgmt - SSE-KMS

Question 184

You need to ensure encryption is enabled on your S3 bucket. Governance has indicated its required to capture an audit trail of all encrypts and decrypts with the key. What type of encryption would you recommend

Answer 184

AWS Key mgmt - SSE-KMS

Question 185

You need to ensure encryption is enabled on your S3 bucket. You want to use an existing key What type of encryption would you recommend

Answer 185

AWS Key mgmt - SSE-KMS

Question 186

You need to ensure encryption is enabled on your S3 bucket. You want to manage the keys yourself. What type of encryption would you recommend

Answer 186

server side encryption with customer provided keys - SSE-C

Question 187

You want to ensure auditing of your buckets are enabled but are concerned the logs will take up to much space. Can the logs be redirected to another bucket?

Answer 187

Yes

Question 188

You’ve deleted an object in your source bucket. You observe this activity replicated to the destination bucket. You then go into versioning and delete the deletion marker. Will this change be replicated?

Answer 188

No

Question 189

You’ve enabled bucket cross-region replication. There are existing files there and you add some new files. When you check the destination, only the new files are present. Why?

Answer 189

Existing files on sources are not replicated after replication is enabled. Only new or changed files will be present at the destination

Question 190

You’ve enabled versioning. Can it be disabled?

Answer 190

No. only suspended

Question 191

You work for a major news network in Europe. They have just released a new mobile app that allows users to post their photos of newsworthy events in real time. Your organization expects this app to grow very quickly, essentially doubling its user base each month. The app uses S3 to store the images, and you are expecting sudden and sizable increases in traffic to S3 when a major news event takes place (as users will be uploading large amounts of content.) You need to keep your storage costs to a minimum, and it does not matter if some objects are lost. With these factors in mind, which storage media should you use to keep costs as low as possible?

Answer 191

S3 - One Zone-Infrequent Access

The key driver here is cost, so an awareness of cost is necessary to answer this. Full S3 is quite expensive at around $0.023 per GB for the lowest band. S3 standard IA is $0.0125 per GB, S3 One-Zone-IA is $0.01 per GB, and Legacy S3-RRS is around $0.024 per GB for the lowest band. Of the offered solutions SS3 One-Zone-IA is the cheapest suitable option. Glacier cannot be considered as it is not intended for direct access, however it comes in at around $0.004 per GB. Of course you spotted that RRS is being deprecated, and there is no such thing as S3 - Provisioned IOPS Further information: https://aws.amazon.com/s3/pricing/https://aws.amazon.com/s3/reduced-redundancy/

Question 192

You run a meme creation website that stores the original images in S3 and each meme’s meta data in DynamoDB. You need to decide upon a low-cost storage option for the memes, themselves. If a meme object is unavailable or lost, a Lambda function will automatically recreate it using the original file from S3 and the metadata from DynamoDB. Which storage solution should you use to store the non-critical, easily reproducible memes in the most cost effective way?

Answer 192

S3 - OneZone-IA is the recommended storage for when you want cheaper storage for infrequently accessed objects. It has the same durability but less availability. There can be cost implications if you use it frequently or use it for short lived storage. Glacier is cheaper, but has a long retrieval time. RRS has effectively been deprecated. It still exists but is not a service that AWS want to sell anymore. Further information: https://aws.amazon.com/s3/faqs/?nc=sn&loc=6https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html

Question 193

What is the availability of S3-OneZone-IA?

Answer 193

OneZone-IA is only stored in one Zone. While it has the same Durability, it may be less Available than normal S3 or S3-IA. Further information: https://aws.amazon.com/s3/storage-classes/?nc=sn&loc=3

Question 194

You work for a health insurance company that amasses a large number of patients’ health records. Each record will be used once when assessing a customer, and will then need to be securely stored for a period of 7 years. In some rare cases, you may need to retrieve this data within 24 hours of a claim being lodged. Given these requirements, which type of AWS storage would deliver the least expensive solution?

Answer 194

The recovery rate is a key decider. The record shortage must be; safe, durable, low cost, and the recovery can be slow. All features of Glacier. Further information: https://aws.amazon.com/s3/faqs/?nc=sn&loc=6https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html

Question 195

Which of the following options allows users to have secure access to private files located in S3? (Choose 3)

Answer 195

CloudFront Signed URLs

CloudFront Origin Access Identity

CloudFront Signed Cookies

Question 196

You work for a busy digital marketing company who currently store their data on premise. They are looking to migrate to AWS S3 and to store their data in buckets. Each bucket will be named after their individual customers, followed by a random series of letters and numbers. Once written to S3 the data is rarely changed, as it has already been sent to the end customer for them to use as they see fit. However on some occasions, customers may need certain files updated quickly, and this may be for work that has been done months or even years ago. You would need to be able to access this data immediately to make changes in that case, but you must also keep your storage costs extremely low. The data is not easily reproducible if lost. Which S3 storage class should you choose to minimise costs and to maximize retrieval times?

Answer 196

S3 - IA

he need to immediate access is an important requirement along with cost. Glacier has a long recovery time at a low cost or a shorter recovery time at a high cost, and 1Zone-IA has a lower Availability level which means that it may not be available when needed. Further information: https://aws.amazon.com/s3/storage-classes/?nc=sn&loc=3https://aws.amazon.com/blogs/aws/aws-storage-update-new-lower-cost-s3-storage-option-glacier-price-reduction/http://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html