Module 4: Adding a storage layer with S3

Question 1

As a cloud engineer working with S3 :

Answer 1

Consider access pattern and use cases to choose the correct configuration options, while:

=> Optimising Cost
=> Supporting performance
=> Compliance

And as always, security best practices to protect the resources

Question 2

Type of storage

Answer 2

Block storage
Hierarchical storage (file storage)
Object storage

Question 3

Block storage

Answer 3

data stored in fixed block. The application ships the block and store them where is the most efficient. Blocks can be stored accross servers and on different OS.

Question 4

File storage

Answer 4

File storage creates a shared file system. The data is stored in a hierarchical structure. Similar to One drive for example

Question 5

Object storage

Answer 5

Object storage stores files as object based on attributes and meta data.
An object is data, metadata and a key.
he object key is the unique identifier of the object. When you update an object the entire object is updated

Question 6

Difference object storage vs block storage

Answer 6

In object storage, the entire object must be updated when there is a change to the data. While in Block storage, only part of the data can be changed.

Question 7

Amazon Simple Storage Services (S3)

Answer 7

Object storage. Stores massive amounts of unstructured data

Question 8

Type of storage and what is it stored in with S3

Answer 8

Object storage, stored in buckets

Question 9

Max size of a single object?

Answer 9

5TB

Question 10

indentifier in S3

Answer 10

Unique URL for each object (universal namespace)

Question 11

Component of objects

Answer 11

key, version ID, value, metadata and subresources

Question 12

What does immutable means

Answer 12

It’s the charateristic of an object. You can’t change part of it you have to change the whole object outside of S3

Question 13

What are buckets for?

Answer 13

Container of objects. They organize the Amazon S3 namespace and identify the account in charge of the objects stored in it.

Question 14

Bucket Geography

Answer 14

Regional. Objects stored in a bucket never leave the region unless they are explicitely transfered to another region

Question 15

what is a prefix in a bucket ?

Answer 15

similar to a path name, when querying for a prefix it will return the files with a similar path name /photos/2022 for example

Question 16

S3 Benefits

Answer 16

Durability
Availability
High performance

Question 17

How Durable is S3?

Answer 17

S3 standard storage has 11 nines (99.999999999% of durability) meaning that every year there is a 0.000000001 percent chance of losing an object.

Question 18

Why is S3 so durable?

Answer 18

S3 redundantly stores objects on multiple devices accross multiple facilities in the designated region. It detects and repair failures by comparing files stored in different places. It verifies the integrity of the data by using check sums

Question 19

How available is S3?

Answer 19

S3 provides 4 nines of availability 99.99%. Meaning the ability to access the data quickly when you want it. Out of 10000 request one would not succeed. It is also scalable (unlimited storage) and gives the ability to encrypt data.

Question 20

Why is S3 high performing?

Answer 20

thousands of transactions per second. Scales to high requests.

Question 21

S3 use cases:

Answer 21

1) Host web content: Use high availability and high performance to address fluctuating and potentially high traffic to the data
2) Static site: Simple storage of html files, videos images…
3) financial (or other) analysis: Stor data that other services can use for analysis
4) Disaster recovery

Question 22

S3 example of media hosting

Answer 22

S3 caching video content through cloud front to make data available more quickly to a user streaming it, whil another user downloads it directly.

Question 23

Do you need to provision storage for s3?

Answer 23

No it scales at need

Question 24

Static vs dynamic website

Answer 24

on static website the content is statiy and might include client side script. On dynamic website it relies on server side scripts such as PHP, JSP or ASP. S3 does not support server-side scripting. Other AWS services do.

Question 25

Static website with S3

Answer 25

You can host everything on S3 for a static website no need to have a server, nor a virtual machine

Question 26

S3 for analysis

Answer 26

Load the raw data in a bucket. Use ETL tool to transform it. (provision an EC2 server for that and use Splot fleet or EMR cluster). Return the transformed data to a new bucket. terminate the instance used for ETL. Perform your analysis on the objects stred into the second bucket. (Athena or Quicksight given as example for analysis)

Question 27

S3 for disaster recovery

Answer 27

Store everything in one s3 bucket. Replicate in another one in another region. Additionnally you can move long term data to S3 Glacier.

Question 28

What is cross region replication

Answer 28

Duplicate data in another Bucket, in another region

Question 29

What permission do I need to store something in S3

Answer 29

Write permissions

Question 30

Objects encrypted by default in S3 (true/False)

Answer 30

True and false. Encrypted with server side encryption at upload and decrypted at download but must be enabled

Question 31

4 ways to upload on S3

Answer 31

AWS management console
AWS Command Line Interface (AWS CLI)
AWS Softwae Devlopment Kit (SDK)
Amazon S3 Rest API

Question 32

Uploading an object through the console

Answer 32

Use a wizard (UX) based approach to move data in or out of S including drag and drop option. the limit for the management console is 160 GB.

Question 33

File size limitation to upload through the management console?

Answer 33

160GB

Question 34

For size larger than 160GB?

Answer 34

Use CLI, SDK, or Rest API

Question 35

CLI and S3?

Answer 35

Use command line interface to prompt for an upload or download through a script

Question 36

SDK and S3

Answer 36

Programmatically code the access to S3 in your applications

Question 37

API and S3

Answer 37

Use put request to upload and get request to download. API access can be embeded into application codes.

Question 38

You want to upload a big file to S3 or a file for which you know there is a chance of failure in the upload. What can you use?

Answer 38

Multipart upload

Question 39

What is multipart upload?

Answer 39

The object is separated into mulitple part, reassembled and then stored into a bucket

Question 40

Advantages of multipart upload?

Answer 40

Improved throughput: Uploaded in parallel means quicker storage
Recover quickly from network issues
Pause and resume upload.
Begin an upload as the object is still being built

Question 41

S3 transfer acceleration

Answer 41

Bucket level feature that optimizes transfer speeds . Uses Cloudfront and edge location to optimize the network path

Question 42

Why use trnasfer accelerations?

Answer 42

Your customers upload to a centralized bucket?
You transfer gigabytes or terabytes regularly accross continents?
You can’t use all your bandwith when uploading?

Question 43

About acceleration: The further from the S3 bucket

Answer 43

The better the acceleration

Question 44

AWS transfer Family

Answer 44

Fully managed trasnfer service

Question 45

For what services is AWS transfer Family available?

Answer 45

Amazon S3 Storage
Amazon Elastic File System (EFS)
Network File System (NFS)

Question 46

Protocoles supported by the Transfer Family

Answer 46

Secure Shell (SSH)
File Transfer Protocol
Secure File Transfer Protocol
Applicability Statement 2 (AS2)

Question 47

Transfer Family Benefits

Answer 47

Managed service that scales
you don’t need to modify your app or run file transfer protocol infrastructure.
everythinng is managed and included into the AWS family
Only pay for what you use

Question 48

Use case of transfer family for S3

Answer 48

Data lakes for upload from third parties
Subscription based data distribution with customers
Internal transfers within org

Question 49

Use case of transfer family for Elastic File System (EFS)

Answer 49

Data distribution
Supply Chain
Content Management
Web Serving application

Question 50

Type of S3 storage

Answer 50

General Purpose
Intelligent Tiering
Infrequent access
Archive

Question 51

S3 General purpose

Answer 51

Suitable for frequent access due to high availability and low latency. Durability accross at least 3 AZ

Question 52

S3 Intelligent tiering

Answer 52

Automatically adjust the storage type of the objects, depending on access frequency to move it to the most cost effective tier.

Question 53

S3 Infrequent access

Answer 53

Standard infrequent access:
Similar to Stabdard but run on another cost model. There is a standard 30 days storage fee and the cost is higher to retreive the data.
One Zone Infrequent access:
low cost opiton, availability and resiliency not so needed. Good choice for secondary back up that you can recreate, or back up from another region.

Question 54

S3 Archive

Answer 54

Glacier instant retrieval: Rarely access data needing still to be accessed rapidly

Glacier Flexible retrieval: Needs the possiblity to access large dataset 1-2 times a year. some latency in accessing the data

Glacier deep archive: Long term retention for rarely accessed data. Good for customer needing to keep older data for compliance

S3 on outpost: S3 infrstructure for data that needs to be stored close to the customer. Kind of renting the hardware and having it on permise. So not quite cloud. (If I get it right)

Question 55

Storage duration charge for Infrequent Access ?

Answer 55

30 days

Question 56

Storage duration charge for Glacier ?

Answer 56

90 days or 180 days for deep archive

Question 57

Number of AZ with S3

Answer 57

> = 3 except S One Zone IA where it’s one.

Question 58

S3 and retrieval charges

Answer 58

Retrieval charges per GB retrieved apply except for standard and intelligent tiering

Question 59

What is an S3 lifecycle configuration ?

Answer 59

It’s a policy determining the transition of an object from one storage class to another. E.g: No access over the last 30 days => Infrequent access.
No access and object last access more than x month ago => deletion

Lifecycle transition or expiration have associated costs

Question 60

Type of lifecycle operations ?

Answer 60

Transition
Or
Expiration

At objetct or Bucket level

Question 61

Advantage of lifecycle on S3

Answer 61

The cycling reduces the cost as you pay less for data the further it loses in relevance for you.

Question 62

Lifecycle use case

Answer 62

1. Delete automatically logs after 30 days
2. Documents are stored in standard for 60 days, in infrequently accessed for 1 year, in Glacier for 7 years, then deleted

Question 63

S3 Versioning use case

Answer 63

Protect for accidental overwrite and delets
Enables recovery

Question 64

At what level is versioning enabled

Answer 64

At the bucket level

Question 65

How does versioning works

Answer 65

Each object has a Version ID and new publication of the object increment the version id by 1. The previous object is not overwritten. When deleted Amazon simply adds a “deleted” marker. But the object remains.

Question 66

Is versioning enabled by default ?

Answer 66

No

Question 67

What mechanism allows for object retrieval in Versioning?

Answer 67

The version ID

Question 68

Can I recover the object if versioning is Suspended?

Answer 68

No

Question 69

Can I recover a deleted object with versioning ?

Answer 69

Yes

Question 70

What is the cost of versioning

Answer 70

None except for storage cost

Question 71

What issue may you face trying to get an object if the most recent version of it has a delete marker ?

Answer 71

It will not succeed and return a 404 not Found error.
If you use a GET request specifying the version then you can access the object

Question 72

How to permanantly delete an object when versioning is active ?

Answer 72

You must be the owner of the bucket and specify the version of the object you want to delete.

Question 73

What is the meaning of CORS

Answer 73

Cross Origin Resource Sharing

Question 74

What is Cross Origin Resource Sharing?

Answer 74

It’s an XML document in which are written:

The origins: Resources enabled to access your document
The Operations (HTTP methods) that will support each origin
Additional operation specific information

Question 75

What is Cross Origin Resource Sharing used for

Answer 75

It’s a way for client web application to access storage of another application

Question 76

Example of CORS

Answer 76

You have a web font that you use for a website. You want another one to access this resources you create a CORS allowing your second website to access the ressource of the first websote

Question 77

What is strong consistency

Answer 77

A mechanism ensuring that object put on the bucket are consistent with what has been effectively transfered. Read-after-write. Allows to not have to make the checks yourself and provision the infrastructure to do it.

It simplifies the migration of on permises workloads.

It is by default

Question 78

Outside of the by default capacity of S3 for strong consistency another Amazon Service allows for consistency control. What’s the name of the service ?

Answer 78

S3Guard

Question 79

S3 default security configuration

Answer 79

Objects are private and protected by default
Encryption is configured by default
Default encryption: S3 managed keys (SSE-S3)

Question 80

When sharing S3 access

Answer 80

Manage and control the access.
Use least priviledge principle

Question 81

Are new S objects encrypted in transit?

Answer 81

NO but they are encrypted at rest

Question 82

Default S3 encrpytion

Answer 82

S3 Managed Keys (SSE-S3)

Question 83

Can I use another encryption than SSE-S3 ?

Answer 83

Yes use AWS KMS (Key management Services) for:
Server side encryption (SSE-KMS)
OR
Dual layer server side encryption (DSSE-KMS)
OR
Customer provided key (SSE-C)

Question 84

Can I protect data in transit ?

Answer 84

Yes but yo need client side encryption for that. It happens before being transfered to S3

Question 85

Tools for protecting Buckets and object

Answer 85

Block public access option
IAM policies
ACL (Access Control Lists)
S3 Access Point
Preassigned URL (Time limited URL=
AWS Trusted advisor (provides bucket permission Check)

Question 86

ACL vs IAM

Answer 86

ACL predates IAM. Prefer IAM or be extra mindful or your ACL setup.

Question 87

Region choice for storage

Answer 87

Data privacy laws and compliance
Proximity of users
Service availability in the region
Cost effectinveness

Question 88

What is S3 inventory for?

Answer 88

Help manage storage
Use it to audit and report.

You can set up weekly reports and exports in different file formats (CSV, ORC….)

Question 89

Can I query S Inventory through a DBS?

Answer 89

Yes with Athena, or redshift for example but also other tools…

Question 90

Default pricing of S3

Answer 90

Pay for what you use:

Storage:
Per GB of objects stored per month.
Different pricing for region and storage class

Operation:
PUT; COPY; POST; LIST and lifecylce transition

Question 91

S3 has no charge for transfer

Answer 91

1)Out to the internet for up to 100GB a month
2) In from the internet
3) Between S3 Buckets
4) From an S3 bucket to any AWS service with the sae Region
5) Out to Cloud fromt

Question 92

Additional cost for intelligent tiering

Answer 92

Monthly monitoring and automation charge for each object

Question 93

S3 cost depends on

Answer 93

Object size, storage duration, storage class

Question 94

What are Ingest charges

Answer 94

Cost associated to request with PUT, COPY, POST or LIST request. Plus Lifecycle operations

Question 95

Encryption fees in S3.

Answer 95

No Fees for standard SSE-S3 or SSE-C Pay for encryption when using AWS KMS.
DSSE-KMS includes further charges for the second encryption layer

Question 96

Free tier in S3

Answer 96

Gb of storage. 20000 GET;2000 PUT,COPY, POST or LIST; 100 GB of data Transfer each month

Question 97

Well architected best practices,
Security Pillar for S3

Answer 97

Enfore Encryption at Rest
Enfore Access Control

Question 98

Well architected best practices,
Performance Efficiencyr for S3

Answer 98

Learn About and understand availavble cloud servicies and features
Factor cost into architectual decisions

Question 99

Well architected best practices,
Cost Optimization for S3

Answer 99

Perform cost analysis for different usage over time

Question 100

Reliability

Answer 100

Select the appropriate location and multi-lication devlopment if appropriate