Object Storage and CDN

Question 1

What type of storage is S3?

Answer 1

Object based i.e. allows you to upload files. Not suitable to install an OS on.

Question 2

File size range

Answer 2

0 bytes to 5 TB

Question 3

How much storage in S3?

Answer 3

Unlimited

Question 4

Files are stored in

Answer 4

Buckets

Question 5

When you register a bucket

Answer 5

S3 is a universal namespace, so names must be unique globally

Question 6

S3 bucket naming in N. Virginia:

Answer 6

http: //bucket.s3.amazonaws.com
http: //s3.amazonaws.com/bucket

Question 7

S3 bucket naming in other regions:

Answer 7

http: //bucket.s3-aws-region.amazonaws.com
http: //s3-aws-region.amazonaws.com/bucket

Question 8

Consistency for PUTS of new objects

Answer 8

Read After Write

Question 9

Consistency for overwrite PUTS and DELETES

Answer 9

Eventual

Question 10

S3 Storage Classes/Tiers

Answer 10

S3 Standard (immediately available, frequently accessed data)
S3 – Infrequently Accessed (immediately available, infrequently accessed data)
Reduced Redundancy Storage (easily reproducible data)
Glacier (archival, extremely cheap)

Question 11

Core fundamentals of S3

Answer 11

Key (name)
Value (data)
Version ID
Metadata
Subresources (ACLs)

Question 12

Versioning

Answer 12

Stores all versions of an object (including all writes and even if you delete an object), great backup tool

Question 13

Versioning costs

Answer 13

Pay for each version, since storage accumulates

Question 14

Once versioning is enabled

Answer 14

it cannot be disabled, only suspended. Only way to disable versioning is to delete and recreate the bucket

Question 15

Does versioning integrate with Lifecycle Rules?

Answer 15

Yes

Question 16

Does versioning have MFA Delete?

Answer 16

Yes, it provides an additional layer of security

Question 17

Cross Region Replication requirements:

Answer 17

versioning enabled on both source and destination bucket. only new files automatically replicated as well as all versions. permissions also replicated. if you restore object or delete individual versions, not replicated, chaining not allowed

Question 18

Lifecycle Management

Answer 18

Can be used with versioning, but not required. Can be applied to current and previous versions.

Question 19

Lifecycle Management Actions

Answer 19

Transition to Standard - IA (128 kb and 30 days after creation date)
Archive to Glacier (30 days after IA, if relevant. 60 days after creation date, or you can move to Glacier day after object uploaded to S3)
Permanently Delete

Question 20

Edge Location

Answer 20

location where content will be cached. separate from an AZ/Region

Question 21

Origin

Answer 21

origin of all files that the CDN will distribute. can either be an S3 bucket, EC2 instance, an ELB, or Route53

Question 22

Distribution

Answer 22

name given to the CDN which consists of a collection of edge locations

Question 23

Distribution types

Answer 23

Web Distribution (websites), RTMP (media streaming)

Question 24

Are edge locations read only?

Answer 24

No, you can write to them too

Question 25

How long are objects cached?

Answer 25

TTL

Question 26

Can you clear cached objects manually?

Answer 26

Yes, but you will be charged

Question 27

By default, all newly created buckets are

Answer 27

PRIVATE

Question 28

You can set up access control to your buckets using

Answer 28

Bucket Policies, ACLs

Question 29

Access Logging

Answer 29

S3 buckets can be configured to create access logs which log all request made to the S3 bucket. This can be done to another bucket

Question 30

Encryption types

Answer 30

In Transit, At Rest

Question 31

In Transit protocol

Answer 31

SSL/TLS

Question 32

At Rest

Answer 32

Server Side Encryption:
-S3 Managed Keys (SSE-S3)
-AWS Key Management Service, Managed Keys (SSE - KMS)
-Server Side Encryption with Customer Provided Keys (SSE - C)
Client Side Encryption

Question 33

S3 Managed Keys (SSE-S3)

Answer 33

each object encrypted with a unique key employing strong multifactor encryption. as additional safeguard, encrypts the key itself with a master key that rotates regularly (AES-256). AWS manages this

Question 34

AWS Key Management Service, Managed Keys (SSE - KMS)

Answer 34

similar to SSE-S3, has benefits + costs. allows use of an envelope key (key that protects encryption key). allows for audit trail

Question 35

Server Side Encryption with Customer Provided Keys (SSE - C)

Answer 35

You manage keys yourself, S3 manages encryption/decryption

Question 36

Client Side Encryption

Answer 36

You encrypt data on client side, upload to S3

Question 37

Storage Gateway Types

Answer 37

File Gateway - for flat files, stored directly on S3
Volume Gateway
-Stored Volumes: Entire dataset stored on site and asynchronously backed up to S3
-Cached Volumes: Entire dataset stored on S3 and most frequently accessed data is cached on site
Gateway Virtual Tape Library (VTL): used for backup and uses popular backup apps like NetBackup, Backup Exec, Veam etc

Question 38

Stored Volumes good for

Answer 38

connectivity issues, low latency

Question 39

Snowball types

Answer 39

Snowball (pure storage)
Snowball Edge (storage + compute)
Snowmobile

Question 40

Snowball Can

Answer 40

Import to S3, Export from S3

Question 41

You can speed up transfers to S3 using

Answer 41

S3 transfer acceleration. costs extra, and has the greatest impact on people who are far away

Question 42

S3 static websites

Answer 42

You can use S3 to host static websites, serverless, very cheap + scales automatically, cannot host dynamic sites

Question 43

successful write to S3

Answer 43

HTTP 200

Question 44

How to load files to S3 much faster?

Answer 44

enable multipart upload