Object Storage and CDN

Question 1

What type of storage is S3?

Answer 1

Object based i.e. allows you to upload files. Not suitable to install an OS on.

Question 2

File size range

Answer 2

0 bytes to 5 TB

Question 3

How much storage in S3?

Answer 3

Unlimited

Question 4

Files are stored in

Answer 4

Buckets

Question 5

When you register a bucket

Answer 5

S3 is a universal namespace, so names must be unique globally

Question 6

S3 bucket naming:

Answer 6

http://s3-aws-region.amazonaws.com/bucket

Question 7

Consistency for PUTS of new objects

Answer 7

Read After Write

Question 8

Consistency for overwrite PUTS and DELETES

Answer 8

Eventual

Question 9

S3 Storage Classes/Tiers

Answer 9

S3 Standard (immediately available, frequently accessed data)
S3 – Infrequently Accessed (immediately available, infrequently accessed data)
S3 One Zone - Infrequently Accessed (lower cost for IA, but multiple AZ is not required)
Glacier (archival, extremely cheap)

Question 10

Core fundamentals of S3

Answer 10

Key (name)
Value (data)
Version ID
Metadata
Subresources (ACLs)

Question 11

Versioning

Answer 11

Stores all versions of an object (including all writes and even if you delete an object), great backup tool

Question 12

Versioning costs

Answer 12

Pay for each version, since storage accumulates

Question 13

Once versioning is enabled

Answer 13

it cannot be disabled, only suspended. Only way to disable versioning is to delete and recreate the bucket

Question 14

Does versioning integrate with Lifecycle Rules?

Answer 14

Yes

Question 15

Does versioning have MFA Delete?

Answer 15

Yes, it provides an additional layer of security

Question 16

Cross Region Replication requirements:

Answer 16

versioning enabled on both source and destination bucket. only new files automatically replicated as well as all versions. permissions also replicated. if you restore object or delete individual versions, not replicated, chaining not allowed

Question 17

Can Lifecycle Management be used with versioning?

Answer 17

Can be used with versioning, but not required. Can be applied to current and previous versions.

Question 18

Lifecycle Management Actions

Answer 18

Transition to Standard - IA (128 kb and 30 days after creation date)
Archive to Glacier (30 days after IA, if relevant. 60 days after creation date, or you can move to Glacier day after object uploaded to S3)
Permanently Delete

Question 19

What is a Edge Location?

Answer 19

location where content will be cached. separate from an AZ/Region

Question 20

What is a Origin in relation to CDN?

Answer 20

origin of all files that the CDN will distribute. can either be an S3 bucket, EC2 instance, an ELB, or Route53

Question 21

What is a Distribution?

Answer 21

name given to the CDN which consists of a collection of edge locations

Question 22

What are the Distribution types?

Answer 22

Web Distribution (websites), RTMP (media streaming)

Question 23

Are edge locations read only?

Answer 23

No, you can write to them too

Question 24

How long are objects cached?

Answer 24

TTL

Question 25

Can you clear cached objects manually?

Answer 25

Yes, but you will be charged

Question 26

By default, all newly created buckets are

Answer 26

PRIVATE

Question 27

You can set up access control to your buckets using

Answer 27

Bucket Policies, ACLs

Question 28

What can you use to track Access Logging for S3 buckets?

Answer 28

S3 buckets can be configured to create access logs which log all request made to the S3 bucket. This can be done to another bucket

Question 29

Encryption types

Answer 29

In Transit, At Rest

Question 30

In Transit protocol

Answer 30

SSL/TLS

Question 31

At Rest encrypton

Answer 31

Server Side Encryption: -S3 Managed Keys (SSE-S3) -AWS Key Management Service, Managed Keys (SSE - KMS) -Server Side Encryption with Customer Provided Keys (SSE - C) Client Side Encryption

Question 32

S3 Managed Keys (SSE-S3)

Answer 32

each object encrypted with a unique key employing strong multifactor encryption. as additional safeguard, encrypts the key itself with a master key that rotates regularly (AES-256). AWS manages this

Question 33

AWS Key Management Service, Managed Keys (SSE - KMS)

Answer 33

similar to SSE-S3, has benefits + costs. allows use of an envelope key (key that protects encryption key). allows for audit trail

Question 34

Server Side Encryption with Customer Provided Keys (SSE - C)

Answer 34

You manage keys yourself, S3 manages encryption/decryption

Question 35

Client Side Encryption

Answer 35

You encrypt data on client side, upload to S3

Question 36

Storage Gateway Types

Answer 36

File Gateway - for flat files, stored directly on S3 Volume Gateway -Stored Volumes: Entire dataset stored on site and asynchronously backed up to S3 -Cached Volumes: Entire dataset stored on S3 and most frequently accessed data is cached on site Gateway Virtual Tape Library (VTL): used for backup and uses popular backup apps like NetBackup, Backup Exec, Veam etc

Question 37

Stored Volumes good for

Answer 37

connectivity issues, low latency

Question 38

Snowball types

Answer 38

Snowball (pure storage) Snowball Edge (storage + compute) Snowmobile

Question 39

Snowball Can

Answer 39

Import to S3, Export from S3

Question 40

You can speed up transfers to S3 using

Answer 40

S3 transfer acceleration. costs extra, and has the greatest impact on people who are far away

Question 41

S3 static websites

Answer 41

You can use S3 to host static websites, serverless, very cheap + scales automatically, cannot host dynamic sites

Question 42

Code for successful write to S3

Answer 42

HTTP 200

Question 43

How to load files to S3 much faster?

Answer 43

enable multipart upload