S3

Question 1

What is S3?

Answer 1

Infinitely scaling storage. Allows people to store objects (files) in buckets (directories)

Question 2

How must S3 buckets be named?

Answer 2

Globally unique name (across all regions and all accounts)

1. No uppercase
2. No underscores
3. 3063 characters long
4. Not an IP
5. Must start with a lowercase letter or number

Question 3

Is S3 a global or regional service?

Answer 3

Global, but buckets are created in a region

Question 4

Are S3 buckets global or regional?

Answer 4

Region level

Question 5

What is an S3 Object key?

Answer 5

the full path

Question 6

What is an S3 Object key composed of?

Answer 6

prefix + object name

Question 7

What is max size of an S3 object?

Answer 7

5TB (5000GB)

Question 8

What do you do if you need to upload an object that is more than 5TB?

Answer 8

Multi-part upload

Question 9

What is S3 Object metadata?

Answer 9

List of text key / value pairs - system or user metadata

Question 10

What is S3 Object Tags?

Answer 10

Unicode key / value pair - up to 10

Useful for security / lifecycle

Question 11

Do all S3 Objects have a Version Id?

Answer 11

Only if versioning is enabled

Question 12

What are the types of S3 security?

Answer 12

1. User based
2. Resource based
3. Encryption

Question 13

What is used based security?

Answer 13

IAM policies - which API calls should be allowed for a specific user from IAM console

Question 14

What are the 3 types of resource based security?

Answer 14

1. Bucket Policies
2. Object Access Control List
3. Bucket Access Control List

Question 15

What are Bucket Policies?

Answer 15

Bucket wide rules from the S3 console - allow cross account

Question 16

What are Object Access Control Lists (ACL)?

Answer 16

Finer grain at object level

Question 17

When can an IAM principal access an S3 object?

Answer 17

1. The user IAM permissions allow it OR the resource policy ALLOWS it
2. AND there’s no explicit DENY

Question 18

What is Encryption S3 Security?

Answer 18

Encrypt objects in Amazon S3 using encryption keys

Question 19

How to allow EC2 Instance access to an S3 bucket? (from EC2 Instance side)

Answer 19

Create EC2 Instance Role that has attached IAM permissions

Question 20

Is there such thing as an IAM user for EC2 Instance?

Answer 20

No

Question 21

How to allow IAM user from another AWS account access to S3 bucket?

Answer 21

S3 bucket policy that allows cross-account access

Question 22

What is an S3 bucket policy made of?

Answer 22

It is a JSON based policy with:

1. Resources: buckets and objects
2. Actions: Set of API to Allow or Deny
3. Effect: Allow / Deny
4. Principle: The account or user to apply the policy to

Question 23

What situations would you use an S3 bucket policy?

Answer 23

1. Grant public access to the bucket
2. Force objects to be encrypted at upload
3. Grant access to another account (Cross Account)

Question 24

By default are S3 buckets access-able by the public?

Answer 24

No, there are settings created to prevent company data leaks

Question 25

Can S3 host websites?

Answer 25

Yes it can host static websites

Question 26

What will the website url for a S3 website be?

Answer 26

.s3-website-.amazonaws.com
OR
.s3-website..amazonaws.com

Question 27

What does it mean if you get a 403 error when trying to access you S3 website?

Answer 27

You need to make the bucket policy allow public reads

Question 28

What level is S3 versioning enabled at?

Answer 28

Bucket level

Question 29

What are the advantages of versioning your buckets?

Answer 29

1. Protect against unintended deletes (ability to restore a version)
2. Easy roll back to previous version

Question 30

Is it best practice to version S3 buckets?

Answer 30

Yes

Question 31

What will a file version be if it was created before versioning was enabled?

Answer 31

Will have version ‘null’

Question 32

Does suspending versioning delete the previous versions?

Answer 32

No

Question 33

What are S3 Access Logs?

Answer 33

When a request is sent to your bucket a log of the request is sent to a logging bucket that can be analyzed.

Question 34

What is S3 Replication (CRR)?

Answer 34

Cross Region Replication - used for compliance, lower latency access, replication across accounts

Question 35

What is S3 Replication (SRR)?

Answer 35

Same Region Replication - log aggregation, live replication between production and test accounts

Question 36

Can you do S3 replication to a bucket in a different account?

Answer 36

Yes

Question 37

Do you need versioning for S3 Replication?

Answer 37

Yes, in both source and destination

Question 38

For S3 Replication, is copying asynchronous?

Answer 38

Yes

Question 39

Are objects uploaded to S3 before replication is enabled copied over to the destination bucket?

Answer 39

No

Question 40

What are the S3 storage classes?

Answer 40

1. Amazon S3 Standard - General Purpose
2. Amazon S3 Standard-Infrequent Access (IA)
3. Amazon S3 One Zone-Infrequent Access
4. Amazon S3 Intelligent Tiering
5. Amazon glacier
6. Amazon Glacier Deep Archive

Question 41

What is S3 durability?

Answer 41

Very high, 99.99999999999 (11 9s) of objects across multiple AZ

Question 42

Does S3 durability change for various storage classes?

Answer 42

No

Question 43

What is S3 Availability?

Answer 43

Measures how readily available a service is. S3 standard has a 99.99% availability (not available 53 minutes a year)

Question 44

Does S3 Availability change for various storage classes?

Answer 44

Yes

Question 45

What is S3 Standard?

Answer 45

For general purpose. Low latency and high throughput.

Question 46

What is S3 Standard Availability?

Answer 46

99.99%

Question 47

How many concurrent facility failures can S3 standard sustain?

Answer 47

2

Question 48

What is S3 Infrequent Access (IA)

Answer 48

Suitable for data that is less frequently accessed, but requires rapid access when needed

Question 49

What is S3 Standard - Infrequent Access (IA) availability?

Answer 49

99.99%

Question 50

How many concurrent facility failures can S3 standard - Infrequent Access sustain?

Answer 50

2

Question 51

Is S3 Standard - Infrequent Access lower cost compared to Amazon S3 Standard?

Answer 51

Yes, but there is a retrieval fee

Question 52

Use cases for S3 Standard - Infrequent Access?

Answer 52

Data store for disaster recovery, backups

Question 53

What is S3 Intelligent - Tiering?

Answer 53

For when you don’t know if you should choose S3 Standard or S3 Standard - Infrequent Access. With same low latency and high throughput of S3 Standard
Moves objects between two access tiers based on changing access patterns (frequent access, infrequent access)

Question 54

What is S3 Intelligent Tiering Availability?

Answer 54

99.99%

Question 55

Is S3 Intellignet Tiering resilient?

Answer 55

Yes, resilient against events that impact an entire availability zone

Question 56

What is S3 One Zone - Infrequent Access?

Answer 56

Same as standard IA but data is stored in a single AZ.

Same low latency and high throughput performance

Question 57

What is S3 One Zone - Infrequent Access availability?

Answer 57

99.5%

Question 58

How does S3 One Zone - IA compare to S3-IA from a cost perspective?

Answer 58

Lower cost by 20%

Question 59

Use cases for S3 One Zone - IA

Answer 59

Storing secondary backup copies of on-premise data or storing data you can recreate

Question 60

What is Amazon Glacier and Glacier Deep Archive

Answer 60

Low cost object storage (in GB/month) meant for archiving / backup. Data is retained for long term (years)

Question 61

What are Amazon Glacier retrieval options?

Answer 61

1. Expedited (1-5 minutes)
2. Standard (3-5 hours)
3. Bulk (5-12 hours)

Question 62

What are Amazon Glacier Deep Archive retrieval options?

Answer 62

1. Standard (12 hours)

2. Bulk (48 hours)

Question 63

Can you move between storage classes in S3?

Answer 63

Yes and moving objects can be automated using a lifecycle configuration

Question 64

What is S3 Object Lock?

Answer 64

Adopt a WORM model, block an object version deletion for a specified amount of time

Question 65

What is Glacier Vault Lock?

Answer 65

Adopt a WORM model. Lock the policy for future edits (can no longer be changed). Helpful for compliance and data retention

Question 66

What is the WORM model?

Answer 66

Write Once Ready Many

Question 67

What is AWS’s responsibility in the Shared Responsibility Model for S3?

Answer 67

1. Infrastructure (global security, durability, availability, sustain concurrent loss of data in two facilities)
2. Configuration and vulnerability analysis
3. Compliance validation

Question 68

What is your responsibility in the Shared Responsibility Model for S3?

Answer 68

1. S3 Versioning
2. S3 Bucket Policies
3. S3 Replication Setup
4. Logging and Monitoring
   5 S3 Storage Classes
5. Data encryption at rest and in transit

Question 69

What is AWS Snow Family?

Answer 69

Highly secure portable devices to collect and process data at the edge, and migrate data into and out of AWS

Question 70

What are the devices for snow family data migration?

Answer 70

1. Snowcone
2. Snowball Edge
3. Snowmoile

Question 71

What are the devices for snow family edge computing?

Answer 71

1. Snowcone

2. Snowball Edge

Question 72

Why use data migration with AWS Snow Family?

Answer 72

1. Limited connectivity
2. Limited bandwidth
3. High network cost
4. Shared bandwidth (can’t maximize the line)
5. Connection stability

Question 73

When should you use Snowball device?

Answer 73

When it takes more than a week to transfer over the network

Question 74

How does a Snowball device work?

Answer 74

AWS sends you a physical device in the mail, you use it to get the data, then you send it back to them

Question 75

What is Snowball edge (for data transfers)?

Answer 75

Physical data transport solution : move TBs or PBs of data in or out of AWS. Provide block storage and Amazon S-3 Compatible object storage

Question 76

How do you pay with Snowball edge (for data transfer)?

Answer 76

Pay per data transfer job

Question 77

What are the three types of snowball edge devices?

Answer 77

1. Snowball Edge Storage Optimized
2. Snowball Edge Compute Optimized
3. Snowball Edge Compute Optimized with GPU

Question 78

What is Snowball Edge Storage Optimized?

Answer 78

80TB of HDD capacity for block volume and S3 compatible object storage

Question 79

What is Snowball Edge Compute Optimized?

Answer 79

42 TB of HDD capacity for block volume and S3 compatible object storage

Question 80

What is use case for Snowball Edge (for data transfers)?

Answer 80

Large data cloud migrations, disaster recovery

Question 81

What is AWS Snowcone?

Answer 81

Small, portable computing hardware, anywhere, rugged & secure, withstands harsh environments. Used for edge computing, storage, and data transfer

Question 82

Is AWS Snowcone heavy?

Answer 82

No very light

Question 83

Does AWS Snowcone come with it’s own battery and cables?

Answer 83

No

Question 84

How do you get data from AWS Snowcone to AWS?

Answer 84

Can send back to AWS offline, or connect it to internet and use AWS DataSync to send data

Question 85

What is AWS Snowmobile?

Answer 85

Literally a truck. Transfer exabytes of data (1 EB = 1,000 PB = 1,000,000 TBs). Has 100PB of capacity (use multiple in parallel). High security, temperature controlled, GPS, 24/7 video surveillance.

Question 86

When to use AWS Snowmobile?

Answer 86

When you transfer more than 10PB

Question 87

What is the usage process for Snow Family?

Answer 87

1. Request Snowball device from the AWS console for delivery
2. Install the snowball client / AWS OpsHub on your servers
3. Connect the snowball to your servers and copy files using the client
4. Ship back the device when you’re done (goes to the right AWS facility)
5. Data will be loaded into an S3 bucket
6. Snowball is completely wiped

Question 88

What is Edge Computing With Snow Family?

Answer 88

Process data while it’s being created on an edge location. Setup a Snowball Edge / Snowcone device to do the computing. Can be shipped back for data transfer if needed

Question 89

What are the use cases for Edge Computing with Snow Family?

Answer 89

1. Preprocess data
2. Machine learning at the edge
3. Transcoding media streams

Question 90

Are there pricing discounts for AWS Snow Family?

Answer 90

Yes 1 and 3 year discounts

Question 91

What is AWS OpsHub?

Answer 91

A software you install on your computer to manage your Snow Family Device

Question 92

What can Snow Family devices run?

Answer 92

EC2 Instances and AWS Lambda functions (using AWS IoT Greengrass)

Question 93

What is AWS Storage Gateway?

Answer 93

Bridge between on-premise data and cloud data in S3. Hybrid storage system to allow on-premises to seamlessly use the AWS Cloud

Question 94

What are the types of AWS Storage Gateway?

Answer 94

1. File Gateway
2. Volume Gateway
3. Tape Gateway

Question 95

Which S3 Storage Class is the most cost-effective for archiving data with no retrieval time requirement?

1. Amazon Glacier
2. Amazon Glacier Deep Archive
3. Amazon S3 Standard-Infrequent Access
4. Amazon S3 Intelligent Tiering

Answer 95

Amazon Glacier Deep Archive

Question 96

Which S3 feature should you use if you want to make sure that a policy will no longer be changed?

1. S3 Lifecycle Rules
2. S3 Object Lock
3. S3 Standard - Infrequent Access (IA)
4. S3 Glacier Vault Lock

Answer 96

S3 Glacier Vault Lock

Question 97

What hybrid AWS service is used to allow on-premises servers to seamlessly use the AWS Cloud at the storage layer?

1. Elastic Block Store
2. Snowball
3. S3
4. Storage Gateway

Answer 97

Storage Gateway

Question 98

Which of the following services is petabyte-scale data moving service (as a fleet) in or out of AWS with computing capabilities?

1. Snowcone
2. Snowball Edge
3. Snowmobile

Answer 98

Snowball Edge

Question 99

Which of the following is an exabytes-scale data moving service in or out of AWS?

1. Snowcone
2. Snowball Edge
3. Snowmobile

Answer 99

Snowmobile

Question 100

What are Objects NOT composed of?

1. Key
2. Value
3. Access Keys
4. Metadata

Answer 100

Access Keys

Question 101

Where are objects stored in Amazon S3?

1. Folders
2. Buckets
3. Files
   Bin

Answer 101

Buckets

Question 102

A research team deployed in a location with low-internet connection would like to move 5 Tbs of data to the Cloud? Which service can it use?

1. Storage Gateway
2. Snowball Edge
3. Snowcone
4. OpsHub

Answer 102

Snowcone

Question 103

What can you use to define actions to move S3 objects between different storage classes?

1. Scaling Policy
2. Bucket Policy
3. Lifecycle Rules
4. Replication

Answer 103

Lifecycle Rules

Question 104

A non-profit organization needs to regularly transfer petabytes of data to the cloud and to have access to local computing capacity. Which service can help with this task?

1. Snowball Edge - Storage Optimized
2. Snowball Edge - Compute Optimized
3. Snowcone
4. Snowmobile

Answer 104

Snowball Edge - Storage Optimized

Question 105

Which S3 Storage Class is suitable for less frequently accessed data, but with rapid access when needed, while keeping a high durability and allowing an Availability Zone failure?

1. Amazon S3 Standard - General Purpose
2. Amazon Glacier
3. Amazon S3 One-Zone-Infrequent Access
4. Amazon S3 Standard - Infrequent Access

Answer 105

Amazon S3 Standard - Infrequent Access