S3 101 Flashcards
What does S3 stand for?
Simple Storage Service
What is S3 used for?
- S3 provides developers + IT teams w/ secure, durable, highly-scalable object storage.
- retrieve and store any amount of data from anywhere on the web
What type of storage does S3 use?
S3 uses Object-based storage – i.e. allows you to upload files
What size limitations are there for individual S3 objects? What about aggregate limitations?
- S3 files can be from 0 Bytes to 5 TB.
- There is no aggregate limitation
What are S3 buckets? What are they used for?
S3 buckets store files. (Think of them like a file folder)
What type of namespace does S3 use?
S3 uses a universal namespace. That is, names must be globally unique.
When you successfully upload a file to S3, what will you receive back?
an HTTP 200 code
What are the components of an S3 object? What do each of these components represent?
An S3 object consists of the following:
- Key (The name of the object)
- Value (the data, made up of a sequence of bytes)
- Version ID (Important for versioning/version control)
- Metadata (data about data you are storing)
- Subresources (Access Control Lists, Torrent)
How does S3 keep data consistent?
- Read after Write consistency for PUTS of new Objects
- Eventual Consistency for overwrite PUTS and DELETES (takes some time to propagate)
For what % availability was the S3 platform built?
99.99%
What % availability does Amazon guarantee for S3 Standard?
99.9%
What % durability does Amazon guarantee for S3 Standard information?
99.999999999% durability (11 9’s)
What are the key features of S3?
(V MELTS)
- Versioning
- MFA Delete
- Encryption
- Lifecycle Management
- Tiered Storage
- Secure Data using Access Control Lists and Bucket Policies
What are the key features of S3 Standard?
- 99.99% Avail
- 11 9’s Durability
- Stored redundantly across multiple devices in multiple facilities,
- designed to sustain the loss of 2 facilities concurrently
What does the “IA” stand for in S3-IA?
Infrequently Accessed
What type of data is best stored in S3-IA?
S3-IA is best for data that is not accessed frequently, but requires rapid access when needed
What is the pricing structure of S3-IA? Specifically, how does it differ from that of S3 Standard?
- S3-IA has a lower base storage fee than S3 Standard.
- However, S3-IA charges a retrieval fee.
What are the key differences between S3-IA and S3 One Zone - IA?
Compared to S3-IA, S3 One Zone- IA has lower cost but less durability.
- S3 One Zone-IA is a lower-cost option for IA data
- S3 One Zone-IA does not give the multiple Availability Zone resilience of S3 standard and S3 IA.
What is S3 - Intelligent Tiering?
S3 Intelligent tiering uses ML and is designed to optimize costs by automatically moving data to the most cost-effective access tier, without performance impact or operational overhead. (Basically, it’s the autopilot mode for S3 tiering)
What is S3 Glacier primarily used for?
S3 Glacier is mostly used for data archival at low-cost
How long does it take to retrieve something from S3 Glacier?
Retrieval times from S3 Glacier are configurable and range from minutes to hours
What is S3 Glacier Deep Archive?
S3 Glacier Deep Archive is S3’s lowest-cost storage class
How long does it take to retrieve something from S3 Glacier Deep Archive?
S3 Glacier Deep Archive is for cases where a retrieval time of 12 hours is acceptable.
What are the areas on which you are charged for using S3?
- Storage (amount you are storing)
- Requests
- Storage Management Pricing (Tier)
- Data Transfer
- Transfer Acceleration
- Cross - Region Replication
What is Transfer Acceleration?
- Used for fast, easy, secure transfers over long distances between end user and an S3 bucket
- Uses CloudFront’s globally distributed edge locations: as data arrives at an edge location, data is routed to S3 over an optimized network path
What is the format of the DNS name created for an S3 bucket in a specific region?
“http://s3.aws-region.amazonaws.com/bucketName”
OR
“http://bucketname.s3.aws-region.amazonaws.com”
(<a>https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro</a>)
What would you use to install an operating system on S3?
S3 is NOT suitable to install an operating system on.
How can I help, at a bucket-configuration level, to protect against someone going in and deleting data from S3?
Turn on MFA Delete
How does the pricing model work for S3 Intelligent Tiering
Very similar to S3 Standard EXCEPT
- you have access to IA which is less expensive
- There is a monitoring / automation cost per thousand objects per month
What are the default access control permissions for newly created buckets?
By default, all newly created buckets are PRIVATE
How can I set up access control to buckets?
- Bucket Policies
- Access Control Lists (object-specific)
How can I set up my S3 bucket to log all requests made to it?
S3 buckets can be configured to create access logs, which log all requests made to the S3 bucket.
What are AWS Organizations?
AWS Organizations is an account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage.
What is Consolidated Billing? How would I set it up? What are three major advantages to it?
Consolidated Billing is an advantage of AWS Organizations. The three major advantages are:
- One Bill per AWS account
- Very easy to track changes & allocate costs
- Volume Pricing Discount – the more you use, the lower your rate
What are two forms of best practices for a root account with AWS organizations?
- Always enable multi-factor authentication on a root account
- Always use a strong and complex password on a root account
How can I enable/disable AWS services for either the organizational level or on individual accounts?
Enable/Disable AWS services using Service Control Policies (SCPs) either on Organizational Units or on individual accounts
What is the difference between Bucket Policies and Bucket ACLs as it relates to sharing S3 buckets across accounts?
- Bucket Policies apply across the entire bucket
- Bucket ACLs apply to individual objects
Which method of sharing S3 buckets across accounts is the only one that provides both Programatic and Console access?
Cross-account IAM Roles