S3

Question 1

A _______ is a container for objects.

Answer 1

bucket

Question 2

An _______ is a file and any metadata that describes that file

Answer 2

object

Question 3

Every object in Amazon S3 is stored in a _____

Answer 3

bucket

Question 4

Bucket name must be unique just within your account. T/F

Answer 4

False. Bucket name must be uniqueglobally/ within a partition - us, china, etc.,

Question 5

Character length of bucket.

Answer 5

3-63 characters.

Question 6

bucket name characters conditions.

Answer 6

Only lowercase, numbers, dots and hyphens; no upper case.

Question 7

Bucket name must begin with ?

Answer 7

lower case alphabet or a number

Question 8

Bucket name must end with ?

Answer 8

lower case alphabet or a number

Question 9

Use IP address format for Website buckets. T/F

Answer 9

No. Bucket names must not be of IP address format

Question 10

Buckets used with ____________ can’t have dots in their names.

Answer 10

S3 Transfer Acceleration.

Question 11

Best practice is to avoid using dots except for

Answer 11

Buckets used only for static web hosting.

Question 12

In terms of implementation, buckets and objects are ___________ and we have unique ids called _________

Answer 12

AWS resources and ARN (Amazon Resource Names)

Question 13

The AWS account that creates a resource owns that resource. T/F

Answer 13

True

Question 14

If you create an IAM user in your AWS account and grant the user permission to create a bucket, the user can create a bucket. Now, who owns the bucket?

Answer 14

The user does not own the bucket; the AWS account that the user belongs to owns the bucket

Question 15

If you create an IAM user in your AWS account and grant the user permission to create a bucket, the user can create a bucket. Can the user perform other activities on the bucket?

Answer 15

No. The user needs additional permission from the resource owner to perform any other bucket operations.

Question 16

Public access is granted to buckets and objects through ____________ and ___________ or both.

Answer 16

access control lists (ACLs), and bucket policies,

Question 17

_____________ settings can override ACLs and bucket policies

Answer 17

Amazon S3 Block Public Access

Question 18

You can apply Block Public Access settings to _________buckets in your account.

Answer 18

individual or all buckets

Question 19

You can configure object-level permissions by configuring _________ specific to that object.

Answer 19

An access control list (ACL)

Question 20

cors

Answer 20

cross-origin resource sharing

Question 21

What does cors enable?

Answer 21

You can configure your bucket to allow cross-origin requests.

Question 22

s3 lifecycle

Answer 22

You can define lifecycle rules for objects in your bucket that have a well-defined lifecycle.

Question 23

Server access logging S3

Answer 23

Server access logging provides detailed records for the requests that are made to a bucket

Question 24

What is the default server access logs collection status?

Answer 24

By default, S3 doesn’t collect server access logs.

Question 25

Where does S3 delivers the server access logs for a target bucket ?

Answer 25

Into another bucket

Question 26

Can target and source bucket reside in different regions and what must be the default retention period of a source bucket ?

Answer 26

The target and source bucket must reside in the same region. The source bucket must not have any default retention period.

Question 27

What is retention period?

Answer 27

A retention period specifies a fixed period of time during which an object remains locked.

Question 28

What happens when a object is locked?

Answer 28

When your object is locked, your object is WORM protected and can’t be over-written or deleted.

Question 29

What is WORM in object locking?

Answer 29

Write Once Read Many

Question 30

How many days can you apply for object locking?

Answer 30

You can apply for object locking in days or years with minimum value of 1 day to no max limit.

Question 31

Example situation of using object locking.

Answer 31

To keep the golden copy of the business records.

Question 32

Charge for using object locking.

Answer 32

No charge for using object locking.

Question 33

What are WORM Storage capabilities?

Answer 33

S3 Glacier Vault Lock and S3 Object lock

Question 34

What is the unique feature of S3 Object lock?

Answer 34

Amazon S3 Object lock is the only cloud object storage WORM capability in the market today that gives you the flexibility to apply retention settings on individual objects in addition to default retention settings for all objects within an S3 bucket

Question 35

Amazon S3 object lock provides object retention by

Answer 35

1. Retention period

2. A legal hold

Question 36

What is a legal hold ?

Answer 36

A legal hold provides the same protection as retention period, but it has no expiration date. A legal hold remains in place until you explicitly remove it.

Question 37

Can a object version have a combination of both retention period and legal hold?

Answer 37

Yes. Ex: 1-Year retention period and legal hold.

Question 38

What retention modes are available with Amazon S3 lock?

Answer 38

1. Governance

2. Compliance

Question 39

What does Governance mode entail?

Answer 39

Governance mode protects objects from being deleted by most of the users during a pre-defined retention period and at the same time some users with special permission will be able to alter the retention settings or delete the objects.

Question 40

Users with _______ permission can override or remove governance-mode retention settings

Answer 40

s3:BypassGovernanceRetention

Question 41

Most customers use Governance mode over Compliance mode since

Answer 41

the customers don’t have compliant storage requirements.

Question 42

What does compliant mode entail ?

Answer 42

With compliance mode, no user, including the root user in AWS account will be able to delete the objects during the pre-defined retention period.

Question 43

What is the only way to delete the object under Compliance mode within the retention period?

Answer 43

To delete the AWS account it is associated to

Question 44

When to actually use legal hold

Answer 44

Use legal hold when you aren’t sure how long you would like the objects to stay immutable.

Question 45

Use compliance mode if you have______ data

Answer 45

compliant.

Question 46

What is the retention period of legal hold.

Answer 46

The retention period of legal hold is infinite. Only users with special permissions are able to lift the hold.

Question 47

How does S3 object lock apply for Cross-region replication?

Answer 47

In addition to locking objects, you can configure your S3 buckets to enable automatic, asynchronous copying of locked data and associated metadata to a bucket in a different aws region.

Question 48

S3 objects can only be locked if the respective bucket is configured to use object lock.

Answer 48

Yes.

Question 49

Amazon S3 Object lock only works for buckets that have _________ enabled.

Answer 49

Versioning.

Question 50

Can you turn on AWS S3 Object support for old buckets? If yes, how do you do that?

Answer 50

You can only enable S3 Object lock only to new bucket. To enable object locking for old buckets, contact AWS Support.

Question 51

Can anyone put objects with object lock into a bucket which is configured with object lock?

Answer 51

No. Only users with special permissions can add immutable objects to the respective bucket.

Question 52

When a bucket is configured with Object lock and retention mode, does it apply to all the objects that are placed in the bucket ?

Answer 52

Yes.

Question 53

Can I change retention mode and period for a specific object ?

Answer 53

Yes.

Question 54

Object Lock settings can’t be specified on _____ using the S3 console

Answer 54

upload

Question 55

When you create a bucket with Object Lock enabled, Amazon S3 automatically enables ______ for the bucket.

Answer 55

versioning

Question 56

If you create a bucket with Object Lock enabled, you can’t _____________

Answer 56

disable Object Lock or suspend versioning for the bucket.

Question 57

If you want to automatically protect object versions that are placed in the bucket, you can configure a ______.

Answer 57

default retention period

Question 58

If you want to enforce the bucket default retention mode and period for all new object versions placed in a bucket, then ________

Answer 58

set the bucket defaults and deny users permission to configure object retention settings.

Question 59

Bucket default settings require both a ________ and _______

Answer 59

mode and a period

Question 60

After the object is created, its retention period is ________ from the bucket’s default retention period.

Answer 60

independent

Question 61

f you configure a default retention period on a bucket, requests to upload objects in such a bucket must include the ___________

Answer 61

Content-MD5 header.

Question 62

By enabling server access logging, S3 console will automatically update your _________ to include access to the ________

Answer 62

bucket access control list (ACL), S3 log delivery group.

Question 63

Server access logs don’t record information about ____________

Answer 63

wrong-region redirect errors for Regions that launched after March 20, 2019.

Question 64

How are S3 logs delivered?

Answer 64

Amazon S3 periodically collects access records, consolidates the records in log files, and then uploads the log files to your target bucket as log objects.

Question 65

Which account does S3 use to write access logs?

Answer 65

Log Delivery Group

Question 66

Server access log records are delivered on a _________

Answer 66

best effort basis

Question 67

Most log records are delivered within _______

Answer 67

a few hours of the time that they are recorded, but they can be delivered more frequently.

Question 68

The completeness and timeliness of server logging is guaranteed. T/F

Answer 68

False. Possibility of missing logs, rare but possible.

Question 69

If you change the target bucket for logging from bucket A to bucket B, logs for the next hour might continue to be delivered to

Answer 69

Some logs for the next hour might continue to be delivered to bucket A, while others might be delivered to the new target bucket B.

Question 70

What is Canonical userid

Answer 70

An alpha-numeric identifier, such as 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be

Question 71

When is canonical userid used?

Answer 71

You can use this ID to identify an AWS account when granting cross-account access to buckets and objects using Amazon S3.

Question 72

Amazon S3 event notifications are designed to be delivered _________

Answer 72

at least once.

Question 73

What events can AWS publish notifications for S3

Answer 73

1. New object created events
2. Object removal events
3. Restore object events
4. Reduced Redundancy Storage (RRS) objects lost events
5. Replication events.

Question 74

Amazon S3 sends event notifications for replication configurations that have _________ enabled.

Answer 74

S3 replication metrics or S3 Replication Time Control (S3 RTC)

Question 75

Amazon S3 supports __________ destinations where it can publish events

Answer 75

1. Amazon Simple Notification Service (Amazon SNS)
2. Amazon Simple Queue Service (Amazon SQS) queue
3. AWS Lambda

Question 76

What is Amazon Simple Notification Service (Amazon SNS)

Answer 76

Amazon SNS is a flexible, fully managed push messaging service using which, you can push messages to mobile devices or distributed services.

Question 77

Main feature of SNS

Answer 77

With SNS you can publish a message once, and deliver it one or more times. Pub-Sub

Question 78

What version of SNS is currently allowed and not allowed in S3

Answer 78

Currently Standard SNS is only allowed as an S3 event notification destination, whereas SNS FIFO is not allowed.

Question 79

What is Amazon Simple Queue Service (Amazon SQS) queue ?

Answer 79

Amazon SQS offers reliable and scalable hosted queues for storing messages as they travel between computers. You can use SQS to transmit any volume of data without requiring other services to be always available.

Question 80

What version of SQS is currently allowed and not allowed in S3

Answer 80

Currently, Standard SQS queue is only allowed as an Amazon S3 event notification destination, whereas FIFO SQS queue is not allowed.

Question 81

What causes an execution loop?

Answer 81

If your notification writes to the same bucket that triggers the notification, it could cause an execution loop.

Question 82

To send S3 notifications to SNS, you must configure a _______ on SNS’s end where you can write to notifications to.

Answer 82

Topic

Question 83

In which region must be the SNS topic to which the S3 notifications are sent to.

Answer 83

The SNS topic must be in the same region as the S3 bucket, which notifications it delivers.

Question 84

Before you use the AWS SNS topic as event notification destination, what information do we need ?

Answer 84

1. ARN of SNS topic

2. A valid SNS topic subscription.( The topic subscribers are notified when a message is published to your SNS topic.)

Question 85

In which region must be the SQS queue to which the S3 notifications are sent to.

Answer 85

The Amazon SQS queue must be in the same Region as your Amazon S3 bucket.

Question 86

Before we can use the SQS queue as the event notification destination, what information do we need ?

Answer 86

ARN of the SQS Queue

Question 87

To grant Amazon S3 permissions to publish messages to the SNS topic or SQS queue, you attach an __________ to the destination SNS topic or SQS queue.

Answer 87

AWS Identity and Access Management (IAM) policy

Question 88

Enabling notifications is a ______ level operation.

Answer 88

bucket

Question 89

You store notification configuration information in the _______ associated with a bucket.

Answer 89

notification subresource

Question 90

After creating or changing the bucket notification configuration, typically you must wait ______ for the changes to take effect.

Answer 90

5 minutes

Question 91

Amazon S3 stores the notification configuration as ____ in the_______associated with a bucket.

Answer 91

XML , notification subresource

Question 92

By default, to which events are the notifications enabled?

Answer 92

By default the notifications are not enabled for any type of event.

Question 93

What configuration is stored in the notification subresource by default and why?

Answer 93

By default the notification subresource is empty since the notifications are not enabled for any type of events by default.

Question 94

Price of SQS

Answer 94

Free. All customers can make 1 million Amazon SQS requests for free each month.

Question 95

Price to setup SNS

Answer 95

No upfront costs.

Question 96

SNS charges

Answer 96

SNS charges you based on the number of messages you publish, the number of messages you deliver, and any additional API calls for managing topics and subscriptions.

Question 97

The notification message that Amazon S3 sends to publish an event is in the ______ format.

Answer 97

JSON

Question 98

What is Managing your storage lifecycle

Answer 98

To manage your objects so that they are stored cost effectively throughout their lifecycle

Question 99

What is 3 Lifecycle configuration

Answer 99

An S3 Lifecycle configuration is a set of rules that define actions that Amazon S3 applies to a group of objects.

Question 100

What are the types of actions defined by the S3 lifecycle configuration?

Answer 100

1. Transition actions

2. Expiration actions

Question 101

What are transition actions?

Answer 101

Transition actions define when an object transition from one storage class to another storage class.

Question 102

What are expiration actions?

Answer 102

Expiration actions define when objects expire. S3 deletes expired objects on your behalf.

Question 103

Each object in Amazon S3 has a ______ class associated with it.

Answer 103

storage

Question 104

Which storage classes offer high durability?

Answer 104

All storage classes offer high durability.

Question 105

What storage classes does AWS offer for Frequently accessed data

Answer 105

1. S3 Standard

2. Reduced Redundancy

Question 106

What is S3 Standard storage class?

Answer 106

S3 standard is the default storage class. When you don’t specify any storage class, your object is associated with S3 Standard storage class.

Question 107

What is reduced redundancy storage class?

Answer 107

Reduced Redundancy Storage class or RRS is used for non-critical, reproducible data that can be stored with less redundancy than the S3 Standard class.

Question 108

Which Frequently accessed storage class does AWS doesn’t recommend.

Answer 108

Reduced Redundancy Storage.

Question 109

Which is the most cost effective frequently-accessed data storage class

Answer 109

S3 Standard

Question 110

What is the loss percent of objects associated to RRS class?

Answer 110

0.01

Question 111

If a RRS object is lost and if requests are made to that object then ________

Answer 111

s3 returns 405 error

Question 112

What is S3 Intelligent tiering?

Answer 112

S3 Intelligent Tiering helps to optimize storage costs by automatically moving the data to the most cost effective access tier with no operational overhead.

Question 113

When access patterns change, _________ moves data on a granular object level between access tiers for cost savings.

Answer 113

S3 Intelligent Tiering.

Question 114

_____________ is a perfect storage class to optimize cost for unknown or changing access patterns.

Answer 114

S3 Intelligent Tiering.

Question 115

What is the (additional?) fee the user is subject to when using S3 Intelligent tiering

Answer 115

Small monthly object monitoring and automation fee.

Question 116

Objects that are uploaded or transitioned to S3 Intelligent-Tiering are automatically stored in the _______ tier.

Answer 116

Frequent Access

Question 117

How does Intelligent tiering move object from Frequent access tier to in-frequent access tier?

Answer 117

S3 Intelligent tiering monitors the access patterns and then moving the objects that have not been accessed in the last 30 consecutive days to infrequent access tier.

Question 118

After you activate one or both of the archive access tiers, S3 Intelligent-Tiering automatically moves objects that haven’t been accessed for _________ to the Archive Access tier, and after ______ of no access, to the Deep Archive Access tier.

Answer 118

90 consecutive days, 180 consecutive days

Question 119

To access objects that have moved to the Intelligent-Tiering Archive Access tier, you must move them back to the _______ which can take _______

Answer 119

Frequent Access tier , 3 - 5 hours, Standard option and not expedited option.

Question 120

Is expedited option available to move Intelligent Tiering Archive Access tier to Frequent Access Tier ?

Answer 120

Yes

Question 121

To access objects that have moved to the Intelligent-Tiering Deep Archive Access tier, you must restore them back to the ________ which can take up to _____

Answer 121

Frequent Access tier, 12 hours

Question 122

Is expedited option available to move Intelligent Tiering Deep Archive Access tier to Frequent Access Tier ?

Answer 122

No

Question 123

The S3 Intelligent-Tiering storage class is suitable for objects ______ KB that you plan to store for at least _____

Answer 123

larger than 128KB; 30 days

Question 124

If the size of an object is less than 128 KB, it is not eligible for _________

Answer 124

auto-tiering.

Question 125

Smaller objects, less than 128 KB can be stored, but they are always charged at the _______rates in the S3 Intelligent-Tiering storage class.

Answer 125

frequent access tier

Question 126

If you delete an object before the end of the 30-day minimum storage duration period, you are charged for ________

Answer 126

30 days.

Question 127

The __________ storage classes are designed for long-lived and infrequently accessed data.

Answer 127

S3 Standard-IA and S3 One Zone-IA

Question 128

S3 Standard-IA and S3 One Zone-IA objects are available for _________ (similar to the_____________).

Answer 128

millisecond access; S3 Standard storage class

Question 129

Amazon S3 charges a retrieval fee for __________ objects, so they are most suitable for ____ accessed data.

Answer 129

S3 Standard IA, One zone IA ;infrequently

Question 130

Best use case for Standard-IA and One Zone IA

Answer 130

1. For storing backups

2. For data that is accessed infrequently but still needs to be accessed with millisecond frequency

Question 131

Difference between Standard-IA and One Zone-IA

Answer 131

Standard-IA stores in object data redundantly in separate AZs where as One Zone IA stores data only in one AZ. That is why it is less expensive, less resillient and less available than the S3 Standard-IA.

Question 132

When to use S3 Standard-IA

Answer 132

Use for primary or only copy of data that cannot be recreated.

Question 133

When to use One Zone-IA

Answer 133

Use to store the data that can be re-created if an AZ fails or for Object replicas when setting S3-Cross Region Replication.

Question 134

Storage classes for low-cost archiving objects

Answer 134

S3 Glacier or S3 Glacier Deep Archive.

Question 135

Is the durability and resilience of Glacier and Glacier Deep Archive objects less than Standard Storage?

Answer 135

No. It provides the same durability and resilience as S3 Standard Storage. Its just the retrieval time that is different.

Question 136

With expedited retrieval option, Glacier archive data can be accessed in __________

Answer 136

1-5 minutes

Question 137

If you are data is stored in S3 Glacier and you either deleted the data or moved the data different storage class before the 90-day minimum, you are charged for ________

Answer 137

90 days

Question 138

Minimum storage duration for data stored in Glacier deep archive is

Answer 138

180 days.

Question 139

Retrieval time for Glacier Deep Archive data is ______

Answer 139

12 Hours.

Question 140

What is lowest Archive storage class

Answer 140

S3 Glacier Deep Archive Storage.

Question 141

You can lower the cost of the Glacier Deep Archive retrieval costs by using ___________ and it takes ________

Answer 141

Bulk retrieval; 48 hours

Question 142

Which storage classes are available for real time retrieval

Answer 142

S3 Standard, S3 Standard-IA, One Zone-IA, RRS and Intelligent Tiering.

Question 143

Data from which storage classes are not available for real-time access?

Answer 143

Glacier and Glacier Deep Archive

Question 144

What are AWS Outposts

Answer 144

AWS Outposts is a fully managed service that offers the same AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience.

Question 145

The ___________ is only available for objects stored in buckets on AWS Outposts.

Answer 145

S3 Outposts storage class;

Question 146

If you try to use this S3 Outposts Storage class with an S3 bucket in an AWS Region, it results in an __________error.

Answer 146

InvalidStorageClass

Question 147

If you try to use other S3 storage classes with S3 on ________ , it results in this InvalidStorageClass error response.

Answer 147

Outposts

Question 148

Objects stored in the __________storage class are always encrypted using _______________

Answer 148

S3 Outposts (OUTPOSTS) ; server-side encryption with Amazon S3 managed encryption keys (SSE-S3).

Question 149

Which storage classes have the most durability?

Answer 149

1. S3 Standard
2. S3 Standard-IA
3. One Zone-IA
4. Intelligent Tiering
5. Glacier
6. Glacier Deep Archive
   with 99.999999999%

Question 150

Which storage classes have the least durability?

Answer 150

1. Reduced Redundancy Storage

99. 99%

Question 151

What Storage classes have the most availability?

Answer 151

1. S3 Standard
2. Glacier (After the objects are restored)
3. Glacier Deep Archive (After the objects are restored)
4. Reduced Redundancy Storage.
   with 99.99% availability

Question 152

What storage classes have the least availability

Answer 152

1. One-Zone IA

with 99.50%

Question 153

Which storage classes have 99.90% availability?

Answer 153

1. S3 Standard-IA

2. Intelligent Tiering

Question 154

Availability Zone

Answer 154

Except for One Zone IA, all other have availability zones of >=3 zone

Question 155

Which storage classes have no minimum storage duration?

Answer 155

1. S3 Standard

2. RRS

Question 156

Minimum of 30 Days storage duration?

Answer 156

1. S3 Standard-ia
2. One Zone-IA
3. Intelligent Tiering

Question 157

Mimmum storage duration for S3 Glacier and S3 Glacier Storage Deep Archive

Answer 157

90 days and 180 days

Question 158

All of the storage classes except for ________ are designed to be resilient to simultaneous complete data loss in a single Availability Zone and partial loss in another Availability Zone.

Answer 158

S3 One Zone-IA

Question 159

To manage your objects so that they are stored cost effectively throughout their lifecycle, configure their ____________

Answer 159

Amazon S3 Lifecycle.

Question 160

What are the Supported lifecycle transitions?

Answer 160

1. S3 Standard Storage class to any other storage class.
2. Any storage class to S3 Glacier or S3 Glacier Deep Archive.
3. S3 Standard-IA storage class to Intelligent Tiering class or One Zone -IA class.
4. Intelligent Storage class to One Zone-IA class
5. S3 Glacier Storage class to S3 Glacier Deep Archive Storage class

Question 161

What are Unsupported lifecycle transitions?

Answer 161

1. Any storage class to S3 Standard Storage class
2. Any storage class to Reduced Redundancy storage class.
3. S3 Intelligent Tiering class to S3 Standard-IA class
4. S3 One Zone-IA to S3 Standard-IA or to S3 Intelligent Tiering classes.

Question 162

Which transitions have a cost benefit of transitioning of large objects?

Answer 162

1. From S3 Standard or S3 Standard-IA to Intelligent Tiering.
2. S3 Standard to S3 Standard-IA or One Zone IA

Question 163

Which transitions doesn’t transition objects less than 128 KB because they are not cost effective?

Answer 163

1. S3 Standard or S3 Standard-IA to Intelligent Tiering.

2. S3 Standard storage class to S3 Standard-IA or One Zone-IA

Question 164

Amazon S3 doesn’t transition objects within the___________ because _________

Answer 164

first 30 days; newer objects are often accessed more frequently or deleted sooner than is suitable for S3 Standard-IA or S3 One Zone-IA storage.

Question 165

How are encrypted objects treated during the transition process?

Answer 165

Encrypted objects remain encrypted throughout the transition process.

Question 166

How are archive objects retrieved and accessed?

Answer 166

1. Before an archive object is accessed, you must create a temporary copy of the object.
2. The restored object copy is only available only for the duration you specify in the restore request.
3. After that AWS S3 deletes the temporary copy and the object remains archive in S3 Glacier.

Question 167

How do you restore an object from Glacier Archive?

Answer 167

1. You can only transition an object from Glacier Archive to Glacier Deep Archive.
2. To transition an object from Glacier Archive to a different storage class, you first retrieve a copy of the archived object using the retrieve operation.
3. Then use the copy operation to overwrite the object specifying the S3 Standard, Standard-IA, One Zone IA, Inteliigent Tiering or RRS as the storage class.

Question 168

How to transition from Glacier Deep Archive?

Answer 168

You cannot use S3 Lifecycle Configuration rules for transition from Glacier Deep Archive to any other storage class. For the transition to happen, the transition must happen through a temporary copy creation.

Question 169

Storage overhead charges for archiving objects

Answer 169

When objects are transitioned to Glacier or Glacier Deep Archive, a fixed amount of storage is added to accommodate to manage metadata for managing the object.
1. For each object transitioned to Glacier or Glacier Deep Archive, S3 uses 8KB of storage for the name of the object and other metadata. S3 uses this metadata to get the real time list of the objects archived in Glacier and Glacier Deep Archive.
2. For each object that is archived in Glacier and Glacier Deep Archive, S3 adds 32 KB of storage for index and related metadata which helps to identify and restore the object.
You are charged for S3 Glacier and S3 Glacier Deep Archive rates for this additional storage.
If you are archiving large number of small objects, consider aggregating the small objects into Large objects.

Question 170

Number of days you plan to keep the objects archived?

Answer 170

For Glacier it is 90 days and Glacier Deep Archive it is 180 days. If you plan on deleting the objects after the minimum period, it is free. However if you delete before the minimum duration, aws still charges you a prorated deleted fee.

Question 171

What are the transition request charges for archiving objects?

Answer 171

For each object that is transitioned to Glacier and Glacier Deep archive, constitutes one transition request.
There is a cost for each such request.
If you plan on transitioning large number of objects, consider the transition costs and try aggregating the small objects to larger objects.

Question 172

Life cycle management - transition to Glacier and Glacier Deep Archive cost considerations.

Answer 172

1. Storage Overhead Charges
2. Number of days you plan on keeping the objects archived.
3. S3 Glacier and S3 Glacier Deep Archive transition request charges.
4. S3 Glacier and S3 Glacier Deep Archive data restore charges.

Question 173

How are S3 objects archived using Lifecycle management.

Answer 173

When you archive objects to S3 Glacier by using Life Cycle Management, S3 transitions each object asynchronously. There might be a delay from when the transition is initiated and when the object is physically transitioned.

Question 174

What is propagation delay?

Answer 174

When you add an Life cycle configuration to a bucket, there is usually some lag before new or updated lifecycle configuration is fully propagated to all the S3 systems. Expect a delay of minutes.

Question 175

Lifecycle configuration for __________ buckets is not supported.

Answer 175

MFA-enabled.

Question 176

Which buckets can lifecycle configurations be applied? Version or Unversioned

Answer 176

Both versioned and unversioned.

Question 177

How are Amazon S3 Lifecycle actions captured by CloudTrail?

Answer 177

Amazon S3 Lifecycle actions are not captured by CloudTrail.

Question 178

How are Amazon S3 Lifecycle actions captured in logs?

Answer 178

Server Access Logs.

Question 179

Why does CloudTrail doesn’t capture Lifecycle actions?

Answer 179

CloudTrail captures API requests made to external end points whereas Lifecycle actions are performed using internal S3 endpoints.

Question 180

What is Amazon S3 Inventory?

Answer 180

Amazon S3 Inventory is one of the tools provided by S3 to manage your storage. You can use it to audit and report on the replication and encryption status of your objects.

Question 181

AWS S3 inventory provides ______ format files

Answer 181

CSV, ORC, Parquet

Question 182

AWS S3 inventory provides file on a ________ basis for an ___________

Answer 182

Daily or Weekly; S3 bucket.

Question 183

Source and destination buckets in AWS S3 Inventory

Answer 183

Source buckets - The bucket for which the inventory is generated.
Destination bucket - The bucket to which the inventory for source bucket is written to

Question 184

You can use __________ to query Amazon S3 Inventory.

Answer 184

Athena

Question 185

What is replication in AWS S3?

Answer 185

Replication enables automatic, asynchronous copying of S3 objects across S3 buckets.

Question 186

What is replicated by default?

Answer 186

By default, replication only supports copying new S3 objects after it is enabled.

Question 187

To replicate the existing objects and replicate them to a different bucket, you must ___________

Answer 187

Contact AWS support center

Question 188

To enable S3 replication, the following configuration must be provided:

Answer 188

1. Destination bucket/s where you want to replicate the S3 objects.
2. IAM Role that S3 can assume to replicate the objects on your behalf.

Question 189

How to create a duplicate version while maintaining the original metadata?

Answer 189

Replicate the S3 object.

Question 190

Can you replicate an object to a different storage class?

Answer 190

Yes

Question 191

What is owner override?

Answer 191

While replicating the object, you can change the ownership of the object to a different aws account.

Question 192

For compliance requirements, if you would like to create a copy of the object in a different region without modifying the original metadata?

Answer 192

Replication

Question 193

What is S3 RTC

Answer 193

AWS S3 RTC stands for Replication Time Control that is used to replicate your data within your AWS region or across different regions in a predictable time frame.

Question 194

What is the SLA of S3 RTC for replication.

Answer 194

S3 RTC replicates 99.99% of the new objects stored in S3 within 15 minutes.

Question 195

When to use Cross region replication?

Answer 195

1. Meet compliance requirements.
2. Minimize latency
3. Increase operational efficiency.

Question 196

When to use same region replication? SRR

Answer 196

1. Aggregate logs into a single bucket.
2. Configure live replication between the production and test accounts.
3. Abide by data sovereignty laws.

Question 197

What are the requirements for replication - either cross origin or same region.

Answer 197

1. The source bucket owner must have the source and destination AWS regions enabled for their account. The destination bucket owner must have the destination region enabled for their account.
2. Both Source and destination buckets must have version enabled.
3. Amazon S3 must have permissions to replicate the objects from source bucket and destination bucket.
4. If the owner of the source bucket doesn’t own the object , the object owner must grant bucket owner READ and READ_ACP with object Access Control List
5. If the object has Object Lock enabled, the destination bucket must also have the S3 Object Lock enabled.

Question 198

Additional replication configuration in cross-account scenario where source and destination buckets are owned by different AWS accounts

Answer 198

1. The owner of the destination bucket must grant the owner of the source bucket permissions to replicate the bucket policy.
2. The destination bucket cannot be configured as Requestor Pays bucket

Question 199

What is or can be replicated in S3

Answer 199

1. Objects created after you add replication configuration.
2. Unencrypted objects.
3. Objects encrypted at rest under AWS S3 Managed Keys or Customer Managed Keys stores in KMS.
4. Object metadata from the source objects to replicas.
5. Only objects in the source bucket for which the bucket owner has permissions to read object and access control lists.
6. Object ACL updates, unless you direct Amazon S3 to change the replica ownership when source and destination buckets aren’t owned by the same accounts.
7. Object tags, if any
8. S3 Object Lock retention information

Question 200

In general, _______ pay for all Amazon S3 storage and data transfer costs that are associated with their bucket

Answer 200

bucket owners

Question 201

With requestor pays buckets, _________ pays for storing the data

Answer 201

Bucket owners

Question 202

If you enable Requester Pays on a bucket, __________ to that bucket is not allowed.

Answer 202

anonymous access

Question 203

Requester Pays buckets do not support the following:

Answer 203

1. Anonymous requests
2. SOAP requests
3. Using a Requester Pays bucket as the target bucket for end-user logging, or vice versa. However, you can turn on end-user logging on a Requester Pays bucket where the target bucket is not a Requester Pays bucket.

Question 204

The requester pays for the data transfer and the request, and the bucket owner pays for the data storage. However, the bucket owner is charged for the request under the following conditions:

Answer 204

1. The requester doesn’t include the parameter x-amz-request-payer in the header (GET, HEAD, or POST) or as a parameter (REST) in the request (HTTP code 403).
2. Request authentication fails (HTTP code 403).
3. The request is anonymous (HTTP code 403).
4. The request is a SOAP request.

Question 205

What is Transfer Acceleration?

Answer 205

Amazon S3 Transfer Acceleration is a bucket-level feature that enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket.

Question 206

Transfer Acceleration takes advantage of the_____________. As the data arrives at an edge location, the data is______________

Answer 206

globally distributed edge locations in Amazon CloudFront.

routed to Amazon S3 over an optimized network path.

Question 207

You might want to use Transfer Acceleration on a bucket for various reasons:

Answer 207

1. Your customers upload to a centralized bucket from all over the world.
2. You transfer gigabytes to terabytes of data on a regular basis across continents.
3. You can’t use all of your available bandwidth over the internet when uploading to Amazon S3

Question 208

Bucket ownership rule

Answer 208

An Amazon S3 bucket is owned by the AWS account that created it. Bucket ownership is not transferable to another account.

Question 209

Can you change the bucket name or region after a bucket is created?

Answer 209

No

Question 210

Default number of buckets allowed in aws account

Answer 210

100, with a max limit of 1000 buckets upon request

Question 211

Number of objects that can be stored in a bucket

Answer 211

No Maximum limit

Question 212

The ___________ uniquely identifies the object in an Amazon S3 bucket.

Answer 212

object key (or key name)

Question 213

_________ is a set of name-value pairs

Answer 213

Object metadata

Question 214

Length of object keys in bytes

Answer 214

1024 bytes

Question 215

The Amazon S3 data model is a ___________

Answer 215

flat structure

Question 216

There are two kinds of metadata in Amazon S3

Answer 216

system-defined metadata and user-defined metadata.

Question 217

System-defined object metadata

Answer 217

For each object stored in a bucket, Amazon S3 maintains a set of system metadata. Amazon S3 processes this system metadata as needed. For example, Amazon S3 maintains object creation date and size metadata and uses this information as part of object management.

Question 218

User-defined object metadata

Answer 218

When uploading an object, you can also assign metadata to the object. You provide this optional information as a name-value (key-value) pair when you send a PUT or POST request to create the object.

Question 219

The maximum size of a file that you can upload by using the Amazon S3 console is __________

Answer 219

160 GB.

Question 220

To upload a file larger than 160 GB, use the _____________

Answer 220

AWS CLI, AWS SDK, or Amazon S3 REST API.

Question 221

Upload an object in a single operation using the AWS SDKs, REST API, or AWS CLI

Answer 221

With a single PUT operation, you can upload a single object up to 5 GB in size.

Question 222

Upload a single object using the Amazon S3 Console

Answer 222

With the Amazon S3 Console, you can upload a single object up to 160 GB in size.

Question 223

Upload an object in parts using the AWS SDKs, REST API, or AWS CLI

Answer 223

Using the multipart upload API, you can upload a single large object, up to 5 TB in size.

Question 224

Later Multipart upload, which data cannot be replicated, Monitoring, security, best practices.

Answer 224

Read later