S3 Flashcards
What is the max size for a single file upload? What is the min?
0 - 5TB
At what size is it recommended you do multi-part upload?
100 MB
At what size is it that you must do a multipart file upload?
over 5GB
When a file is uploaded successfully what is returned?
HTTP 200 status code
S3 buckets are private or public by default?
Private
What is an Object ACL?
Individual object level permissions
What is a bucket policy?
Permissions that apply to all objects in a bucket
Is S3 bucket names global? Why?
Yes, so that you can access the bucket from anywhere in the world it has a unique global dns name.
How do you make files public in a bucket?
Turn off Block Public Access in bucket properties. Select object and make it public.
What is the format for an s3 url? Which is going to be deprecated?
https://bucketname.s3.Region.amazonaws.com/filename
Path based style s3 url will be deprecated (https://s3.Region.amazonaws.com/bucket-name/key name)
What kind of files can you upload to S3?
Any kind of file can be uploaded
Can you install an OS or Database on S3?
No, it is object storage
What is an s3 bucket?
It is like a folder to store objects in it
What is the availability and durability?
99.9% and 11 9’s
What does durability mean?
The chance that data will be loss
What does availability mean?
The amount of time that data is available
How many availability zones does S3 store itself in? How many can it lose?
3 Az’s, can sustain the loss of 2 Az’s
What consistency is S3?
Strong Read After Write meaning if you write data you can immediately read the updated/new data
What are the steps to host a static website?
- Turn on Static Website Hosting for a bucket
- Turn off Block Public Access for the bucket
- create/set the index.html and error.html
- Use a bucket policy to set files as public in the bucket (getObject for all principals)
Once versioning is enabled for an S3 bucket can it be disabled?
It can’t be disabled, only suspended
How can you prevent accidental deletion of all versions of objects in S3?
Turn on MFA
What is versioning in S3?
All versions of an object are stored including PUT and Deletes
If you make objects public in an S3 bucket, does this apply to all versions of that object?
Previous versions will not be public even if the bucket policy makes objects public. You have to make the version public specifically.
How can you restore a file in S3 that was deleted?
You delete the delete marker
What are S3 Standard use cases?
Most workloads like websites. Frequent accessed data
What are S3 IA use cases?
Backups, critical data that is IA but needs rapid access
What are S3 One Zone use cases?
Non-critical IA long-lived data.
What is S3 Glacier used for?
Archiving long term data with retrieval time of minutes to hours
What is S3 Glacier Deep archive used for?
Rarely accessed archived data with retrieval times of 12 hours plus
What storage class should you use if you don’t know how frequently data will be accessed?
S3 intelligent Tiering
What storage classes do not have retrieval fees?
Standard and Intelligent Tiering
What is lifecycle management in S3?
Automate moving objects between storage tiers
Why would you combine lifecycle management with versioning in S3?
To automate moving previous versions of objects to a different tier
What are the 2 actions associated with S3 lifecycle management
Transition actions and Expiration actions
What is S3 object lock?
Method to store objs as WORM (write once read many)
Why use S3 object lock?
For regulatory compliance or extra protection layer
What modes does S3 object lock have?
Governance Mode and Compliance Mode
What is Governance Mode for S3 object locks?
Users cant overwrite/delete objects but some special permissions can be used to delete or alter retention settings
What is Compliance Mode for S3 object locks?
Objects cannot be overwritten/deleted by any users at all. Retention settings cannot be changed for retention duration.
What is an S3 object lock Legal Hold?
Legal Hold is a setting that prevents obj deletion/overwrite forever until a user removes it.
At what granularity does S3 object lock apply to?
Either individual objects or bucket wide
What is S3 Glacier Vault Lock?
Compliance controls for Glacier Vaults via a vault lock policy. e.g. WORM
Can you change an S3 Glacier Vault Lock once locked?
No you cannot change or remove the vault lock policy once locked
What are the 3 types of S3 encryption?
Encryption in Transit, Server side encryption, Client side encryption
What is encryption in transit for S3?
Using SSL/TLS and HTTPS
What are the 3 server side encryption options?
- SSE-S3 - S3 managed keys
- SSE-KMS - KMS managed keys
- SSE-C - Customer provided keys
How do you enforce Server Side Encryption for S3 buckets?
Have a bucket policy that requires the server side encryption header to be present in PUTs (x-amz-server-side-encryption)
What is an S3 prefix?
The logical path between bucket name and object name
How do you improve S3 performance?
Spread operations across different prefixes
What are some limitations of S3 prefixes? How would you fix this?
The built-in quota limits to calling KMS when uploading and downloading. No quota increases allowed. Fix by using native S3 encryption instead of KMS
What is S3 multipart upload?
Uploading a file in parallel chunks to increases upload speed
What is S3 byte ranges fetches?
Parallel download of certain chunks of a file
What is the PUT/COPY/DELETE/POST limit on S3 api?
3500 calls per sec per prefix
What is the GET/HEAD limit on S3 api?
5500 calls per sec per prefix
What happens to old objects when you turn on replication in S3?
Old objects are not replicated. Only new or modified objects are
What must be enabled for S3 replication to work?
Enable Versioning in both src and dest buckets
What happens to delete markers in S3 replication?
By default replication will not copy delete markers
What regions and accounts can you do S3 replication in?
You can do same region or cross region replication. You can do same account or cross account.
