S3

Question 1

Buckets vs Objects

Answer 1

Buckets must have a global unique name, even though they are created and tied to a specific region. And objects are what goes inside of your buckets.

Question 2

S3 security

Answer 2

There are multiple security options

1) We can have user based security thanks to IAM policies
2) We can have resource based security thanks to S3 Bucket Policy (for example you can use one to grant public access to your S3 bucket)
3) We can protect the individual objects using Encryption within your S3 bucket.

Question 3

S3 Websites

Answer 3

You can turn your S3 bucket into a static website.

Question 4

S3 Versioning

Answer 4

You can enable S3 versioning to role back to a previous version of a file or to prevent accidental deletes.

Question 5

S3 Access Logs

Answer 5

This is a way to log requests made within your S3 bucket and maybe audit them later on.

Question 6

S3 Replications

Answer 6

S3 Replications enable you to move data from one bucket to another. The buckets can be in the same region or in cross-regions. For S3 Replication to work you must enable first versioning on both the source and the target bucket.

Question 7

S3 Storage Classes

Answer 7

Standard
IA (Infrequent Access)
1Z-IA (One zone - Infrequent Access)
Intelligent Tiering
Glacier
Glacier Deep Archive

Choosing the right one allows you to optimize costs of your S3 bucket.

Question 8

S3 Lifecycle Rules

Answer 8

To migrate efficiently between S3 Storage Classes (Standard, IA (Infrequent Access), 1Z-IA (One zone -Infrequent Access), Intelligent Tiering, Glacier, Glacier Deep Archive) you can create S3 Lifecycle Rules.

Life Cycle Rules can be used to define when S3 objects should be transitioned to another storage class or when objects should be deleted after some time.

Question 9

S3 Glacier Vault Lock

Answer 9

S3 Glacier Vault Lock allows you to easily deploy and enforce compliance controls for individual S3 Glacier vaults with a vault lock policy. You can specify controls such as “write once read many” (WORM) in a vault lock policy and lock the policy from future edits. Once locked, the policy can no longer be changed.

Question 10

S3 Object Lock

Answer 10

S3 Object Lock is used to prevent an object from being deleted or overwritten for a fixed amount of time or indefinitely. This is not used to lock policies from future edits, but instead objects.

Question 11

Snow Familiy

Answer 11

Import data onto S3 through a physical device, edge computing.

Question 12

Ops Hub

Answer 12

Application to manage Snow Family devices

Question 13

Storage Gateway

Answer 13

AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage. It is not used to transfer data to the Cloud.

Question 14

Snowmobile

Answer 14

Snowmobile is used to move exabytes of data in or out of AWS (1 EB = 1,000 PBs = 1,000,000 TBs)

Question 15

AWS Snowcone

Answer 15

AWS Snowcone is a small, portable, rugged, and secure edge computing and data transfer device. It provides up to 8 TB of usable storage.

Question 16

Amazon S3 Standard-Infrequent Access

Answer 16

Amazon S3 Standard-Infrequent Access allows you to store infrequently accessed data, with rapid access when needed, has a high durability, and is stored in several Availability Zones to avoid data loss in case of a disaster. It can be used to store data for disaster recovery, backups, etc.

Question 17

Snowball Edge

Answer 17

Snowball Edge is best suited to move petabytes of data and offers computing capabilities. Be careful, it’s recommended to use a fleet of Snowballs to move less than 10 PBs of data. Over this quantity, it’s better to use Snowmobile.

Question 18

Snowball Edge - Storage Optimized

Answer 18

Snowball Edge Storage Optimized devices are well suited for large-scale data migrations and recurring transfer workflows, as well as local computing with higher capacity needs.