S3

Question 1

What is S3?

Answer 1

S3 stands for Simple Storage Service and essentially it’s object storage in the cloud.

Question 2

What kind of storage is S3?

Answer 2

Object-based storage

Question 3

How much can you store in S3?

Answer 3

Unlimited storage

Question 4

What can you upload to S3?

Answer 4

Anything. File, pictures, videos, etc.

Question 5

What can you not us S3 for?

Answer 5

Installing an OS, running a DB, etc.

Question 6

Max size of S3 object?

Answer 6

5TB

Question 7

What does it mean when S3 is called a universal namespace?

Answer 7

The S3 bucket must have a globally unique name as S3 bucket names are global.

Question 8

What is the default bucket URL?

Answer 8

It is https:// then the name of the bucket, then .s3, and then . the region that it’s going to be in. A bucket called “test” would have a URL of https://test.s3.us-east-1

Question 9

What response code will you get when successfully uploading a file to S3?

Answer 9

HTTP 200 code

Question 10

What does it mean for S3 to be a key-value store?

Answer 10

The key-value is the name of the object. If you have an object called “test.jpeg” then the key-value is “test.jpeg”

Question 11

What is a version ID?

Answer 11

If versioning is enabled, anytime a new version of an existing object is uploaded, the prior version becomes the old version with a unique version ID that can be restored.

Question 12

What is metadata?

Answer 12

It is data about the data.

Question 13

How does S3 ensure durability and availability?

Answer 13

S3 data is always spread across multiple devices and facilities

Question 14

S3 is designed for how many 9s of durability?

Answer 14

It is built for 11 9’s of durability. 99.999999999

Question 15

True/False. S3 is designed for frequently accessed data.

Answer 15

True.

Question 16

Use case examples for S3?

Answer 16

websites, content distribution, mobile and gaming applications, big data

Question 17

How can you secure buckets?

Answer 17

Server-side encryption, ACLs, and bucket policies

Question 18

What are bucket policies?

Answer 18

Actions that can be allowed or denied through a JSON policy that are bucket wide?

Question 19

What are bucket ACLs?

Answer 19

Grants permission on a per object bases for users and groups.

Question 20

What is the consistency model of S3?

Answer 20

Strong read after write.

Question 21

Can S3 buckets be deployed to a specific region?

Answer 21

Yes, but the name space is global.

Question 22

Are buckets private when first created?

Answer 22

Yes. They have to be enabled for public access including the objects within them.

Question 23

Can versioning be disabled once it is enabled?

Answer 23

No. It can only be suspended.

Question 24

How can you prevent your objects from being accidentally deleted?

Answer 24

Enable MFA. Enable versioning.

Question 25

Are versioned objects publicly accessible in a public bucket?

Answer 25

No.

Question 26

Can Lifecycle rules be configured for versioning?

Answer 26

Yes.

Question 27

What are the different S3 storage classes?

Answer 27

S3 Standard, S3 Infrequently Accessed, S3 One Zone-Infrequently Accessed, S3 Intelligent-Tiering

Question 28

What is S3 Standard?

Answer 28

Provides you with high availability and durability, and data is stored redundantly across multiple devices in multiple facilities. Equal to or greater than 3 availability zones. Comes with 99.99% availability and it comes with a 11 nines durability. Designed for frequent access, and it’s perfect for frequently accessed data, and it’s suitable for most workloads, and this is basically the default storage class. So when people are talking about S3, they’re talking about S3 Standard.

Question 29

What are examples of S3 standard?

Answer 29

Place to host video files, or pictures, or any kind of static object. Can be used to host static web sites.

Question 30

What is S3 Standard-Infrequently Accessed (IA)?

Answer 30

Basically just S3 Standard-IA is what it’s referred to. So it’s designed for infrequently access data. What it does give you though is rapid access. So it’s used for data that is accessed less frequently but requires rapid access when you need it. And you basically pay to access the data. So there is a low per-gigabyte storage price and a per-gigabyte retrieval fee. Now, it comes with 99.9% availability and again, 11 nines durability.

Question 31

What are examples of SE Standard-IA?

Answer 31

Use case is where basically you need long-term storage for things like backups, for example, and data stores for disaster recovery files, etc., but you want to minimize your cost, but you still need instant access to that data. That’s where you’d use S3 Standard-Infrequently Accessed

Question 32

What is S3 Intelligent-Tiering?

Answer 32

Automatically moves your data to the most cost-effective tier based on how frequently you access each object. It has 99.99% availability, and 11 nines durability. So it’s basically using AI and machine learning to figure out how frequently you access your data, and then it will store it on the storage class that’s going to save you the most money based off your access patterns.

Question 33

What is S3 One Zone-Infrequently Accessed?

Answer 33

The same is basically the same as S3 Standard-IA. Designed for infrequently access data that gives you rapid access. So it’s used for data that is accessed less frequently but requires rapid access when you need it. And you basically pay to access the data. So there is a low per-gigabyte storage price and a per-gigabyte retrieval fee. Now, it comes with 99.9% availability and again, 11 nines durability. It only uses one AZ but stored redundantly within that AZ and is for non-critical data.

Question 34

What are examples of S3 One Zone-Infrequently Accessed?

Question 35

What are examples of S3 Intelligent Teiring?

Question 36

What is Glacier?

Answer 36

Glacier is a way of archiving your data long term, so storing your data for long terms. You pay for each time you access your data. And it’s used only for archiving data. So Glacier is really cheap storage, and it’s optimized for data that is very infrequently accessed. There are 3 tiers.

Question 37

which is called Glacier Instant Retrieval?

Answer 37

long-term data archiving, but you still have instant retrieval time for your data. So if you’ve got critical data that you probably might not need to use, maybe only once a year, but you need to access it instantly, then you want Glacier Instant Retrieval.

Question 38

What is Glacier Flexible Retrieval?

Answer 38

This is the ideal storage class for archived data that does not require immediate access but needs the flexibility to retrieve large sets of data at no cost, such as backup or disaster recovery use cases. And it can be minutes in terms of retrieval time or up to 12 hours. So you’d only use this if you can afford to wait for 12 hours to access this data.

Question 39

What is Glacier Deep Archive?

Answer 39

This is the cheapest storage class on AWS, and it’s designed for customers that retain datasets for 7-10 years or longer to meet customer needs and regulatory requirements. And the standard retrieval time is around 12 hours but for bulk retrievals, it’s around 48 hours.

Question 40

What is the availability and durability of Glacier?

Answer 40

It’s the same across all 3 options. So it’s 99.99% availability and 11 nines durability.

Question 41

How is S3 priced?

Answer 41

So for S3, the most expensive one is just S3 Standard.
If you want to intelligentlyncontrol your costs and optimize your costs for known or unknown access patterns, then you want S3 Intelligent-Tiering. That’s going to move it around between Infrequently Accessed and then just Standard S3.
If you need to access your data and it sits on S3 in Standard-Infrequently Accessed as well as One Zone-Infrequently Accessed, then a retrieval fee is going to apply.

Question 42

How is Glacier priced?

Answer 42

The most expensive one is S3 Glacier. So that’s just your standard Glacier. Flexible Retrieval is slightly cheaper,
and then the cheapest is going to be Glacier Deep Archive and again, just remember, your retrieval time for Deep Archive is between 12-48 hours. Glacier Flexible Retrieval can be minutes but it could be up to 12 hours, whereas with normal Glacier, then it’s going to be instant access. And a retrieval fee applies for all 3 storage classes.

Question 43

What is S3 Lifecycle Management?

Answer 43

Moving your objects between the different storage tiers, thereby maximizing your cost effectiveness. It’s a way of automating, moving your objects to save you money. So if you’re not using an object or it hasn’t been accessed recently, you can move it from S3 Standard to S3 Infrequently Accessed. So say if it hasn’t been accessed in the last 30 days, it would automatically move to S3-IA. And then if you haven’t used that object in let’s say 90 days after it’s been moved to S3-IA, it would then be moved onto Glacier and archived off.

Question 44

Can you use Lifecycle Management with versioning?

Answer 44

You can use Lifecycle Management to move different versions of your objects to different storage tiers as well, thereby saving you even more money.

Question 45

What is S3 Object Lock?

Answer 45

You use it to store objects using a WORM model. And a WORM model just stands for write once, read many. So you can only write once to your objects, but you can read them many, many times. And it can help prevent objects from being deleted or modified for a fixed amount of time or indefinitely.

Question 46

In a scenario, where would you apply the WORM (write once and read many) to Glacier?

Answer 46

In a scenario-based question, they’re talking about Glacier, and you’re going to want to store it in Glacier Vault Lock.

Question 47

Can Object Lock can be done on individual objects or can it be applied across the bucket as a whole?

Answer 47

Object Lock can be done on individual objects, or it can be applied across the bucket as a whole. And Object Locks come in 2 modes which we covered off. So we have governance mode and compliance mode.

Question 48

Object Locks come in 2 modes which are?

Answer 48

Governance mode and compliance mode.

Question 49

What is Compliance Mode for S3 Object Locks?

Answer 49

Compliance Mode is simply where a protected object version can’t be overwritten or deleted by any user whatsoever.

Question 50

What is governance mode for S3 Object Locks?

Answer 50

Prevents most users but you can have some users who are able to either alter an object or delete it.

Question 51

In a scenario, where would you apply WORM in S3?

Answer 51

S3 Object Lock

Question 52

How many types of server-side encryption are there in S3? What are they?

Answer 52

3. SSE, SSE-KMS, SSE-C

Question 53

What is SSE?

Answer 53

SSE is server-side encryption S3. So S3 is where S3 manages the keys. AWS manages all the encryption and decryption for you. You don’t need to worry about keys or anything like that. It uses AES 256-bit encryption and this is the most common type of encryption. It’s the easiest to use.

Question 54

What is SSE-KMS?

Answer 54

The KMS just stands for Key Management Service. And this is essentially where you work with Amazon on your own key management using the Key Management Service. So you can use KMS keys to encrypt your objects as well.

Question 55

What is SSE-C?

Answer 55

And then we have server-side encryption C, or SSE-C, which is where you provide the keys.

Question 56

How can you enforce server-side encryption?

Answer 56

You can do it using the console, and this is where you select the encryption setting on your S3 bucket. This is the easiest way to do this is just a checkbox in the console. And then we also have it through bucket policy. So you can also enforce encryption using a bucket policy. And this method sometimes comes up in the exam.

Question 57

What is a prefix?

Answer 57

It’s simply the folders and sub-folders within your S3 bucket.

Question 58

What is the performance of a prefix?

Answer 58

The more prefixes that you use with your applications using S3, the better performance you’re going to get. So you can always achieve a high number of requests. You can do 3,500 puts, copies, posts, and deletes and 5,500 get and head requests per second per prefix. So the more prefixes you have, the faster performance. So you spread your data and your reads across different prefixes.
I gave the example 5,500, so if you’re using 2 prefixes, you could then achieve 11,000 requests per second. If you’re doing it with 4 prefixes, you could achieve 22,000 requests per second.

Question 59

What are the builtin limits of SSE-KMS?

Answer 59

So uploading and downloading data will count towards the KMS quota. It is region specific, but it’s either going to be 5,500,
10,000, or 30,000 requests per second. And currently you can’t request a quota increase for KMS.

Question 60

How can you increase upload performance for S3?

Answer 60

You can use multipart uploads to increase your performance when uploading your files to S3.If there’s any file that’s over 100 meg, then you should be using it. And if you’re doing it for any file over 5 gigs, you’re forced to use it.

Question 61

How can you increase download performance for S3?

Answer 61

Use S3 byte-range fetches to increase your performance and it’s basically doing the opposite. You’re splitting up the files into different byte ranges and you’re downloading them all at the same time.

Question 62

What is S3 Replication?

Answer 62

It used to be called Cross Region Replication. So, if they haven’t updated the questions and you see the mention of cross region replication, then the language has changed. You can replicate objects from one bucket to another. They can either be in the same region or in different regions.

Question 63

Are existing S3 objects replicated when replication is enabled?

Answer 63

No. Objects in an existing bucket are not replicated automatically and delete markers are not replicated automatically by default. However, it can be enabled.

Question 64

How does S3 encrypted a bucket?

Answer 64

S3 doesn’t offer encryption at a bucket level. Encryption occurs at an object level.

Question 65

What are the 3 types of server-side encryption?

Answer 65

Server-Side Encryption With Customer-Provided Keys (SSE-C)
Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)
Server-Side Encryption With KMS KEYS Stored in AWS Key Management Service (SSE-KMS)

Question 66

What is S3 standard?

Answer 66

Default storage class.
Data is replicated across at least 3 regions
Provides eleven “nines” of durability (1 object loss/10,000,000 objects/10,000 years).
GB/m fee for data stored, fee per GB transferred out charge, price per 1,000 requests.
Should be used for frequently accessed data which is important and non-replaceable.

Question 67

What is S3 standard IA (Infrequent Access)

Answer 67

Roughly half the storage cost of S3 standard.
Higher per GB data retrieval fee.
Minimum duration charge of 30 days (objects can be stored for less time, but the minimum of 30 days still applies for billing.
Minimum capacity charge of 128KB/object.
Should be used for long-lived data that is important but infrequently accessed.

Question 68

What is S3 one-zone IA?

Answer 68

Similar to S3 Standard IA, but cheaper and less resilient due to only using one AZ within the region
Should be used for long-lived data which is non-critical, replaceable if lost, and infrequently accessed

Question 69

What is S3 Glacier Instant?

Answer 69

Similar to S3 Standard IA, but cheaper storage, more expensive retrieval, and longer minimum storage duration.
Should be used for long-lived data that is only accessed roughly once per quarter and needs millisecond retrieval time.

Question 70

What is S3 Glacier Flexible?

Answer 70

Very cheap, but requires minutes or hours to access data.

Objects cannot be made publicly accessible, any access of data (beyond object metadata) requires a retrieval process.

Should be used for archival data where frequent or realtime access isn’t needed (e.g. yearly).

Question 71

What is S3 Glacier Deep Archive?

Answer 71

Similar to S3 Glacier Flexible, but with longer retrieval times of roughly 12-48 hours.

Should be used for archival data that rarely if ever needs to be accessed.

Question 72

What is S3 Intelligent Tiering?

Answer 72

Monitors and automatically moves any objects between different tiers based on their usage.

Has a monitoring and automation cost per 1,000 objects.

Should be used for long-lived data with changing or unknown usage patterns.

Question 73

Go back and add rest of S3 cards.

Answer 73

Do it.