S3 Flashcards
1
Q
S3 Soft bucket limit on accounts?
A
100
2
Q
S3 Standard Reliability level?
A
Nine nines!
99.999999999%
3
Q
Is s3 a file system?
A
NO!
It’s a flat address space. And although you can create folders, it is not a file system.
4
Q
S3 File size limit
A
5TB
5
Q
S3 Storage limit?
A
Unlimited
6
Q
Best s3 storage class for high frequency access?
A
Standard
7
Q
What does S3-I do that’s so special?
A
Automatically move less commonly used files to a cheaper storage class
8
Q
S3 Glacier is best for storing
A
Archived data
9
Q
How to move items in and out of glacier?
A
SDK or CLI
10
Q
Quickest retrieve possible from glacier?
A
5 minutes - it’s also the most expensive
11
Q
Standard retrieval from glacier takes
A
3-5 hours
12
Q
Bulk retrieval from glacier takes
A
5-12 hours
13
Q
Glacier Deep Archive is best used for…
A
Files you need to retain, but will rarely ever look at.
14
Q
Time it takes to get something from Glacier deep storage?
A
Up to 12 hours
15
Q
Negative effect of s3 versioning?
A
It can dramatically increase prices
16
Q
When you delete a version item from s3, what happens?
A
A delete marker is added to the file, and the most recent version is deleted.
17
Q
Can versioning of a s3 bucket be disabled?
A
No, only suspended.
18
Q
Can a private s3 bucket be used for static website hosting?
A
No. It must be public apt available
19
Q
If you switch encryption on, on an existing s3 bucket. Does it encrypt the items already in the bucket?
A
No
20
Q
Advantage of encrypting s3 buckets with SSE-KMS
A
Better flexibility and management of the keys.
21
Q
Advantage of SSE-S3 encryption
A
AWS handles all of it for you
22
Q
What does s3 object lock do?
A
Prevents files being deleted
23
Q
S3 Object Lock; governance mode. What does it do?
A
Prevents files being deleted for specified retention period.
24
Q
S3 Object Lock Compliance Mode. What does it do?
A
Prevents files being deleted by anyone. Not even root!
25
If an item has an s3 object has “legal hold” on it. Can it be deleted at the end of it’s retention period.
Nope!
26
Purpose of tags in s3?
They help with billing
27
Transfer accelerator in s3 uses what AWS service to accelerate transfer speeds?
Cloud front
28
What do S3 events allow you to do?
Dispatch events to other AWS services
29
With request or payed enabled. What does the s3 bucket owner have to pay for?
The storage
30
Can you have unauthenticated access to a requester pays s3 bucket?
Nope. As AWS won’t know who to charge.
31
True or false. To use object lock on an s3 bucket, versioning must be enabled?
True
32
Can object lock be set on an existing s3 bucket?
Nope. Only on creation.
33
S3. Can you disable object lock on a bucket?
Nope.
34
True or false. S3 log bucket must be in the same region as the s3 bucket being logged.
True
35
True or false. S3 log bucket must be in the same region as the s3 bucket being logged.
True
36
In s3 logs. If certain information is not available. What character is shown in the data’s place?
-
37
S3 object level logging uses what AWS service.
Cloud trail
38
What s3 policies should you use for maximum security?
Of many of them as you can
39
What does ACL stand for?
Access control list
40
S3 multipart upload is recommended for all files over what size?
100mb
41
Describe what s3 multipart upload does
Splits files into multiple parts, uploads them, and automatically reassembles them.
42
Advantages to s3 multipart upload?
Faster (as multiple files can be uploaded at once)
Protects from interruptions
Allows for upload management.
43
Does s3 copy to multiple regions by default?
No. Only multiple availability zones by default
44
S3 Glacier, Expedited retrieval. What’s the file size limit?
250mb
45
Glacier max archive size?
40tb
46
Durability of S3 standard and Infrequent access storage classes.
99.999999999%
11 nines.
47
S3 standard, what’s the availability in percentage?
99.99%
Four nines
48
S3 infrequent access availability in percent.
99.9%
Three nines.
49
Snowball device HD size?
50TB/80TB Dependant on Region
50
True or false, all data transferred onto a snowball is auto encrypted?
True
51
Snowball device onboard connection types
Rj45
SFP Copper
SFP Optical
52
What standards do AWS conform too, to wipe data from snowballs after you have used them?
NIST
53
Is snowball HIPAA compliant
Yes.
54
Can Snowball be used to retrieve data from AWS as well as deposit it?
Yes
55
If data retrieval from s3 over network will take longer than “x” use snowball
1 week
56
Security features of a snowball device?
Dust and water resistant.
Tamper proof
It’s shipping crate can absorb substantial shock.
57
Can snowballs be aggregated together for larger transfers?
Yes.
58
AWS Storage Gateway. What is it?
Software, to act as a gateway between your onsite storage and S3.
59
Storage gateway software comes packaged as?
A VM.
60
What does VTL stand for?
Virtual tape library
61
VTL Tape limit?
1500
62
AWS Storage Gateway: File Option, explain
Allows you to store items as individual s3 objects.
63
AWS Storage Gateway: Volumes, Explain.
Backup volumes.
64
AWS Storage Gateway, Volumes.
It keeps all your data locally and asycronously copies it to s3.
True or false?
True.
65
AWS Storage Gateway, Volumes.
Volume limit per gateway.
32 volumes.
66
S3 request costs are priced per
1000
67
True or false. S3 delete requests are free.
True.
68
What do s3 batch operations allow for?
Batch operations on many buckets and objects at once.
69
How are s3 batch operations priced?
Per batch job.
| Per million operations performed.
70
S3 charges for.
All requests (apart from delete)
Data transfer out
Storage
71
Data transfer in s3 is free of charge. When.
Data is being transferred in.
Items are transferred to EC2 instances
Items are transferred to cloud flair.
72
What is s3 glacier select?
A service for scanning and retrieving smaller parts of your glacier vaults.
73
True or false. The actual replication process in s3 carries no cost. But the extra storage does.
True.
74
All s3 storage classes are priced per
GB
75
Multi region s3 buckets. Provide eventual consistency on deletes. True or false?
True
76
In s3 what does read after write functionality allow you to do?
Immediately download the file you just uploaded.
77
What does s3 file gateway do?
Allows you to store and access objects in s3 using using NFS and SMB file protocols.
78
True or false. A successful response to a put request, is only triggered after the file has finished uploading?
True
79
In S3. If you immediately update an object with a new version, then immediately try to access it. What might happen?
You may download the older version.
80
True or false. S3 provides eventual consistency for overwrote PUTs and Deletes
True
81
In a single pit request. What is maximum file size?
5gb
82
True or false. VPC flow logs allow you to log s3 access info?
False
83
Your two options for logging s3 access requests are.
S3 server logging
| Cloudtrail
84
Minimum and maximum file storage sizes in s3
0 bytes. 5 TB.
85
In a version enabled bucket. What does deleting an object do?
Add the delete marker to the object.
86
You wish to notify a group of users that an s3 file has finished uploading. How might you do this?
Use s3 event notifications.
These could write to SNS or a Lambda function which emailed relevant people.
87
Cross region replication. Requires versioning to be switched on. On what buckets?
Destination and source.
88
Can you create an s3 bucket, within an s3 bucket?
No
89
What is the difference between an object and a file in s3?
Metadata.
90
When creating a file in s3. Does the object owner have full control of it?
Yes
91
What s3 storage options incur costs on data retrieval?
Glacier
| Standard Infrequent Access
92
Can you store objects smaller than 128kb in S3 standard IA storage class?
Yes. But it’s billed as if it were 128kb.
93
How much data can you retrieve from glacier storage, for free, every month.
10gb
94
To download an object from a request or pause object, you must include something in your request.
amz-request-payer
95
True or false. Standard Infrequent Access Storage has a minimum 30 day stroage duration?
True
96
Can a user upload more than 1000 parts as part of a multipart upload?
Yes. But it requires additional requests.
Each request contains a maximum of 1000 parts.
97
Can an object be uploaded to s3 via multipart upload if it is less than 5mb?
Only if it’s the last part.
98
When uploading an object to the s3 console, can you set logging?
Nope
99
Can s3 uploads resume of failure?
Yes
100
When a user initiated a multipart upload. How does s3 track all the parts?
She returns a response with an upload ID for each initiation
101
Is it required to send both the access key and the secret access key in the REST request to amazon s3?
Yes
102
When accessing an s3 bucket by rest. What must be included in the request?
AWS access key is
Signature
Timestamp
Date
103
In amazon s3 bucket policies. What do you use to grant cross account access?
Canonical user ids.
104
Data in transit to s3 can be secured using?
SSL
105
Is life cycle configuration possible on s3 buckets with MFA
Nope
106
Regardless of if versioning is enabled or not. All objects in an s3 bucket have a version ID. Yes or no?
Yes
107
A user has set an expiration rule for objects on an s3 bucket. Can there be a delay between an objects deleted day and the expiration rule date?
Yes. It’s added to a queue and happens eventually.
108
S3 bucket versioning. What are the three possible states?
Versioning enables
Unversioned
Versioning suspended
109
You have an unversioned bucket with objects in it. You switch on versioning.
What will the version ID be for existing objects?
Null
110
A user has created objects using s3. The objects are moved to glacier at five days, and at 10 days are deleted.
On day 7, the user decides to temp restore the files for five days. What happens on day 10?
Everything is deleted. Including the temp restored files.
111
How does s3 ensure high availability and durability?
When you upload, behind the scene, s3 copies the file to multiple psychical locations.
112
You enable cross region replication on an existing s3 bucket. Are the existing objects replicated to another region?
No. Only new objects.
113
To request the retrieval of an item from glacier. You must create a...
Job
114
You send items to glacier in one of two ways.
API
| Life cycle policies
115
What’s more durable. EBS or s3?
S3
116
For traffic encryption between onsite infrastructure and s3 use what service?
Amazon Managed VPN
117
Does S3 have a rest API?
Yes
118
What’s the difference between compliance mode and governance mode?
Compliance mode prevents objects being updated or deleted.
Governance mode prevents deletion.
119
Are legal holds configured at bucket level or object level?
Object level
120
Can you configure object lock settings via batch operations?
No
121
At what level can you apply ACLs to S3
Object and bucket
122
When providing your own encryption key for s3. Is it possible to have different encryption keys for different versions of the same object?
Yes
123
You back up your database to EBS. If doing so, amazon also recommends you back the database to ...
S3
124
Can s3 automatically rotate a user provided encryption key?
No it mist be done manually be the client
125
You want to save money on multi part uploads. How to do this?
Create a life cycle policy to automatically delete failed multipart uploads
126
You should use multipart uploads if a file is bigger than
100mb
127
You don’t know the size of a file that’s being uploaded to s3. Should you use multipart upload?
Yes
128
Offload All Assets to S3. Is this a key concept of high performance architecture
You bet your sorry ass it is!
129
S3 objects are immutable. What does this mean?
The only way to change a single byte, is to replace the whole object.
130
Does an s3 legal hold have a retention period?
No it’s indefinite. Until it is removed.
131
Describe an s3 legal hold
Prevents an object being overwritten or deleted, for as long as the lock is on the object.
132
You need to audit the encryption status, and the replication details of objects in an s3 bucket. How to do this?
S3 Inventory
133
How can you query S3 inventory?
Athena
134
What does s3 inventory do?
Allow you to export inventory reports of all items in a bucket.
135
Does s3 allow you to upload an already encrypted object?
Yes
136
To reduce latency to s3 users in different geographical locations use...
CRR - across Region Replication
137
You need to transfer large amounts of content to s3. You can’t use snowball and you don’t have a dedicated connection. What could you use?
S3 and transfer acceleration.
