S3 Flashcards
What is the total amount of storage you get with S3?
Unlimited
Objects stored in S3 can be up to _____ in size.
5 TB
Names of S3 buckets need to be unique…
a) within the AZ
b) within the region
c) globally
c) globally
What is the default s3 storage class?
S3 Standard
What does S3 Lifecycle Management do?
It automates moving objects between different storage tiers, thereby optimizing costs.
What are 3 ways to secure your data in S3?
- Server-Side Encryption
- Access Control Lists (ACLs)
- Bucket Policies
Object ACLs work on:
a) an individual object level
b) an entire bucket level
a) an individual object level
TRUE or FALSE?
S3 buckets are private by default
TRUE
TRUE or FALSE?
Once enabled, S3 versioning cannot be disabled.
TRUE - versioning can only be suspended
How can you prevent objects in S3 from being accidentally deleted?
Enable MFA
If versioning is turned on, how do you restore a deleted S3 object?
Delete the delete marker.
What are some possible use cases for S3 Standard - Infrequently Accessed? (3)
Backups
Long-term storage
Disaster recovery files
TRUE or FLASE?
S3 Standard - IA provides rapid access
TRUE
What kind of data is S3 One Zone Infrequent Access best used for? (3 things)
Long-lived, infrequently accessed, non-critical data
What S3 storage class would you use if you have both frequent and infrequently accessed data?
S3 Intelligent Tiering
What storage service would you use to archive your data?
Glacier
What are the 3 Glacier storage options?
Glacier Instant Retrieval
Glacier Flexible Retrieval
Glacier Deep Archive
What is the cheapest storage class?
Glacier Deep Archive
Retrieval time from Glacier Flexible Retrieval can be from a few minutes up to ___ hours.
12 hours
TRUE or FLASE?
S3 Lifecycle Management can only be applied to current versions of objects.
FALSE - can be applied to current and previous versions.
What’s the difference between Governance mode and Compliance mode S3 Object Lock Modes?
In Governance mode, some users have special permissions that allow them to overwrite or delete an object version or change the lock settings.
In Compliance mode no one has these permissions, not even the root user.
What’s the difference between a legal hold and a retention period?
A legal hold doesn’t have a time period associated with it. It remains in effect until removed.
What is the WORM model?
Write Once Read Many
What does Glacier Vault Lock do?
Applies the WORM model to Glacier
TRUE or FALSE?
S3 Object Lock can only be applied to the bucket as a whole.
FALSE - it can be applied on the bucket or individual object level.
How can you get better performance out of S3 in terms of reads?
Spread the reads across different prefixes.
How can you increase performance when uploading files to S3?
Use multipart uploads. (This takes a big file, splits it into parts, and uploads them in parallel.)
How can you increase performance when downloading to S3?
Use S3 Byte-Range Fetches
What is an S3 prefix?
The folders and subfolders in the S3 bucket.
TRUE or FALSE?
With S3 Standard-IA, accessing the data is free.
FALSE
How long does it take to retrieve your data from Glacier Flexible Retrieval?
A few minutes to 12 hours.
What’s the standard retrieval time for Glacier Deep Archive?
12 hours
What’s the bulk retrieval time for Glacier Deep Archive?
48 hours
If a question asks about WORM and S3, think of…
S3 Object Lock
If a question asks about WORM and Glacier, think of…
S3 Glacier Vault Lock
Who can place and remove legal holds?
Any user who has the s3:PutObjectLegalHold permission.
TRUE or FALSE?
All S3 buckets have server side encryption enabled by default.
TRUE
What are the three different ways to manage keys for S3 server-side encryption at rest?
S3-managed
Managed with KMS
Customer managed
