S3

Question 1

What is the total volume of data and the number of objects that can be stored in S3?

Answer 1

Unlimited

Question 2

What is the maximum size per object that can be stored in s3?

Answer 2

S3 objects can range in size from a minimum of 0 bytes to a maximum
of 5 terabytes.

Question 3

S3 basics.

Answer 3

1. Universal Namespace
   All AWS accounts share the S3 namespace.
   Each S3 bucket name is globally unique.
2. Example S3 URLs
   https://bucket-name.s3.Region.amazonaws.com/key-name
   https://acloudguru.s3.us-east-1.amazonaws.com/Ralphie.jpg
3. Uploading Files
   When you upload a file to an S3 bucket, you will receive an
   HTTP 200 code if the upload was successful

Question 4

what are the attributes of an object in S3?

Answer 4

• Key: The name of the object(e.g., Ralphie.jpg)
• Value: The data itself, which is made up of a sequence of bytes
• Version ID: Important for storing multiple versions of the same object
• Metadata: Data about the data you are storing (e.g., content-type, last-modified, etc.)

Question 5

What is Strong Read-AfterWrite Consistency?

Answer 5

• After a successful write of a new object (PUT) or an overwrite of an existing object, any subsequent read request immediately receives the latest version of the object.
• Strong consistency for list operations, so after a write, you can immediately perform a listing of the objects in a bucket with all changes reflected.

Question 6

Object ACLs vs. Bucket Policies

Answer 6

Object ACLs work on an individual object level.
Bucket policies work on an entire bucket level.

Question 7

What are the 5 advantages of versioning?

Answer 7

• All Versions: All versions of an object are stored in S3. This includes all writes and even if you delete an object.
• Backup: Can be a great backup tool.Cannot Be Disabled: Once enabled,
  versioning cannot be disabled — only suspended.
• Lifecycle Rules: Can be integrated with lifecycle rules.
• Supports MFA: Can support multi-factor authentication.

Question 8

Describe S3 Standard.

Answer 8

1. High Availability and Durability
   Data is stored redundantly across multiple
   devices in multiple facilities ( >=3 AZs):
   * 99.99% availability
   * 99.999999999% durability (11 9’s)
2. Designed for Frequent Access
3. Suitable for Most Workloads
   * The default storage class.
   * Use cases include websites, content distribution, mobile
   and gaming applications, and big data analytics.

Question 9

Describe S3 Standard-IA

Answer 9

S3 Standard-Infrequent Access
- Used for data that is accessed less frequently but requires rapid access
when needed.
- There is a low per-GB storage price and a per-GB retrieval fee.
- Great for long-term storage, backups, and as a data store for disaster recovery files.

99.9% Availability
99.999999999% 11 9’s) Durability

Question 10

Describe S3 ONE ZONE- IA

Answer 10

Like S3 Standard-IA, but data is stored redundantly
within a single AZ.
* Costs 20% less than regular S3 Standard-IA
* Great for long-lived, infrequently accessed, non-critical data

99.5% Availability
99.999999999% 11 9’s) Durability

Question 11

Describe S3 Intelligent-Tiering

Answer 11

Frequent and Infrequent Access

Automatically moves your data to the most cost-effective tier based on how frequently you access each object.

Monthly fee of $0.0025 per 1,000 objects

99.99% Availability
99.999999999% 11 9’s) Durability

Question 12

What are 3 Glacier Options?

Answer 12

OPTION 1
Glacier Instant Retrieval
Provides long-term data archiving with instant
retrieval time for your data.

OPTION 2
Glacier Flexible Retrieval
Ideal storage class for archive data that does not require immediate access but need the flexibility to retrieve large sets of data at no cost, such as backup or disaster recovery use cases.
Can be minutes or up to 12 hours.

OPTION 3
Glacier Deep Archive
Cheapest storage class and is designed for customers that retain data sets for 7-10 years or longer to meet customer needs and regulatory compliance requirements. The standard retrieval time is 12 hours, and the bulk retrieval time is 48 hours.

ALL
99.99% Availability
99.999999999% 11 9’s) Durability

Question 13

What Is Lifecycle Management?

Answer 13

Lifecycle management automates moving your objects between the
different storage tiers, thereby maximizing cost effectiveness.

Question 14

How can be Combined Lifecycle Management with Versioning?

Answer 14

You can use lifecycle management to move different
versions of objects to different storage tiers.

Question 15

What is S3 Object Lock?

Answer 15

You can use S3 Object Lock to store objects using a write once, read
many (WORM model. It can help prevent objects from being deleted or modified for a fixed amount of time or indefinitely.

You can use S3 Object Lock to meet regulatory requirements that require WORM storage, or add an extra layer of protection against object changes and deletion.

Question 16

What are S3 OBJECT LOCK MODES?

Answer 16

Governance Mode
In governance mode, users can’t overwrite or delete an object version or alter its lock settings unless they have special permissions.
With governance mode, you protect objects against being deleted by most users, but you can still grant some users permission to alter the retention settings or delete the object if necessary.

Compliance Mode
In compliance mode, a protected object version can’t be overwritten or deleted by any user, including the root user in your AWS account. When an object is locked in compliance mode, its retention mode can’t be changed and its retention period can’t be shortened. Compliance mode ensures an object version can’t be overwritten or deleted for the duration of the retention period.

Question 17

What is Retention Periods in S3 OBJECT LOCK?

Answer 17

A retention period protects an object version for a fixed amount of time. When you place a retention period on an object version, Amazon S3 stores a timestamp in the object version’s metadata to indicate when the
retention period expires.

After the retention period expires, the object version can be overwritten or deleted unless you also place a legal hold on the object version.

Question 18

What is Legal Holds in S3 OBJECT LOCK?

Answer 18

Legal Holds
S3 Object Lock also enables you to place a legal hold on an object version. Like a retention period, a legal hold prevents an object version from being overwritten or deleted. However, a legal hold doesn’t have an associated retention period and remains in effect until removed.
Legal holds can be freely placed and removed by any user who has
the s3:PutObjectLegalHold permission

Question 19

What is Glacier Vault Lock?

Answer 19

S3 Glacier Vault Lock allows you to easily deploy and enforce compliance controls for individual S3 Glacier vaults with a vault lock policy. You
can specify controls, such as WORM, in a vault lock policy and lock the policy from future edits. Once locked, the policy can no longer be
changed.

Question 20

What are types of encryption in S3?

Answer 20

Encryption in Transit
* SSL/TLS
* HTTPS

Encryption at Rest: Server-Side Encryption
- SSE-S3 S3-managed keys, using AES 256-bit encryption
* SSE-KMS AWS Key Management Service-managed keys
* SSE-C Customer-provided keys

Encryption at Rest: Client-Side Encryption
You encrypt the files yourself before you upload them to S3.

Question 21

How to enforce server-side encryption?

Answer 21

1. • x-amz-server-side-encryption
     If the file is to be encrypted at upload time,
     the x-amz-server-side-encryption
     parameter will be included in the request
     header.
2. Two options
   server-side-encryption: AES256 SSE-S3  S3-managed keys)
   x-amz-server-side-encryption: aws:kms SSE-KMS  KMS-managed keys)

3.
When this parameter is included in the header of the PUT request, it tells S3 to
encrypt the object at the time of upload,
using the specified encryption method.

Question 22

What is S3 Performance?

Answer 22

S3 has extremely low latency. You can get the first byte out of S3 within 100-200 milliseconds.

You can also achieve a high number of requests: 3,500 PUT/COPY/POST/DELETE and 5,500 GET/HEAD requests per
second, per prefix.

Question 23

How can we get better S3 Performance?

Answer 23

1. You can get better performance by spreading your reads across different prefixes. For example, if you are using 2 prefixes, you can achieve 11,000 requests per second.
2. If we used all 4 prefixes in the last example, you would achieve 22,000 requests per second.

Question 24

What are the S3 LIMITATIONS WHEN USING KMS?

Answer 24

• If you are using SSE-KMS to encrypt your objects in S3, you must keep in
  mind the KMS limits. Limitations with KMS
• When you upload a file, you will callGenerateDataKey in the KMS API.
• When you download a file, you will call Decrypt in the KMS API.

Question 25

What are Multipart Uploads?

Answer 25

• Recommended for files over 100 MB
• Required for files over 5 GB
• Parallelize uploads (increases efficiency)

Question 26

What is S3 Byte-Range Fetches?

Answer 26

• Parallelize downloads by specifying byte ranges.
• If there’s a failure in the download, it’s only for a specific byte range.

Question 27

What is S3 replication?

Answer 27

1. You can replicate objects from one bucket to another.
   Versioning must be enabled on both the
   source and destination buckets.
2. Objects in an existing bucket are not replicated automatically.
   Once replication is turned on, all subsequent updated objects will be replicated automatically.
3. Delete markers are not replicated by default.

Question 28

what are the s3 bucket naming rules?

Answer 28

• Bucket names must be between 3 and 63 characters long.
• Bucket names can consist only of lowercase letters, numbers, dots (.), and
  hyphens (-).
• Bucket names must begin and end with a letter or number.
• Bucket names must not be formatted as an IP address.
• Bucket names must not start with the prefix xn–.

Question 29

How many buckets can have per account?

Answer 29

By default, you can create up to 100 buckets(soft limit) in each of your AWS accounts. If you need additional buckets, you can increase your account bucket quota to a maximum of 1,000 buckets(hard limits) by submitting a service quota increase request.

Question 30

What are the restrictions to enable S3 bucket acceleration?

Answer 30

1. The bucket name must not contain periods.
2. It needs to be DNS-compatible in its naming.