S3 Flashcards
What is Amazon S3?
A highly scalable, durable object storage service used to store and retrieve any amount of data from anywhere on the web.
What does S3 stand for?
Simple Storage Service.
What type of storage is S3?
Object storage.
What is the basic unit of storage in S3?
An object.
What contains S3 objects?
Buckets.
What is the maximum size of a single S3 object?
5 TB.
What is the maximum size of a single PUT operation?
5 GB.
What is the maximum number of S3 buckets per account by default?
100
Name the main S3 storage classes.
S3 Standard, S3 Intelligent-Tiering, S3 Standard-IA, S3 One Zone-IA, S3 Glacier Instant Retrieval, S3 Glacier Flexible Retrieval, S3 Glacier Deep Archive.
Which S3 class is best for frequently accessed data?
S3 Standard.
Which S3 class automatically moves data between access tiers?
S3 Intelligent-Tiering.
Which S3 class stores data in a single AZ?
S3 One Zone-IA.
Which S3 class has the lowest cost for rarely accessed data?
S3 Glacier Deep Archive.
What does S3 Versioning do?
Keeps multiple versions of an object in the same bucket.
What happens when you delete a versioned object?
A delete marker is added; object is not actually deleted.
What are the two types of encryption in S3?
Server-side encryption (SSE) and client-side encryption.
Name the three SSE options in S3.
SSE-S3, SSE-KMS, SSE-C.
What is an S3 Lifecycle Policy?
A set of rules to automate transition or expiration of objects.
What are the main ways to control access to S3?
IAM policies, bucket policies, ACLs.
What is the preferred way to control access to S3?
IAM policies.
What are S3 Access Control Lists (ACLs)?
Legacy access control mechanism to grant read/write permissions.
What is a bucket policy?
A resource-based policy attached directly to a bucket.
What does ‘Block Public Access’ do?
Prevents public access to buckets and objects regardless of ACLs or policies.
What is S3 Transfer Acceleration?
Speeds up uploads and downloads using Amazon CloudFront edge locations.
What is S3 Event Notification?
Triggers notifications when certain events happen in a bucket.
What is S3 Select?
Retrieves a subset of data from an object using SQL expressions.
What is Multipart Upload?
Allows uploading parts of a large object in parallel.
What is a presigned URL?
A URL that grants temporary access to an S3 object.
Is S3 data encrypted by default?
No, but encryption can be enabled.
What is the difference between SSE-S3 and SSE-KMS?
SSE-S3 uses S3-managed keys, SSE-KMS uses customer-managed keys via KMS.
What AWS service can help monitor access to S3?
AWS CloudTrail.
How can you restrict access to S3 by IP address?
Using bucket policies with IP conditions.
How is S3 designed for durability?
99.999999999% durability over a given year (11 9s).
How can you improve S3 performance for frequent access?
Use S3 Intelligent-Tiering or caching layers.
What is the benefit of S3 Intelligent-Tiering?
Automatically optimizes costs by moving data between tiers based on access patterns.
How are S3 costs calculated?
Based on storage used, requests made, and data transferred.
Which S3 feature helps automate cost savings?
Lifecycle policies and Intelligent-Tiering.
Which class is cheapest for long-term archive?
S3 Glacier Deep Archive.
What’s a common anti-pattern with S3 versioning?
Letting versions accumulate without lifecycle policies, leading to cost increase.
What is a security anti-pattern in S3?
Leaving buckets publicly accessible without monitoring.
What’s a best practice for public content distribution from S3?
Use S3 with CloudFront for secure and fast distribution.