S3 5 Flashcards

1
Q

Access Points

What are S3 access points?

A

Separate DNS for S3 bucket

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Access Points

Why use access points?

A

Can have the DNS apply only to subset of objects, use a separate Policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Access Points

What’s the typical use case for this?

A

Single bucket used by many teams, all with different prefixes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Access Points

What’s the security value prop of using Access Points?

A

No single, complicated bucket policy: each Access Point has simpler, focused policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Access Points

What is the AWS CLI command to create S3 access points (important!)?

important

A

aws s3control create-access-point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Access Points

Access Point policy is functionally equivalent to what?

A

Bucket Policy (can do all the same things)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Access Points

What’s the big security hole with Access Points?

A

Can just skip it and talk to S3 directly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Access Points

If there’s a security hole, why use Access Points?

A

Access Points are about splitting up huge bucket policies, not security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Access Points

Access Point allows PutObject, Bucket policy doesn’t. What happens?

A

Not granted. Access Points “fit into” the bucket policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Access Points

If bucket policy needs perms, why bother with Access Points?

A

Leave bucket policy wide open (or at lest much wider) than Access Points, but don’t allow direct access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Access Points

Can you use S3 Access Points with VPC Endpoints?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Access Points

Access Point + VPC Endpoint secure?

A

Can be: Access Point condition requiring access from VPC Endpoint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly