S3 Flashcards

1
Q

What does S3 stand for?

A

Simple Storage Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Amazon S3?

A

A secure, durable, highly scalable object storage for developers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What type of storage does S3 provide?

A

Object-based, where an object is a file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the size range for an S3 object?

A

0 bytes to 5 TB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the limit on S3 storage?

A

Unlimited

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are objects stored in?

A

Buckets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Can two S3 buckets from different users, in different regions, hold the same name?

A

Buckets must have globally unique names (S3 is a universal namespace)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which code is received if the upload of a file to S3 is successful?

A

HTTP 200

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What do objects consist of? (5)

A
  • Key
  • Value
  • Version ID
  • Metadata
  • Subresources
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the key of an object?

A

The name of the object

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the value of an object?

A

The data, made up in a sequence of bytes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the metadata of an object?

A

Data about the data you’re storing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the subresources of an object? (3)

A
  • Subordinates to objects
  • Subresources do not exist on their own, must always be associated with another entity
  • Subresources associated with S3 objects: access control lists & torrents
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How do you control access to buckets? (2)

A
  • A bucket access control list (ACL)

- Bucket policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is S3 not suitable for? (2)

A
  • Installation of an operating system

- Hosting a database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How does data consistency work for S3? (2)

A
  • Read after write consistency for PUTS of new objects

- Eventual consistency for overwrite PUTS and DELETES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What level of data consistency is achieved when uploading a new file?

A

Read after write consistency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What level of data consistency is achieved when overwriting/updating/deleting an existing file?

A

Eventual consistency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What does read after write consistency mean?

A

The file can be read straight after writing it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What does eventual consistency mean? (2)

A
  • If you overwrite/update/delete an existing file, you might get v1 or v2 when you read it straight away
  • But after waiting a period of time the file will be consistent and you’ll only get v2
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What does it mean to PUT an object?

A

To upload, overwrite or update that object

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What level of availability does Amazon S3 Standard guarantee?

A

99.9% availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What level of durability does Amazon S3 Standard guarantee?

A

99.99999999999% durability (11 9s)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What are the features of S3 Standard? (2)

A
  • Stored redundantly across multiple devices in multiple facilities
  • Designed to sustain the loss of 2 facilities concurrently
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What are the features of S3 - IA (Infrequently Accessed)? (3)

A
  • Data accessed less frequently, but requires rapid access when needed
  • Lower fee than S3
  • Charged a retrieval fee
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What are the features of S3 One Zone - IA? (2)

A
  • Low cost option for infrequently accessed data

- Data that does not require multiple availability zone resilience

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What are the features of S3 - Intelligent Tiering? (2)

A
  • Cost-effective option

- Uses machine learning to automatically move data to the most cost-effective tier without performance impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What are the features of S3 Glacier? (2)

A
  • Secure, durable, low-cost storage for data archiving

- Configure retrieval time from minutes to hours

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What are the features of S3 Glacier Deep Archive? (2)

A
  • S3’s lowest cost storage class

- A retrieval time of 12 hours is acceptable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

How many availability zones is the data stored on for all S3 storage classes bar S3 One Zone - IA?

A

At least three

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Which storage classes charge a retrieval fee?

A

S3 Standard - IA, S3 One Zone - IA, S3 Glacier, S3 Glacier Deep Archive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What is first byte latency?

A

How quickly you’ll be able to access your data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What factors affect the charge for S3 storage? (7)

A
  • Storage volume
  • Region
  • Requests
  • Storage management
  • Data transfer
  • Transfer acceleration
  • Cross region replication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

How does transfer acceleration work? (3)

A
  • Users upload files to the edge location rather than the bucket itself
  • As data arrives at an edge location, it is routed to the S3 bucket over an optimised network plan
  • Takes advantage of Amazon’s CloudFront globally distributed edge locations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What are the permissions on a bucket by default?

A

Private

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Do bucket policies and access control lists apply changes at a bucket level, object level, or both? (2)

A
  • Bucket policies apply changes at a bucket level only

- Access control lists apply changes at a bucket and object level

37
Q

How can you log all requests made to an S3 bucket?

A

Configure your bucket to create access logs

38
Q

Can you send access logs to a bucket in a different account?

A

Yes

39
Q

What is encryption in transit?

A

Any data intercepted as it travels to or from Amazon S3 is protected by encryption

40
Q

What is encryption at rest?

A

Data sat in a folder/bucket is encrypted

41
Q

How is encryption in transit achieved?

A

Using HTTPS and Secure Sockets Layer (SSL)/Transport Layer Security (TLS)

42
Q

What are the three types of server side encryption at rest for S3 and their differences? (6)

A
  • S3 Managed Keys (SSE-S3): Amazon manage the keys for you
  • AWS Key Management Service (SSE-KMS): Customer manages the keys together with Amazon
  • Server side encryption with customer provided keys (SSE-C): Customer provided keys
43
Q

What is a key?

A

A way of decrypting and recrypting an object

44
Q

What is client side encryption?

A

The customer encrypts the object, then upload it to S3

45
Q

Can you disable S3 versioning, once enabled?

A

Once enabled, versioning cannot be disabled, only suspended

46
Q

If you upload a new version of an object, does it hold the same permissions at the older versions?

A

No, all new versions are private

47
Q

Do the permissions of older version of an object change upon uploading new versions?

A

No, the permissions of older versions don’t change

48
Q

What is the size of a bucket containing objects with versioning enabled?

A

Size of bucket = size(new versions) + size(all old versions)

49
Q

How can you provide an additional layer of security using S3 versioning?

A

Using the multi-factor authentication (MFA) delete capability of S3 version control

50
Q

What occurs when you press delete on a file with versions enabled?

A

You’ve placed a delete marker on the file, not actually deleted it

51
Q

How do you restore a version-control-enabled file that you’ve pressed the delete button of?

A

Press delete on its delete marker to restore it to the latest version

52
Q

What happens if you press delete on a version of a file with versions enabled?

A

This actually deletes the selected version

53
Q

If you enable cross-region replication (CRR), does it replicate existing objects in the bucket?

A

No, only objects uploaded after the CRR is set up

54
Q

If you delete an object in a bucket with CRR enabled, is the delete market replicated to the CRR bucket?

A

No, the delete marker is not replicated

55
Q

If you delete a version of an object in a bucket with CRR enabled, is the version deleted in the CRR bucket?

A

No, the latest version remains in the CRR bucket

56
Q

What needs to be enabled in both the source and destination bucket to allow cross-region replication?

A

Versioning must be enabled for CRR

57
Q

What is CloudFront?

A

A fast content delivery network (CDN) service

58
Q

What is a content delivery network? (4)

A

A system of distributed servers (network) that delivers webpages and other web content to a user based on:

  • Geographic location of the user
  • Origin of the webpage
  • Content delivery server
59
Q

What is an origin? Provide four examples of origins (5)

A

The origin of all the files the content delivery network (CDN) will distribute. Can be a:

  • S3 bucket
  • EC2 instance
  • Elastic load balancer
  • Route53
60
Q

What is a distribution? Give two types of distributions and their uses (3)

A
  • A distribution tells CloudFront where you want content to be delivered from & the details of how to track and manage content delivery
  • Web distributions: used for websites
  • Real-time messaging protocol (RTMP) distributions: used for media streaming
61
Q

Can you write to edge locations?

A

Yes

62
Q

How long are objects cached for in endpoints, using CloudFront?

A

For the life of the time to live (TTL), in seconds

63
Q

Can you clear cached objects?

A

Yes, but you will be charged

64
Q

What is Amazon Snowball?

A

A petabyte-scale data transport solution which uses secure appliances to transfer large amounts of data into and out of AWS

65
Q

What are the features of Amazon Snowball? (2)

A
  • Low-cost, large scale data transfer: 1/5th of the cost of high-speed internet
  • Multiple layers of security (tamper-resistant enclosures, encryption, full chain-of-custody)
66
Q

What is Amazon Snowball Edge? (2)

A
  • A 100 TB data transport solution which uses secure appliances to transfer large amounts of data into and out of AWS
  • Also provides local compute, processing and storage capabilities
67
Q

What is the difference between Snowball and Snowball Edge?

A

Snowball Edge provides local compute, processing and storage capabilities in addition to data transfer, while a Snowball is purely a data transfer device

68
Q

When would you use a Snowball Edge rather than a Snowball? (3)

A
  • As a temporary storage tier for large local datasets
  • To support local workloads in remote or offline locations
  • Ensure applications continue to run even when they’re not able to access the cloud
69
Q

What can you do with multiple Snowball Edges?

A

Cluster them together to form a local storage tier?

70
Q

What is Amazon Snowmobile?

A

An exabyte-scale data transfer service - up to 100 PB per snowmobile

71
Q

What is AWS Storage Gateway? (2)

A
  • A service that provides seamless and secure integration between an organisation’s on-premises environment and AWS’s storage infrastructure
  • A virtual or physical device which replicates your data into AWS
72
Q

How do you set up a Storage Gateway? (3)

A
  • Download and install the virtual machine image OR deploy the dedicated hardware appliance
  • Select an interface
  • Assign local cache capacity
73
Q

What are the three different types of Storage Gateway? (3)

A
  • File Gateway (NFS & SMB)
  • Volume Gateway (iSCSI)
  • Tape Gateway (VTL)
74
Q

What are the different types of Volume Gateway? (2)

A
  • Stored Volumes

- Cached Volumes

75
Q

How does a File Gateway work? (3)

A
  • Files are stored as objects in your S3 buckets
  • Accessed through a Network File System (NFS) mount point
  • Once objects are transferred to S3 they are treated as native S3 objects
76
Q

How does a Volume Gateway work? (2)

A
  • Presents your applications with disk volumes using the iSCSI block protocol
  • Data written to these volumes can be asynchronously backed up as snapshots of your volumes
77
Q

What does it mean to back up data asynchronously?

A

Data is not immediately backed up after the primary storage acknowledges write complete - this happens over a period of time

78
Q

What are snapshots of a volume?

A

Incremental backups which only capture changed blocks

79
Q

How are snapshots of a volume stored?

A

As Amazon EBS snapshots

80
Q

What are Stored Volumes? (2)

A
  • Volume Gateways which store all primary data locally

- All data is asynchronously backed up to S3 as EBS snapshots

81
Q

What are the benefits of Stored Volumes? (2)

A
  • Provides on-premises applications with low-latency access to their entire datasets
  • Alongside durable, off-site backups
82
Q

How do you create a Stored Volume?

A

Create storage volumes on on-premises storage hardware, then mount these storage volumes as iSCSI devices from on-premises application servers

83
Q

What is the volume range for Stored Volumes?

A

1 GB - 16 TB

84
Q

What are Cached Volumes? (2)

A
  • Volume Gateways which store all primary data in S3

- Only frequently accessed data is retained locally in your storage gateway

85
Q

What are the benefits of Cached Volumes? (2)

A
  • Minimises the need to scale on-premises storage infrastructure
  • While retaining low-latency access to frequently accessed data
86
Q

What is the volume range for Cached Volumes?

A

1 GB - 32 TB

87
Q

What is a Tape Gateway?

A

A type of Storage Gateway which uses a virtual tape library (VTL) interface to allow customers to use existing tape-based backup application infrastructure to store data on virtual tape cartridges

88
Q

What is each Tape Gateway preconfigured with? (2)

A
  • A media changer

- Tape drives