[S3] Simple Storage Service Flashcards
S3 object-base consist of 5 properties?
- Key
- Value
- VersionID
- Metadata
- Sub-resource: Access Control Lists / Torrent
What specialty of S3 namespace?
bucket name must be ______ ;
receive _______ code
bucket name must be unique;
will receive HTTP200 code as URL
How AWS keep data consistency?
_______ for PUTS of new objects;
_______ for overwrite PUTS and DELETES
- Read after Write consistency for PUTS of new objects
- Eventual Consistency for overwrite PUTS and DELETES (take time to propagate)
What SLA on S3 availability & durability
- 99% availability
99. 999999999% durability
what feature of S3 to keep data security?
- tier storage available
- lifecycle management (intelligent)
- versioning
- encryption
- MFA delete
- secure by Access Control List & Bucket Policy
How S3 charges?
- storage size ( => 5TB)
- requests & data retrievals
- storage management
- data transfer
- Transfer Acceleration (CloudFront & Edge)
- cross region replication
How 3 type of policy to restrict bucket access?
- Bucket Policies
- Object Policies
- IAM Policies to User & Groups
How the sequence of S3 class from expensive to cheapest?
- Standard
- Infrequent Access
- Intelligent Tiering
- One Zone - IA
- Glacier
- Glacier - Deep Archive
How Encryption method of S3 being use on data when…
- Encryption at rest in server side : _______
- encryption in-transit :
- encryption on client side
- Encryption In-Transit
- SSL/TLS
- Encryption At Rest (server side)
- S3 Managed Key - SSE-S3
- AWS KMS
- Server side encryption w/ Customer Provided Keys - SSE-C
- Client side Encryption
What is S3 Lifecycle management?
- automate moving objects between different storage tiers
- can be used in conjunction with versioning
- can apply to current & previous version
What VAULT policy can apply in S3?
- S3 object lock by Write Once Read Many model include Government mode & Compliance mode
- S3 Glacier Vault Lock
you can achieve a high number of request ____ put/copy/post/delete and ___ get/head request per second per prefix
you can achieve a high number of request 3500 put/copy/post/delete and 5500 get/head request per second per prefix
in S3, by using 2 prefix, you can achieve _____ requests per second
by using 2 prefix, you can achieve 11000 requests per second
use _____ when upload file to S3;
use _____ when download file from S3
use multiparts uploads when upload file to S3;
use S3 byte-range fetches when download file from S3
____ use simple SQL expression to retrieve only subset of data in stead of retrieving entire object to get data by ___ & ___
S3 Select use SQL expression to retrieve only subset of data in stead of retrieving entire object to get data by rows & columns
____ with ____ allow highly regulated industries to run SQL query directly to Glacier to satisfy compliance as well as save on storage cost
Glacier Select with lifecycle policies allow highly regulated industries to write data directly to Glacier to satisfy compliance as well as save on storage cost
best practice with AWS Organization:
- ____ on root account & _____ on root account password
- ____ purpose on billing account
- use ______ policies on either OU or account
best practice with AWS Organization:
- MFA on root account & strong & long on root account password
- Billing purpose on billing account
- use Service Control policies on either OU or account
3 different way to share S3 bucket across account?
- Bucket ____ & IAM which apply to entire bucket;
- Bucket ____ & IAM which apply to individual object;
- _____ IAM allow programmatic & console access
3 different way to share S3 bucket across account?
- Bucket Policies & IAM which apply to entire bucket;
- Bucket ACLs & IAM which apply to individual object;
- Cross account IAM Roles allow programmatic & console access
When setup S3 bucket cross region replication,
- ____ must be enable to source & destination bucket
- file in existing bucket ____ replicated automatically
- subsequent updated files ____ replicated automatically
- ____ & ____ are not replicated
When setup S3 bucket cross region replication,
- Versioning must be enable to source & destination bucket
- file in existing bucket NOT replicated automatically
- subsequent updated files WILL replicated automatically
- delete markers & individual deleted version are not replicated
DataSync is use for
- move large amount of data from ___ to AWS
- used with ___ & ___ compatible file system
- replication can be done by ___, day or week
- require to install ____
- can use to replicate ___ to ___
DataSync is use for
- move large amount of data from on-premise to AWS
- used with EFS- & SMB- compatible file system
- replication can be done by hour, day or week
- require to install DataSync Agent
- can use to replicate EFS to EFS
What 5 options can be choose under Storage Gateway?
- File gateway
- Volume gateway
stored volumes
cached volumes - Gateway Virtual Tape Library
____ is serverless, interactive query service in S3 commonly used to analyze log data
Athena is serverless, interactive query service in S3 commonly used to analyze log data
Using ____ , you can give your federated users single sign-on (SSO) access to the AWS Management Console.
Using SAML (Security Assertion Markup Language 2.0), you can give your federated users single sign-on (SSO) access to the AWS Management Console.
what file language is policy write in?
JSON
How AWS Storage Gateway as a way of using AWS S3 managed storage to supplement on-premise storage with VPC?
it is a physical or virtual appliance that can be used to cache S3 locally at customer site
