S3 Storage Flashcards
1
Q
What are S3 use cases?
A
- Backup / Archive
- Disaster recovery
- Hybrid cloud storage
- Application hosting
- Media hosting
- Big data
- Software delivery
- Static web site
2
Q
S3 Overview - Buckets
A
- Objects (files) stored in buckets
- Buckets have globally unique name
- Defined at region level - but stored in 3 AZs
- Follow naming convention
3
Q
S3 Overview - Objects
A
- Objects (files) have a key
- Key is the full path: bucket + file name
s3: //my-bucket/m-file.txt - There are no folders/directories in buckets, just looks that way
4
Q
How are S3 buckets secured ?
A
- User based (IAM policies, user with AWS account)
- Resource based - bucket policies (allow public access, cross account access)
- Access by EC2 instance requires IAM role
- Encryption
5
Q
What security/control is based on S3 Bucket Policies ?
A
- JSON based
- Grant public access
- Force encryption at upload
- Grant cross account access
6
Q
S3 Web Site
A
- Setting to use as web site
- URL: .s3-website-.amazon.aws.com
- Make sure bucket policy allow for public access or else 403 error happens
7
Q
S3 Versioning
A
- Enabled at bucket level
- Version incremented at overwrite
- Versioning is best practice
- Delete markers
- null version for files added before enabling versioning
- Suspending versioning does not delete previous entries
8
Q
What are S3 Access Logs
A
- Used for access/request auditing
- a ‘data’ bucket is configured to use a ‘logging’ bucket (use Edit Server Access Logging to enable)
- logs are written to logging bucket and analysed using AWS tools
9
Q
What are types of S3 replication and use cases?
A
- CRR - Cross Region Replication
- use: compliance, across accounts, lower latency
- SRR - Same Region Replication
- use: log aggregation, live replication between prod and test
- must enable versioning in source and target buckets
- must have proper IAM permissions
10
Q
What are the S3 Storage Classes
A
- S3 Standard - General purpose
- S3 Standard - Infrequent Access (IA)
- S3 One Zone - Infrequent Access
- S3 Intelligent Tiering
- Glacier
- Glacier Deep Archive
11
Q
S3 Durability / Availability
A
- High durability across all classes
- Availability varies on class
12
Q
S3 Standard Use Case
A
- 99.99% Availability
- Frequently accessed data
- low latency / high throughput
- sustain 2 concurrent facility failures
- Big data analytics, mobile and gaming, content distribution
13
Q
S3 Standard - Infrequent Access
A
- 99.9% Availability
- For data that is less frequently accessed, but requires rapid access when needed
- Lower cost, but has retrieval fee
- Stored in multiple AZ’s
- Use: disaster recover. Backups
14
Q
S3 Intelligent Tiering
A
- 99.9% Availability
- Low latency / high throughput like S3 standard
- Moves between 2 access tiers - S3 Standard and S3 Standard IA
- Good for backups / disaster recovery files
- Cost optimized - automatically moves objects based on access patters (frequent access/Infrequent access)
- No retrieval fees
15
Q
S3 One-Zone Infrequent Access
A
- 99.5 availability (lower because in single AZ, not redundant)
- Same as IA but single AZ
- Lower cost that Standard IA
- Use: storing secondary backup, data that can be recreated
