Section 13: Advanced Amazon S3

Question 1

**

Can you transition objects between storage classes?

Answer 1

Yes

Question 2

What are these lifecycle things called?
___
A) Configure obejcts to transition to another storage class.
* Move objects to Standard IA class 60 days after creation
* move to Glacier for achiving after 6 months

___
B) Configure objects to expire (delete) after some time
* access log files can be set to delte after 365 days
* can be used to delete old versions of files (if versioning is enabled)
* can be used to delete incomplete multi part uploads

Answer 2

• A) Transition Actions
• B) Expiration actions

Question 3

On S3 Lifecycle Rules are these true?:
* A) Rules can be created for a certain prefix (ex: s3://mybucket/mp3/*)
* B) Rules can be created for certain object Tags (Department: Finance)
* C) Rules can be created for certain suffixes (ex: s3://mybucket/mp3/.jpg)

(honestly i don’t know how much you should worry about this one. The link on the answers page explains idk more of how these rules are categorized and stuff.)

Answer 3

I think, though am not certain, that you cannot create rules for suffixes. That would mean C is false.

To be clear, the suffix is .jpg. The prefix would be everything between s3://mybucket and .jpg.
Per https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html

Question 4

Which, if any, of the following S3 bucket lifecycle rule actions are fake?

• A) Move current versions of objects between storage classes
• B) Move noncurrent versions of objects between storage classes
• C) expire current versions of objects
• D) permanently delete current versions of objects
• E) permanently delete noncurrent versions of objects
• F) delete expired object delete markers or incomplete multipart uploads

Answer 4

D is fake.

Question 5

Your app on ec2 creates image thumbnails after profile photos are uploaded to amazon s3. These thumbnails can be easily recreated and only need to be kept for 60 days. THe soruce images should be able to be immediately retrieved for these 60 days, and afterwards, the user can wait up to 6 hours. How would you design this?

Answer 5

• S3 source images can be on Standard with a lifecycle configuration to transition them to Glacier after 60 days
• S3 thumbnails can be on One-Zone IA with a lifecycle configuration to expire them (delete them) after 60 days

Question 6

In “One-Zone IA”, what does “IA” stand for?

Answer 6

Infrequent Access

https://aws.amazon.com/about-aws/whats-new/2018/04/announcing-s3-one-zone-infrequent-access-a-new-amazon-s3-storage-class/

Question 7

A rule in your company states that you should be able to recover your deleted S3 objects immediately for 30 days, although this may happen rarely. After this timte, and for up to 365 days, deleted obejcts should be recoverable within 48 hours. What do you reccommend?

Answer 7

• Enable S3 Versioning in order to have pbject versions, so that “deleted objects” are in fact hidden by a “delete marker” and can be recovered.
• Transition the “noncurrent versions” of the object to Standard IA
• Transition afterwards the “noncurrent versions” to Glacier Deep Archive

Question 8

What can you use to help you determine when you should move things to Standard and Standard Infrequent Access storage classes?

Answer 8

S3 Analytics. It sits on top of your S3 Bucket (whatever, basically, it’s connected to your S3 bucket and analyzes it). It makes recommendations (a cute little csv file) for when something could be Standard and Standard IA. This does not work for One-Zone IA or Glacier (not sure if he’s saying that the recommendations won’t be made for those things, or if he’s saying that if you’re on One-Zone IA or Glacier, then S3 can’t run). I kind of think both, actually. Report is updated daily. 24-48 hours to see analysis. Good first step to creating Lifecycle Rules.

Question 9

S3 Event Notifications. Which of hte following, if any, is false. If any are false, what is/are the true versions?

• A) S3:ObjectCreated,S3:ObjectPermanence S3:ObjectRemoved,S3:ObjectRestore,S3:Replication
• B) Object name wildcard filtering (*.jpg) possible
• C) use case: generate thumbnails of images uploaded to S3
• D) Can carete as many S3 events as desired
• E) S3 event notifications deliver events usually in seconds, occassionally in minutes.

Answer 9

A) is false. The true version is

S3:ObjectCreated,S3:ObjectRemoved,S3:ObjectRestore,S3:Replication

Subsection 136: S3 Event Notifiactions

Question 10

You don’t need IAM Roles for S3 Event Notifications

Answer 10

This is actually True!!! Another card goes into the details.

Question 11

S3 Event Notifications get IAM Permissions through their own special resource (aka access) policies.

Answer 11

True

Question 12

True/False. CloudWatch, SNS, SQS, and Lambda are all things that can be used to create S3 Event notifications.

If false, what’s the correct list?

Answer 12

SNS, SQS, and Lambda Functions can be used to create S3 Event Notifications

Question 13

True/False: The names of the resource policies that can be used to create S3 Event Notifications are: (if false, what is the correct version?)

• CloudWatch Resource Policy
• SNS Resource Policy
• Lambda Resource Policy
• SQS Resource Plicy

Answer 13

• SNS Resource Policy
• Lambda Resource Policy
• SQS Resource Policy

Question 14

True/False: This is an example of an SNS Resource Policy. If false, what is the correct version?

{
“Version”: “20212-10-17”,
“Statement”: {
“Action”: “SNS:Publish”,
““Principal”: {
“Service”: “s3.amazonaws.com”
},
“Resource”: “arn:aws:sns:us-east-1:12345667435:MyTopic”,
“Condition” {
“ArnLike”: {
“aws:SourceArn”: “arn:aws:s3:::MyBucket”
}
}
}
}

Answer 14

False. It was missing “Effect”: “Allow”. Here’s the correct version.

{
“Version”: “20212-10-17”,
“Statement”: {
“Effect”: “Allow”,
“Action”: “SNS:Publish”,
““Principal”: {
“Service”: “s3.amazonaws.com”
},
“Resource”: “arn:aws:sns:us-east-1:12345667435:MyTopic”,
“Condition” {
“ArnLike”: {
“aws:SourceArn”: “arn:aws:s3:::MyBucket”
}
}
}
}

Question 15

Which of the following, if any, are false, and what is the true version. S3 Event Notifications with Amazon EventBridge

• A) advanced filtering options with JSON rules (metadata, pbject size, name)
• B) Over 100 Destinations (ex: Step Functions, Kinesis Streams / Firehose)
• C) EventBridge Capabilities (Archive, Replay Events, Reliable delivery)

Answer 15

B) Is false. The true version is that it has over 18 possible destinations. Not sure about the exact number, though I doubt that knowing the exact number is the important part.

Question 16

Is the following description true? If not, what is the true version?

EventBridge is an AWS offering that allows you to monitor an S3 object and use the info obtained through monitoring to do certain things at certain times.

events -> S3 bucket -> events -> AWS EventBridge -> Rules -> over 18 AWS services and destinations.

Answer 16

It’s true. Though honestly i’m a little fuzzy on this one.

Question 17

S3 Event Notification Types (main, not subcategories)
* s3:ObjectCreated:*
* s3:ObjectRemoved:*
* s3:ObjectRestore:*
* s3:Object:Acl:Put
* s3:ObjectTagging:*
* s3:ReducedRedundancyLostObject
* s3:Replication:*
* s3:LifecycleTransition
* s3:LifecycleExpiration:
* s3:IntelligentTiering

Answer 17

True

Question 18

If any of the following are false, what are the true versions >

• S3 automatically scales to high request rates, latency 100-200 ms
• your app can acheive at least 3500 PUT/copy/post/delete OR 5500 get/head request per second per prefix in a bucket
• no limits to number of prefixes in a bucket

Answer 18

True

Subsetion: S3 Performance

Question 19

Are any of these examples false? If so, what is the true version?
* A) bucket/folder1/sub 1/file -> prefix is /folder1/sub 1/
* B) bucket/folder1/sub2/file -> prefix is /folder1/sub2/
* C) bucket/1/file.txt -> prefix is /1/file.txt
* D) bucket/2/file.jpg -> prefix is /2/file.jpg

Answer 19

C and D are false.

True versions are:
* C) bucket/1/file.txt -> prefix is /1/
* D) bucket/2/file.jpg -> prefix is /2/

Question 20

True/False about S3 Multi part upload:
* recommended for files > 100 MB.
* Must use for files greater than 5 GB.
* can help parallelize uploads

Question 21

T/F about S3 Transfer Acceleration
* S3 Transfer Acceleration: increase transfer speed by transferring file to an aws edge locaiton which will forward the data to the s3 bucket in the target region
* compatible with multi part upload

Question 22

S3 Byte Range Fetches

• Paralleize GETs by requesting specific byte ranges
• better resilience in case of failures
• Can be used to retrieve only partial data (ex: request a header)

Question 23

True/False. If false, what is the true version?

• A) Transfer Acceleration: Good for downloads
• B) Byte Range Fetches: good for uploads

Answer 23

They’re both false. Here are the true versions.
* A) Transfer Acceleration: Good for uploads
* B) Byte Range Fetches: good for downloads

Question 24

T/F. If any false, what are true versions.

S3 Select and Glacier Select
* A) Retrieve less data using SQL by performing server side filtering.
* B) Can filter by rows and columns
* C) less network transfer, less CPU cost client side
* D) AWS claims it’s up to 400% slower and 80% cheaper to use S3 Select than not to use it

Answer 24

D is false. AWS claims it’s up to 400% faster and 80% cheaper to use S3 select

Question 25

Which of the following, if any, are false, and what is the true version
**User Defined OBject MEtadata and S3 Object Tags
**
User defined object metadata
* A) when uploading an object, you can also assign metadata
* B) name-value (key value) pairs
* C) user defined metadata names must begin with “x-aws-meta”
* D) S3 stores user-defined metadata keys in lowercase
* E) metadata can be retrieved while retreiving the object
S3 obejct tags
* key value pairs for objects in S3
* useful for fine grained permissions
* useful for analytics purposes

Answer 25

C) is false.

correct version is

“x-amz-meta”. Weird, huh?

S3 OBject Tags and Metadata

Question 26

True/false

As a bonus, you can use S3 user defined object metadata and s3 object tags to filter/search for objects!

Answer 26

False. You cannot serach the object metaata or object tags.

Question 27

If you want to search your S3 bucket, you must use an external DB as a search index. You would put all this metadata/tagsinto this external DB and then performance your search on dynamoDB.

Common exam question. Not sure why. It was the last moment of content on this subsection. so go back and look at it again if you’re not sure.

Answer 27

True

S3 object tags and metadata

Question 28

Answer 28

C) S3 Event Notifications.

No notes on correct or incorrect answers.

Question 29

Answer 29

A) S3 life cycle rules - expiration actions

No notes on correct or incorrect answers.

Question 30

Answer 30

C) S3 Lifecycle rules

No notes on correct or incorrect answers.

Question 31

Answer 31

Correct answer
* B) Use an S3 Lifecycle policy to automate old/unfinished parts deletion. no notes.

Incorrect answer with notes:
* A) Use AWS Lambda to loop on each unfinished part and delete them.
* Notes: This would work but it includes a lot of manual work and will cost you more money.

Question 32

Answer 32

B) the one that metions Byte Range Fetch

No notes on correct or incorrect answers.

Question 33

Answer 33

A) Multi part upload and Transfer Acceleration

No notes on correct or incorrect answers.

Question 34

Answer 34

B) S3 Select

No notes on correct or incorrect answers.