Section 8: S3

Question 1

AWS S3 use

Answer 1

Data storage

Question 2

S3 buckets are similar to

Answer 2

Directories

Question 3

S3 Objects are

Answer 3

Files

Question 4

S3 object keys are

Answer 4

The full path of the object within the bucket

Question 5

The 4 ways to implement S3 security

Answer 5

1) IAM Policies
2) Object Access Control List (ACL)
3) Bucket Access Control List (ACL)
4) Encryption

Question 6

S3 bucket policy can be used to

Answer 6

• Grant public access to the bucket
• Force objects to be encrypted at upload
• Grant access to another account (Cross
  Account)

Question 7

The 2 types of S3 replication are

Answer 7

1) Cross-region replication
2) Same-region replication

Question 8

The 7 S3 storage classes are

Answer 8

• Amazon S3 Standard - General Purpose
• Amazon S3 Standard-Infrequent Access (IA)
• Amazon S3 One Zone-Infrequent Access
• Amazon S3 Glacier Instant Retrieval
• Amazon S3 Glacier Flexible Retrieval
• Amazon S3 Glacier Deep Archive
• Amazon S3 Intelligent Tiering

Question 9

S3 Standard – General Purpose

Answer 9

• 99.99% Availability
• Used for frequently accessed data
• Low latency and high throughput
• Sustain 2 concurrent facility failures

Question 10

S3 Standard-Infrequent Access

Answer 10

• For data that is less frequently accessed, but requires rapid access when needed
• Lower cost than S3 Standard
• 99.9% Availability
• Use cases: Disaster Recovery, backups

Question 11

S3 One Zone-Infrequent Access

Answer 11

• For data that is less frequently accessed, but requires rapid access when needed
• Lower cost than S3 Standard
• High durability (99.999999999%) in a single AZ; data lost when AZ is destroyed
• 99.5% Availability
• Use Cases: Storing secondary backup copies of on-premise data, or data you can recreate

Question 12

Amazon S3 Glacier Storage Classes

Answer 12

• Low-cost object storage meant for archiving / backup
• Pricing: price for storage + object retrieval cost

Question 13

Amazon S3 Glacier Instant Retrieval

Answer 13

• Millisecond retrieval, great for data accessed once a quarter
• Minimum storage duration of 90 days

Question 14

Amazon S3 Glacier Flexible Retrieval

Answer 14

• Expedited (1 to 5 minutes), Standard (3 to 5 hours), Bulk (5 to 12 hours) – free
• Minimum storage duration of 90 days

Question 15

Amazon S3 Glacier Deep Archive – for long term storage

Answer 15

• Standard (12 hours), Bulk (48 hours)
• Minimum storage duration of 180 days

Question 16

S3 Intelligent-Tiering

Answer 16

• Small monthly monitoring and auto-tiering fee
• Moves objects automatically between Access Tiers based on usage
• There are no retrieval charges in S3 Intelligent-Tiering

Question 17

The 2types of S3 encryption are

Answer 17

1) Server-side Encryption (default)
2)Client-side Encryption

Question 18

Server-side Encryption occurs when

Answer 18

The server encrypts the file after receiving it

Question 19

Client-side Encryption occurs when

Answer 19

The user encrypts the file before uploading it

Question 20

IAM Access Analyzer for S3

Answer 20

• Ensures that only intended people have access to your S3 buckets
• Example: publicly accessible bucket, bucket shared with other AWS account…
• Evaluates S3 Bucket Policies, S3 ACLs, S3 Access Point Policies
• Powered by IAM Access Analyzer

Question 21

AWS Snow Family includes

Answer 21

Highly-secure, portable devices to collect and process data at the edge, and migrate data into and out of AWS

Question 22

The 3 Snow Family devices for Data Migration are

Answer 22

1) Snowcone
2) Snowball Edge
3) Snowmobile

Question 23

The 2 Snow Family devices for Edge computing are

Answer 23

1) Snowcone
2) Snowball Edge

Question 24

Snowball Edge is a

Answer 24

• Physical data transport solution: move TBs or PBs of data in or out
  of AWS
• Alternative to moving data over the network (and paying network
  fees)
• Pay per data transfer job * Provide block storage and Amazon S3
  -compatible object storage

Question 25

Snowball Edge Storage Optimized provides

Answer 25

80 TB of HDD capacity for block volume and S3 compatible object
storage

Question 26

Snowball Edge Compute Optimized provides

Answer 26

42 TB of HDD or 28TB NVMe capacity for block volume and S3
compatible object storage

Question 27

AWS Snowcone & Snowcone SSD are

Answer 27

• Small, portable computing, anywhere, rugged &
  secure, withstands harsh environments
• Light (4.5 pounds, 2.1 kg) * Device used for edge computing, storage, and data
  transfer
  and
• Can be sent back to AWS offline, or connect it to
  internet and use AWS DataSync to send data

Question 28

The Snowcone provides

Answer 28

8 TB of HDD Storage

Question 29

The Snowcone SSD provides

Answer 29

14 TB of SSD Storage

Question 30

AWS Snowmobile allows for

Answer 30

• Transfer exabytes of data (1 EB = 1,000 PB = 1,000,000 TBs)
• Each Snowmobile has 100 PB of capacity (use multiple in parallel)
• High security: temperature controlled, GPS, 24/7 video surveillance
• Better than Snowball if you transfer more than 10 PB

Question 31

Snow Family – Usage Process

Answer 31

1. Request Snowball devices from the AWS console for delivery
2. Install the snowball client / AWS OpsHub on your servers
3. Connect the snowball to your servers and copy files using the client
4. Ship back the device when you’re done (goes to the right AWS
   facility)
5. Data will be loaded into an S3 bucket
6. Snowball is completely wiped

Question 32

What is Edge Computing?

Answer 32

Process data while it’s being created on an edge location

Question 33

An edge location is an area lacking in

Answer 33

Internet access and/or computing power

Question 34

Use cases of Edge Computing

Answer 34

• Preprocess data
• Machine learning at the edge
• Transcoding media streams

Question 35

AWS OpsHub is

Answer 35

A software you install on your computer / laptop to manage your Snow Family Device

Question 36

Snowball Edge Pricing

Answer 36

You pay for device usage and data transfer out of AWS

Question 37

The two options for Snowball Edge pricing are

Answer 37

1) On-Demand
2) Committed Upfront

Question 38

AWS Storage Cloud Native Options

Answer 38

Block
File
Object

Question 39

AWS Storage Gateway is the

Answer 39

*Bridge between on-premise data and cloud data in S3
*Hybrid storage service to allow on- premises to seamlessly use the AWS
Cloud

Question 40

Amazon S3 – Summary

Answer 40

• Buckets vs Objects: global unique name, tied to a region
• S3 security: IAM policy, S3 Bucket Policy (public access), S3 Encryption
• S3 Websites: host a static website on Amazon S3
• S3 Versioning: multiple versions for files, prevent accidental deletes
• S3 Replication: same-region or cross-region, must enable versioning
• S3 Storage Classes: Standard, IA, 1Z-IA, Intelligent, Glacier (Instant, Flexible, Deep)
• Snow Family: import data onto S3 through a physical device, edge computing
• OpsHub: desktop application to manage Snow Family devices
• Storage Gateway: hybrid solution to extend on-premises storage to S3