Security - Configuring data backup, replication, and recovery

Question 1

S3 - Versioning

Answer 1

• Prevents accidental deletion or overwriting of data
• It’s a snapshot of an object at a point of time
• Delete markers are used to mark files that were deleted without considering the versioning system. So the files can be unmarked by deleting that marker
• To really delete a file must delete the delete marker created
• Each version of an object can have a different retention period

Question 2

S3 - Transition rules

Answer 2

• When objects are moved into another storage class automatically
• The lifecycle rules won’t transition objects with less than 128 KB size, or with less than 30 days of storage (for specific storage classes)

Question 3

S3 - Expiration rules

Answer 3

• Define how long objects will be deleted after its creation
• Expiration of current versions: will set a delete marker on that version after a number of specific days
• Expiration of previous versions: will delete permanently that file after a number of specific days
• Expiration days must be higher than the transition days

Question 4

S3 - Cross-region replication

Answer 4

• When you create a bucket, it exists in only one region
• Replication doesn’t include existing objects
• Replication rules:
• Destination bucket will use a different encryption key than the source because it must be in another region
• Deletion of objects won’t be replicated
• Also encrypted objects won’t be replicated when a KMS key haven’t been indicated