Simple Storage Service (S3)

Question 1

What is S3?

Answer 1

It is object storage (manages data as objects rather than in file systems or data blocks) that is highly scalable and simple to use.

Question 2

What is the maximum amount of storage allowed in S3?

Answer 2

The storage is unlimited.

Question 3

What is the maximum and minimum size of a file in S3?

Answer 3

S3 objects can be between 0 bytes to a maximum of 5 terabytes

Question 4

Where are files stored in S3?

Answer 4

In buckets (which is essentially like a folder)

Question 5

Can you use the same bucket name in two different accounts?

Answer 5

No, bucket names must be globally unique across all of AWS.

Question 6

What is the format of an S3 url?

Answer 6

https://bucket-name.s3.region.amazonaws.com/key-name
https://acloudguru.s3.us-east-1.amazonaws.com/Ralphie.jpg

Question 7

What is the key of an S3 object?

Answer 7

It is the name of the object.

Question 8

What is the value of an S3 object?

Answer 8

It is the data itself, which is made up of a sequence of bytes

Question 9

What is the Version ID of an S3 object?

Answer 9

It is important for storing multiple versions of the object (when versioning is enabled).

Question 10

What is the Metadata of an S3 object?

Answer 10

Data about the data you are storing (e.g. content-type, last-modified, etc.)

Question 11

How does AWS protect your data from loss in S3?

Answer 11

It is stored across multiple devices and facilities.

Question 12

What is the percentage of availability in S3?

Answer 12

It is 99.95% to 99.99%, depending on the S3 tier

Question 13

What is the percentage of durability of S3?

Answer 13

It is designed for 99.999999999% (11-9’s)

Question 14

What is Standard S3 tier?

Answer 14

The default version of S3, where it is stored in at least 3 AZs.

It guarantees 99.99% availability and 99.999999999% durability.

It is designed for frequently accessed data and is suitable for most workloads, like websites, content distribution, mobile and gaming applications and big data analytics.

Question 15

What is Lifecycle Management in S3?

Answer 15

You define rules to automatically transition objects to a cheaper storage tier or delete objects that are no longer required after a set period of time.

It can be used in conjunction with versioning where it can be applied to current versions or previous versions of objects.

Question 16

What are the ways you can secure your data in S3?

Answer 16

1. Server-side encryption (default encryption on a bucket to encrypt all new objects when they are stored in the bucket)
2. Access Control Lists (ACLs) which defines which AWS accounts or groups are granted access and the type of access (and can be attached to individual objects in a bucket)
3. Bucket Policies (JSON polices applied to a bucket as a whole that are specific to what actions are allowed or denied)

Question 17

What type of data consistency can you expect from S3?

Answer 17

Strong read-after-write consistency

Question 18

If you successfully upload a file to S3, what is the HTTP status code that is returned?

Answer 18

200

Question 19

What is the difference between Access Control Lists and Bucket Policies in S3?

Answer 19

Access Control Lists work on an individual object level and bucket polices are bucket-wide and are applied on the entire bucket.

Question 20

When you create a bucket in S3, is it by default private or public?

Answer 20

It is by default private.

Question 21

What can you use to make an individual object in S3 public?

Answer 21

Object ACLs

Question 22

What can you use to make an entire bucket public in S3?

Answer 22

Bucket policy

Question 23

What type of website can be hosted in S3.

Answer 23

Only static content sites

Question 24

What are the five advantages of versioning in S3?

Answer 24

1. All versions of an object are stored (even deleted versions)
2. Can be a great backup tool
3. Once enabled, it cannot be disabled
4. It can be integrated into the lifecycle management rules
5. It supports MFA

Question 25

What storage class of S3 would you use for static websites?

Answer 25

Standard S3

Question 26

What is S3 Standard Infrequently-Accessed (S3 Standard-IA) tier?

Answer 26

It is designed for rapid access of data that is accessed less frequently.

You pay to access the data (storage and retrieval fees).

It is a great use case for long-term storage for critical data, backups and as a data store for disaster recovery files.

Question 27

What is S3 Standard One-Zone Infrequently Accessed (IA) tier?

Answer 27

Stores data redundantly within a single AZ and costs 20% less than S3 Standard-IA.

This is great for long-lived, infrequently accessed, non-critical data.

Question 28

What is S3 Intelligent Tiering tier?

Answer 28

It automatically moves your data to the most cost-effective tier based on how frequently you access each object.

Question 29

What are the S3 storage tiers?

Answer 29

1. S3 Standard
2. S3 Standard Infrequently Accessed (S3 Standard-IA)
3. S3 Standard One-Zone Infrequently Accessed (S3 Standard One Zone IA)
4. S3 Intelligent Tiering

Question 30

What are the three S3 Glacier tiers?

Question 31

What is S3 Glacier?

Answer 31

It is a cheap storage tier that is used for archiving infrequently accessed data.

Question 32

What are the three options for S3 Glacier?

Answer 32

1. Glacier Instant Retrieval (when you need to be able to instantly access the data)
2. Glacier Flexible Retrieval (when you do not require instant access of your data, may take minutes up to 12 hours, for backup or disaster recovery use cases)
3. Glacier Deep Archive (when you retain data sets for 7-10 years for regulatory compliance requirements, where retrieval time is 12 hours and bulk retrieval is 48 hours)

Question 33

What is the highest cost tier for S3?

Answer 33

S3 Standard

Question 34

If you want to optimize your costs for S3 for unknown access patterns, what storage tier would you recommend?

Answer 34

S3 Intelligent Tiering

Question 35

What storage tiers in S3 charge a retrieval fee?

Answer 35

1. S3 Infrequently Accessed
2. S3 One-Zone Infrequently Accessed
3. Glacier Deep Archive
4. Glacier Flexible Retrieval
5. Glacier Instant Retrieval

Question 36

How long can you expect to wait to retrieve files from S3 Glacier Deep Archive?

Answer 36

12 hours (up to 48 hours)

Question 37

How long can you expect to wait to retrieve files from S3 Glacier Flexible Retrieval?

Answer 37

Minutes up to 12 hours

Question 38

What is S3 Object Lock?

Answer 38

You use this to store objects in a WORM model (write-once, read many).

It can be used to prevent objects from being deleted or modified for a set period of time or indefinitely.

It can be applied to individual objects or applied across a bucket.

It is used to meet regulatory requirements that require WORM storage.

Question 39

What are the two modes of S3 Object Lock?

Answer 39

1. Governance mode (where users cannot overwrite or delete an object version or alter its setting unless they have special permission)
2. Compliance mode (no one cal overwrite or delete an object for a set period of time)

Question 40

What is a Legal Hold in S3?

Answer 40

it is a feature of S3 Object Lock that allows you to put a hold on deleting or changing a version of an object until the hold is removed (no retention period).

Question 41

What permission do you need to add and remove a Legal Hold from an object in S3?

Answer 41

s3:PutObjectLegalHold

Question 42

What is S3 Glacier Vault Lock?

Answer 42

It allows you to easily deploy and enforce compliance controls for individual S3 Glacier vaults with a vault lock policy, where you can specify controls such as WORM. Once locked, the policy can no longer be edited.

A way of applying a WORM model to Glacier.

Question 43

If you have a scenario where you need to apply a WORM (write-once, read-many) model to Glacier storage, what feature of S3 would you recommend?

Answer 43

S3 Glacier Vault Lock

Question 44

What are the three types of encryption in S3?

Answer 44

1. Encryption in transit (SSL/TLS, HTTPS)
2. Encryption at rest (server-side encryption)
3. Encryption at rest (client-side encryption)

Question 45

What are the types of server-side encryption in S3?

Answer 45

1. SSE-S3 (S3 managed keys, using AES 256-bit encryption
2. SSE-KMS (KMS managed keys)
3. SSE-C (customer provided keys)

Question 46

What are the two ways of enforcing server-side encryption in S3?

Answer 46

1. Console (select the encryption policy on your bucket)
2. Bucket Policy (e.g. create a policy that denies any S3 put request that doesn’t include x-amz-server-side-encryption request header)

Question 47

What is an S3 prefix?

Answer 47

The folders inside an S3 bucket (e.g. mybucketname/folder1/subfolder1/myfile.jpeg, the prefix would be /folder1/subfolder1)

Question 48

How does S3 prefixes improve performance?

Answer 48

Because S3 allows 3,500 PUT/COPY/POST/DELETE and 5,500 GET/HEAD requests per second, per prefix, the more prefixes you have the higher performance you will get.

Effectively spreading your reads across multiple prefixes.

Question 49

How does KMS encryption limit performance in S3?

Answer 49

KMS has built-in limits that are region specific, but roughly 5,500, 10,000 or 30,000 requests per second and with each request to put or get a file, you must encrypt or decrypt respectively.

Question 50

If you are asked a scenario where you need to apply encryption in S3, what would you recommend?

Answer 50

SS3-S3 managed encryption because it won’t run into KMS limits.

Question 51

When are multipart uploads recommended in S3?

Answer 51

For files over 100 MB, but required for files over 5 GB.

Question 52

How does multipart uploads work in S3?

Answer 52

It parallelizes uploads to increase efficiency

Question 53

If you are asked a question about how to get better upload performance of large files in S3, what would you recommend?

Answer 53

Recommend multipart uploads

Question 54

How does S3 byte-range fetches work?

Answer 54

It parallelizes downloads by specifying byte ranges

Question 55

If you are asked a question about how to get download performance of large files in S3, what would you recommend?

Answer 55

S3 byte range fetches

Question 56

What is S3 replication?

Answer 56

It’s a way of replicating objects from one bucket to another.

Question 57

What are some limitations with S3 replication?

Answer 57

1. Versioning must be enabled on both the source and destination in able to work.
2. Only newly added files will be replicated, not existing files prior to enabling replication.
3. Delete markers are replicated by default.