Simple Storage Service (S3)

Question 1

What can you analyze with Amazon S3 analytics – Storage Class Analysis?

Answer 1

• You can analyze storage access patterns to help you decide when to transition the right data to the right storage class.
• Storage class analysis only provides recommendations for Standard to Standard IA classes.

Question 2

After you configure a bucket to be a Requester Pays bucket, how do requesters show they understand that they will be charged for the request and for the data download?

Answer 2

Requesters must either include x-amz-request-payer as a header in their API request for DELETE, GET, HEAD, POST, and PUT requests, or add the RequestPayer parameter in their REST request.

Question 3

How can access log information be useful?

Answer 3

• security and access audits.
• can help you learn about your customer base and understand your Amazon S3 bill.

Question 4

How do you pay for S3 server access logging?

Answer 4

Any log files that the system delivers to you will accrue the usual charges for storage

Question 5

What are the restrictions for access log destination bucket?

Answer 5

Destination buckets
- should not have server access logging enabled.
- should not have S3 Object Lock enabled
- must not have Requester Pays enabled
- only server-side encryption with Amazon S3 managed keys (SSE-S3) is supported

Question 6

Buckets versioning can be in one of three states:

Answer 6

• Unversioned (the default)
• Versioning-enabled
• Versioning-suspended

Question 7

What are the allowed formats for the Amazon S3 website endpoints?

Answer 7

http://bucket-name.s3-website-Region.amazonaws.com
http://bucket-name.s3-website.Region.amazonaws.com

Question 8

Amazon S3 can send event notification messages to the following destinations:

Answer 8

Amazon Simple Notification Service (Amazon SNS) topics
Standard / non-FIFO Amazon Simple Queue Service (Amazon SQS) queues
AWS Lambda function
Amazon EventBridge

Question 9

What are the S3 archive classes?

Answer 9

Glacier Instant Retrieval - milliseconds
Glacier Flexible Retrieval - minutes to hours and with free bulk retrievals
Glacier Deep Archive -within 12-48 hours

Question 10

S3 encryption SSE-S3:

Answer 10

• All new object uploads to Amazon S3 buckets are encrypted by default
• Amazon S3 encrypts each object with a unique key.
• There are no additional fees for using server-side encryption with Amazon S3 managed keys

Question 11

How a customer can specify the S3 encryption key

Answer 11

SSE-C. The customer provides the key in the header
SSE-S3. The customer informs AES256 in the header
SSE-KMS. The customer informs the key id in the header.

Question 12

Unsupported S3 transtitions

Answer 12

• Any to Standard
• Any to Reduced Redundancy Storage (RRS).
• One Zone-IA to Intelligent-Tiering, Standard-IA, or S3 Glacier Instant Retrieval.
• Intelligent-Tiering to Standard-IA.
• Intelligent-Tiering Archive Instant to One Zone-IA.
• Intelligent-Tiering Archive to One Zone-IA or Glacier Instant Retrieval.
• Intelligent-Tiering Deep Archive to One Zone-IA, Glacier Instant Retrieval, or Glacier Flexible Retrieval.