Storage Flashcards
Can elastic block store (EBS) be used on multiple EC2 instances?
Yes, but there is some restrictions. Only io1 and io2 (high performing drives) can be attached to the multiple EC2 instances. EBS volumes cannot be shared across availability zones.
Can EBS volumes data persist independently of the life of the instance?
Yes
Does EBS volume needs to be attached to an instance?
No
Can we attach multiple EBS volumes to an instance?
Yes
Can we attach EBS volume to multiple instances?
Yes, multi-attach can be used to attach a volume to multiple instances, but there are some constraint.The instances must be in same AZ, and EBS volume should be of type io1 and io2.
does EBS root volume gets deleted when instance is terminated?
Yes, by default, it gets deleted. But this can be changed
How can we move a EBS volume from one AZ to another?
Take a snapshot of the EBS volume and restore it in another AZ
Are the EBS volume snapshots incremental in nature?
Yes. but each snapshot has the capability to restore the entire volume if the earlier shots are not available. It can come up in the exam like how to free up space in S3 where you have taken EBS volume snapshots. The answer is to delete all the snapshot but the last one.
What is instance store volume?
Instance store volumes are high-performance local disks that are physically attached to the host computer on which an EC2 instance runs. Instances stores are ideal for the temporary storage of information that changes frequently, such as buffers, caches or scratch data
Can data persist on instance store volumes?
Instance stores are ephemeral which means that the data is lost when powered off (non-persistent)
Can instance store be detached or attached?
No. instance store is physically attached to the host computer on which an EC2 instance runs
What is an AMI?
AMI is an Amazon machine image that provides information required to launch an instance. it may include the following:1. one or more EBS snapshots or, for instance, store-backed AMIs, a template for the root volume of the instance [for example and operating system, and application server and applications]2. Launch permissions that control AWS accounts can use the am I to launch instances3. A block device mapping that specifies the volumes too attached to the instance when it’s launched
Can EFS be shared across multiple EC2 instances?
Yes, they can be shared across multiple instances in different availability zones. the instances can be in another VPC and connected by peering. EFS file systems can be connected to the computers in the corporate data center via VPN or direct connect. The instances can be in the different regions connected via peering connection. Note that EFS is supported for Linux instances only.
How to encrypt an unencrypted EFS volume?
Create a new encrypted EFS volume and copy the data to it. EFS volumes are encrypted at the time of creation.
Is there a life cycle managment policy for EFS Storage?
Yes, Amazon EFS lifecycle management automatically manages cost-effective file storage for your file systems. When enabled, lifecycle management migrates files that have not been accessed for a set period of time to the EFS Standard–Infrequent Access (Standard-IA) or One Zone–Infrequent Access (One Zone-IA) storage class, depending on your file system. You define that period of time by using the Transition into IA lifecycle policy.
How many type of FSx file systems are there?
NetApp ONTAP, OpenZFS, Windows File Server, and Lustre for Linux.
What are the features of FSx for Windows File Server?
- Provides a fully managed native Microsoft Windows file system* Full support for the SMB protocol, Windows NTFS, and Microsoft Active Directory (AD) integration* Supports Windows-native file system features:• Access Control Lists (ACLs), shadow copies, and user quotas.• NTFS file systems that can be accessed from up to thousands of compute instances using the SMB protocol* High availability: replicates data within an Availability Zone (AZ)* Multi-AZ: file systems include active and standby file servers in separate AZs
What are the features of Amazon FSx for Lustre?
- High-performance file system optimized for fast processing of workloads such as:• Machine learning• High-performance computing (HPC)• Video processing• Financial modeling• Electronic design automation (EDA)* Works natively with S3, letting you transparently access your S3 objects as files* Your S3 objects are presented as files in your file system, and you can write your results back to S3* Provides a POSIX-compliant file system interface
which is the file system with S3 integration?
FSx for Luster.* Works natively with S3, letting you transparently access your S3 objects as files* Your S3 objects are presented as files in your file system, and you can write your results back to S3
What is AWS Storage Gateway?
It’s for connecting the On-prem storage to AWS.
What is Amazon S3?
- Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance.
- The file stored in S3 is referred to as objects.
- It is also seen as a database that stores object in key-value pairs. Object ID is the key, and the object is the value.
- The buckets are defined at regional level
how Amazon S3 security is handled
- IAM policy- which API calls should be allowed for a specific user from IAM
- Resource based: Bucket Policies, Object Access Control List, Bucket Access Control List
Note: an IAM principal can access an S3 object if
* The user IAM permissions ALLOW it OR the resource policy ALLOWS it
* AND there’s no explicit DENY
S3 JSON Based Policy?
JSON based policies
* Resources: buckets and objects
* Effect: Allow / Deny
* Actions: Set of API to Allow or Deny
* Principal: The account or user to apply the policy to
s3 IAM policy for cross account access?
An S3 IAM policy for cross-account access allows one AWS account to access S3 buckets in another AWS account. Here’s an example of a policy that allows access to a specific bucket:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowAccessToBucket", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::123456789012:root" }, "Action": [ "s3:GetObject", "s3:PutObject" ], "Resource": [ "arn:aws:s3:::example-bucket/*" ] } ] }
In this example, replace “123456789012” with the account ID that you want to grant access to. The policy allows that account to read and write objects in the “example-bucket”. If you want to allow access to all buckets in the account, replace the “Resource” field with “arn:aws:s3:::*”.
what are the key points on hosting website on Amazon S3?
- The website must be static website and it should be accessible on the Internet
- The bucket should allow public reads in order for external users to access it’s content.
can you version Amazon S3 files
Yes, It can be enabled at the bucket level. same key can be used to access the latest version of the object. Suspending versions does not delete the previous versions.
How to enable S3 replication?
You must enable versioning in the source and destination buckets to enable the application. There are two types of applications:
1. cross-region replication (CRR)
2. same region application (SRR)
- The buckets can be in different accounts.
- Copy is asynchronous.
- Must give proper IAM permissions to S3
- After you enable the replication, only new objects will be replicated. If you need to replicate, the existing objects use S3 batch replication.
- for the delete operation, you can replicate a marker from source to target (optional setting). Deletion with version ID is not replicated.Use case: Compliance, lower latency access, replication across accounts.
What happens when you enable replication in existing S3 bucket?
Only new objects will be replicated. Existing objects can be replicated using S3 batch replication.
How can you replicate existing objects in S3?
S3 batch replication can be used to replicate existing objects.
What options do you have for replicating delete operations in S3?
You can replicate a marker from source to target (optional setting). Deletion with version ID is not replicated.
What are some common use cases for S3 replication?
Compliance, lower latency access, and replication across accounts are some common use cases for S3 replication.
How many S3 storage classes are there?
- S3 standard - General Purpose
- S3 standard - infrequent access (IA)
- S3 1 zone infrequent access
- S3 Glacier Instant Retrieval
- S3 Glacier Flexible Retrieval
- S3 Glacier deep archive
- S3 intelligent tieringObjects can move between classes manually or using S3 Lifecycle configurations.