Storage Services Flashcards
S3
Simple Storage Solution
- an object storage service for the cloud that is highly available
- regional
- has access logs to track access
Objects
S3 name for files
- can be public or private
- can be uploaded via console, CLI or via code
Bucket
S3 name for directories
- essentially unlimited
- can hold millions of objects
at what level can security be set for buckets?
at the bucket or object level
what are 3 ways to set security on buckets?
- ACLs
- bucket policies
- access point policies
ACL
Access Control List
what is unique about bucket naming?
they must be globally unique
how is durability achieved?
data stored inside a region is replicated across multiple servers
what is the S3 standard for durability?
99.999999999% (11 9’s)
S3 Standard
Storage Class
- general purpose storage
- stored across multiple AZs
- low latency and high throughput
when is S3 standard recommended?
for frequently accessed data, with standard durability and availability needs
what is the S3 standard for availability?
99.99%
S3 Intelligent Tier
Storage Class
- automatically moves your data to the most cost-effective storage class
- no retrieval fees
- standard durability and availability
what is S3 Intelligent Tier recommended for?
new applications or unpredictable storage needs
S3 Standard-Infrequent Access (IA)
Storage Class
for data that is accessed less frequently, but that needs rapid access
- stored across multiple AZs (standard durability)
what is S3 Standard Infrequent Access (IA) recommended for?
long-lived data requiring immediate access
S3 One-Zone Infrequent Access
Storage Class
for data that is infrequently accessed but requires rapid access.
- only stored in one AZ
- costs 20% less than IA
- reduced durability, standard availability
when is S3 One-Zone Infrequent Access recommended?
intended for use cases with infrequently accessed data that is re-creatable, such as:
- storing secondary backup copies of on-premises data
- for storage that is already replicated in another AWS Region
- for compliance or disaster recovery purposes
S3 Glacier
Storage Class
long term data storage
- very cheap
- takes longer to access your data, from minutes to 12 hours depending on your price.
- stored across multiple AZs
when is S3 Glacier recommended?
for long-term backups needing cheaper storage, but requiring standard durability, that can sacrifice some availability
S3 Glacier Deep Archive
Storage Class
like S3 Glacier, but slower
- stored across multiple AZs
- takes 12 - 24 hours to retrieve data
when is S3 Glacier Deep Archive recommended?
for archives or compliance needs that don’t need to be accessed more than 1x/year
S3 Outposts
Storage Class
durably and redundantly stores data across multiple devices and servers in your on-premises environment
what is a good choice for long-term storage of master data that is infrequently accessed?
S3 Standard-IA
what storage classes distribute data across a minimum of three geographically-separated Availability Zones to offer the highest level of resilience to AZ loss
S3 Standard, S3 Standard-IA and S3 Glacier
which storage class can offer customers higher availability and durability than self-managed physical data centers, with the added benefit of having to pay only for what they use, costing 20% less than Standard-IA?
S3 One-Zone Infrequent Access
when is Outposts recommended?
- when you need to meet data residency, regulatory, or compliance requirements
- for high-demand workloads that need to run locally
- as a step in your cloud migration journey to set up a cloud before actually moving to the cloud
Amazon EBS
Elastic Block Store
- like a flash drive you attach to your instance
- called a Volume
- data persists when instance is not running
- can only be tied to one instance in one AZ
What is Amazon EBS recommended for?
- quickly accessible data
- running a database on an instance
- long-term data storage
EC2 Instance Store
Local storage that is physically attached to a host computer and cannot be removed.
- fast I/O speeds
- temporary storage (data loss occurs when instance is stopped)
What is EC2 Instance Store recommended for?
- temporary storage needs
data replicated across multiple instances (ex: a load-balanced pool of web servers)
Elastic File Store (EFS)
serverless network file system for sharing files
- only supports Linux
- more expensive than EBS
- accessible across different AZs in the same region
What is EFS recommended for?
- main directories for business-critical apps
- to lift & shift existing enterprise apps
Storage Gateway
hybrid storage for on-prem to connect to cloud data
What is Storage Gateway recommended for?
- moving backups to the cloud
- reducing costs for hybrid storage
- low-latency access to data
What benefits do CDNs provide?
- ensure fast download times
- ensure low latency
CDN
Content Delivery Network
- a mechanism to deliver content rapidly & efficiently for your geographic location
Amazon Cloud Front
- CDN that provides global distribution w/ low latency
- your app can exist in a single region but delivered globally
- data can be restricted based on a location
- speeds up delivery of static and dynamic web content
- uses edge locations to cache content
What is a Cloud Front distribution?
a collection of edge locations where files are cached
How does caching work?
- If file exists in cache, return it to the user
- Else, pull file from the origin, put it in the cache, then return file to user
What are use case for Cloud Front?
- used with S3 to deploy static websites
- used with DDoS to prevent attacks
- IP address blocking (by location)
AWS Global Accelerator
- sends users thru the AWS global network, speeding up delivery
- improves latency & availability of single-region apps
- automatically re-routes traffic to healthy available region endpoints
- low latency
What kind of performance boost does Global Accelerator offer
60%
S3 Transfer Acceleration
Improves content uploads/downloads to/from S3 buckets
- provides fast transfer of files over long distances
- uses Cloud Front’s edge locations
- customers around the world can upload to a central bucket
VPC
Virtual Private Cloud
- a foundational service that allows you to create a secure, private network in the AWS cloud where you launch your resources
Where can a VPC exist?
It can span AZs within a single region
what does networking use to connect computers across the globe?
virtual routers, firewalls and network management services
subnet
an isolated local network
private subnet
- allows you to split your network inside the VPS
- where you launch your EC2 and private databases
public subnet
- resources you want made public
NACL
Network Access Control List
- ensure the proper traffic is allowed into the subnet
Router and Route Table
where you can define where network traffic is directed
Internet Gateway
allows public traffic to the internet from the VPC
VPC Peering
allows you to connect 2 VPS together to make them behave as one in a secure manner.
IPv4 address
Internet Protocol version 4
- used to route most internet traffic today
- uses a 32 bit address space
CIDR Notation
Combines the IP address with its routing prefix
