Advanced S3: Cloudfront, Snowball, Storage Gateway, Athena

Question 1

Explain S3 MFA-Delete

Answer 1

MFA (multi factor authentication) forces user to generate a code on a device (usually a mobile phone or hardware) before doing important operations on S3

Question 2

In order To use MFA-Delete, enable ____ on the S3 bucket

Answer 2

Versioning

Question 3

• You will need MFA to

Answer 3

• permanently delete an object version

- suspend versioning on the bucket

Question 4

You won’t need MFA for..?

Answer 4

• enabling versioning

* listing deleted versions

Question 5

Only this user can enable/disable MFA-delete

Answer 5

bucket owner (root account)

Question 6

MFA-Delete currently can only be enabled using the….

Answer 6

CLI

Question 7

What’s evaluated first, Bucket Policies or “default encryption”

Answer 7

Bucket Policies are evaluated before “default encryption”

Question 8

S3 Cross Region Replication can be in different accounts?

Answer 8

True

Question 9

S3 Cross Region Replication is async?

Answer 9

True

Question 10

S3 pre-signed URLs are valid for a default ..?

Answer 10

Valid for a default of 3600 seconds, can change timeout with –expires-in [TIME_BY_SECONDS] argument

Question 11

Users given a pre-signed URL inherit what?

Answer 11

the permissions of the person who generated the URL for GET / PUT

Question 12

Give some examples of S3 pre-signed URLs

Answer 12

• Allow only logged-in users to download a premium video on your S3 bucket
• Allow an ever changing list of users to download files by generating URLs dynamically • Allow temporarily a user to upload a file to a precise location in our bucket

Question 13

What is AWS CloudFront and what does it do?

Answer 13

• Content Delivery Network (CDN)
• Improves read performance, content is cached at the edge
• 136 Point of Presence globally (edge locations)
• Popular with S3 but works with EC2, Load Balancing
• Can help protect against network attacks
• Can provide SSL encryption (HTTPS) at
• CloudFront can use SSL encryption (HTTPS) to talk to your applications
• Support RTMP Protocol (videos / media)

Question 14

CloudFront signed URL can only be created using?

Answer 14

AWS SDK, so you have to code an application to verify users and generate these URLs

Question 15

What is CloudFront great for?

Answer 15

Great for static content that must be available everywhere

Question 16

What is S3 Cross Region Replication Great for?

Answer 16

Great for dynamic content that needs to be available at low-latency in few regions.

Must be setup for each region you want replication to happen
Files are updated in near real-time
Read only

Question 17

What are S3 Storage Tiers?

Answer 17

• Amazon S3 Standard - General Purpose
• Amazon S3 Standard-Infrequent Access (IA)
• Amazon S3 One Zone-Infrequent Access
• Amazon S3 Reduced Redundancy Storage (deprecated) • Amazon S3 Intelligent Tiering (new!)
• Amazon Glacier

Question 18

What is S3 Standard – Infrequent Access (IA) suitable for?

Answer 18

Suitable for data that is less frequently accessed, but requires rapid access when needed

Question 19

Use case of S3 (IA)

Answer 19

• Use Cases: As a data store for disaster recover y, backups…

Question 20

S3 One Zone - Infrequent Access (IA) Use Case

Answer 20

• Use Cases: Storing secondary backup copies of on-premise data, or storing data you can recreate

Question 21

What’s S3 Glacier meant for?

Answer 21

• Low cost object storage meant for archiving / backup

Question 22

How much storage can each archived item in glacier hold?

Answer 22

Up to 40TB

Question 23

Archives are stored in what?

Answer 23

Vaults

Question 24

What is S3 Lifecycle Rules?

Answer 24

• Set of rules to move data between different tiers, to save storage cost

Question 25

What is S3 Lifecycle Transition actions?

Answer 25

It defines when objects are transitioned to another storage class.

Question 26

What is S3 Lifecycle Expiration actions?

Answer 26

Helps to configure objects to expire after a certain time period. S3 deletes expired objects on our behalf

Question 27

this Can be used to delete incomplete multi-part uploads!?

Answer 27

S3 Lifecycle Rules

Question 28

Snowball Edge vs Snowball?

Answer 28

Snowball Edges add computational capability to the device
• 100TB capacity with either:
• Storage optimized – 24 vCPU
• Compute optimized – 52 vCPU & optional GPU
• Supports a custom EC2 AMI so you can perform processing on the go
• Supports custom Lambda functions

Question 29

What is AWS Storage Gateway?

Answer 29

• Bridge between on-premise data and cloud data in S3

* Use cases: disaster recovery, backup & restore, tiered storage

Question 30

What are the 3 types of storage gateway?

Answer 30

• File Gateway

* Volume Gateway • Tape Gateway

Question 31

Storage Gateway - File Gateway supports what?

Answer 31

Supports S3 standard, S3 IA, S3 One Zone IA

Question 32

Storage Gateway - Define Volume Gateway?

Answer 32

• Block storage using iSCSI protocol backed by S3
• Backed by EBS snapshots which can help restore on-premise volumes! • Cached volumes: low latency access to most recent data
• Stored volumes: entire dataset is on premise, scheduled backups to S3

Question 33

Storage Gateway - Define Volume Gateway?

Answer 33

• Some companies have backup processes using physical tapes (!)
• With Tape Gateway, companies use the same processes but in the cloud • VirtualTape Library (VTL) backed by Amazon S3 and Glacier
• Back up data using existing tape-based processes (and iSCSI interface)
• Works with leading backup software vendors

Question 34

If exam mentioned on premis data, that means what?

Answer 34

Storage gateway

Question 35

File access / NFS refers to what?

Answer 35

File Gateway

backed by S3

Question 36

Volumes / Block Storage / iSCSI refers to what?

Answer 36

Volume gateway (backed by S3 with EBS snapshots)

Question 37

VTLTape solution / Backup with iSCSI

Answer 37

Tape Gateway (backed by S3 and Glacier)

Question 38

What is Athena?

Answer 38

Serverless service to perform analytics directly against S3 files

Question 39

Athena uses what query language?

Answer 39

Uses SQL language to query the files

Question 40

What are you charged to use Athena?

Answer 40

Charged per query and amount of data scanned