S3

Question 1

What is an ”infinitely scaling” storage?

Answer 1

S3

Question 2

How can S3 be used?

Answer 2

As backbone to websites or integrated with AWS services

Question 3

What are the use cases of S3?

Answer 3

• Backup and storage
• Disaster Recovery
• Archive
• Hybrid Cloud storage
• Application hosting
• Media hosting
• Data lakes & big data analytics
• Software delivery
• Static website

Question 4

What storage directories require globally unique name but are defined at the region level?

Answer 4

S3 buckets

Question 5

What has keys?

Answer 5

S3 objects

Question 6

Where can you find the key of an S3 object? what about the object name?

Answer 6

Object key: The part after s3://my-bucket/

Object name: the last bit after the final “/”

Question 7

How can you ensure security of S3?

Answer 7

• User based
• IAM policies - which API calls should be allowed for a specific user from IAM (with EC2 Instance Role)
console
• Resource Based
• Bucket Policies - bucket wide rules from the S3 console - allows cross account
• Object Access Control List (ACL) – finer grain
• Bucket Access Control List (ACL) – less common
• Note: an IAM principal can access an S3 object if
• the user IAM permissions allow it OR the resource policy ALLOWS it
• AND there’s no explicit DENY
• Encryption: encrypt objects in Amazon S3 using encryption keys

Question 8

What are the tools for S3 versioning? And, what model do they adopt? And, at what level do they occur?

Answer 8

S3 Object Lock & Glacier Vault Lock

• Adopt a WORM (Write Once Read Many) model
• Bucket-level

S3 Replication:

• Cross region replication
• Same region replication
• Across different accts & regions

Question 9

What lock is good for S3 compliance and data retention, and why?

Answer 9

Glacier Vault Lock because vault lock policy prevents objects from being deleted

Question 10

What is the key difference between S3 Object Lock and Glacier Vault Lock?

Answer 10

S3 Object Lock blocks an object version deletion for a specific amount of time vs. never!

Question 11

What should you check if you get a 403 (Forbidden) error on S3 websites?

Answer 11

Ensure bucket policy allows public reads

Question 12

What can host static websites and have them accessible on the www?

Answer 12

S3

Question 13

What stores any request made to S3, from any account, authorized or denied, will be logged into another S3 bucket? What is this used for?

Answer 13

S3 Access Logs

Root cause analysis, audit usage, and viewing of suspicious patterns

Question 14

What are the S3 storage classes?

Answer 14

• Amazon S3 Standard - General Purpose
• Amazon S3 Standard-Infrequent Access (IA)
• Amazon S3 One Zone-Infrequent Access
• Amazon S3 Intelligent Tiering
• Amazon Glacier
• Amazon Glacier Deep Archive

Question 15

What has 99.999999999% (eleven 9s) durability and 99.99% availability? Is it the same for all storage classes?

Answer 15

S3; same durability and different availability across the storage classes except for One Zone - IA which has 99.5%

Question 16

What has 99.99% availability and is used for frequent data access due to its low latency and high throughput, and is able to sustain 2 concurrent facility failures?

Answer 16

Amazon S3 Standard - General Purpose

Question 17

What are the use cases for Amazon S3 Standard - General Purpose?

Answer 17

Big Data analytics, mobile & gaming applications, content distribution

Question 18

What has 99.99% availability and is suitable for data that is less frequently accessed, but requires rapid access when needed; and has lower cost than S3 standard but is subject to retrieval fee, and can sustain 2 concurrent facility failures?

Answer 18

S3 Standard - Infrequent Access

Question 19

What are the use cases for S3 Standard - Infrequent Access?

Answer 19

As a data store for disaster recovery, backups

Question 20

Which S3 storage class has 99.5% availability and 1 zone?

Answer 20

S3 One Zone - IA

Question 21

How many S3 Storage classes do most have at minimum?

Answer 21

3

Question 22

Which S3 Storage classes charge for retrieval?

Answer 22

S3 Std IA
S3 One Zone IA
S3 Glacier
S3 Glacier Deep Archive

Question 23

What can you use to automate moving objects between S3?

Answer 23

lifecycle configuration

Question 24

What is AWS responsible for as part of Shared Responsibility Model for S3?

Answer 24

• Infrastructure (global security, durability, availability, sustain concurrent loss of data in two facilities)
• Configuration and vulnerability analysis
• Compliance validation

Question 25

What are you responsible for as part of Shared Responsibility Model for S3?

Answer 25

* S3 Versioning * S3 Bucket Policies * S3 Replication Setup * Logging and Monitoring * S3 Storage Classes * Data encryption at rest and in transit

Question 26

What is a highly-secure, portable devices to collect and process data at the edge, and migrate data into and out of AWS

Answer 26

AWS Snow Family

Question 27

What does Snow Family support?

Answer 27

Data migration & edge computing

Question 28

What snow family supports data migration?

Answer 28

Snowcone, Snowball edge, and Snowmobile

Question 29

What snow family supports edge computing?

Answer 29

Snowcone, Snowball edge

Question 30

What challenges does the AWS Snow Family help overcome? What's a good rule of thumb for using it?

Answer 30

* Limited connectivity * Limited bandwidth * High network cost * Shared bandwidth (can’t maximize the line) * Connection stability If it takes more than 1 wk to transfer over network

Question 31

What is a small, portable computing, anywhere, rugged & secure, withstands harsh environments that can handle 8TB of usable storage?

Answer 31

AWS Snowcone

Question 32

How can you send data with AWS Snowcone?

Answer 32

Can be sent back to AWS offline, or connect it to | internet and use AWS DataSync

Question 33

What is a the largest data migration option that can handle exabytes and has almost 100PB of usable storage, as well as high security?

Answer 33

Snowmobile

Question 34

What can you use as an alt to moving data over network if you need to move TB or PB of data in/out of AWS?

Answer 34

Snowball edge

Question 35

What are the 2 types of snowball edge? Which has how many TB?

Answer 35

Storage optimized and compute optimized. | Storage has 80TB vs. Compute's 42 TB

Question 36

What devices do you set up to do edge computing?

Answer 36

Snowball edge/snowcone

Question 37

How can you manage Snow Family Devices for edge computing?

Answer 37

AWS OpsHub & CLI

Question 38

What can you do with AWS Ops Hub?

Answer 38

• Unlocking and configuring single or clustered devices • Transferring files • Launching and managing instances running on Snow Family Devices • Monitor device metrics (storage capacity, active instances on your device) • Launch compatible AWS services on your devices (ex: Amazon EC2 instances, AWS DataSync, Network File System (NFS))

Question 39

What storage cloud native options exist for block, file, and object?

Answer 39

Block: EBS & Instance Store File: EFS Object: S3 & Glacier

Question 40

What is a bridge between on-premise data and cloud | data in S3, a hybrid storage service to allow o-prem to be used in AWS Cloud?

Answer 40

AWS Storage Gateway

Question 41

What types of storage gateway are there and what are the use cases?

Answer 41

Types: file, volume, tape Use cases: disaster recovery, backup & restore, tiered storage

Question 42

global unique name, tied to a region

Answer 42

S3 Buckets vs Objects

Question 43

What ensures S3 security?

Answer 43

IAM policy, S3 Bucket Policy (public access), S3 Encryption

Question 44

multiple versions for files, prevent accidental deletes

Answer 44

S3 Versioning

Question 45

What logs requests made within your S3 bucket?

Answer 45

S3 Access logs

Question 46

transition objects between classes

Answer 46

S3 Lifecycle Rules