Udemy lecture 5: Amazon S3

Question 1

__________ is one of the main building blocks of AWS

Answer 1

Amazon S3

Question 2

What are the different use cases of amazon S3?

Answer 2

• Backup & storage
• Disaster recovery
• Archive
• Hybrid cloud storage
• Application hosting
• Media hosting
  etc

Question 3

Amazon S3 stores objects (files) into ____________

Answer 3

Buckets (directories)

Question 4

Buckets must have a ____________________ name (across all regions all accounts)

Answer 4

Globally unique name

Question 5

Buckets are defined at the __________ level

Answer 5

Region

Question 6

What is the naming conventions for S3 buckets?

Answer 6

• No uppercase, no underscore
• 3-63 character long
• Not an IP
• Must start with lowercase letter or number
• Must not start with the prefix xn-
• Must not end with the suffix -s3alias

So just use letters, numbers, and hyphons youll be fine

Question 7

Objects (files) have a ________

Answer 7

Key

Question 8

The key is the _________ path

Answer 8

Full (all the layers of your file like think of it being in a folder & having multiple layers

Question 9

The object key is composed of the __________ + _____________

Answer 9

prefix + object name (ex. s3://my-bucket/my_folderI/another_folder(prefix)/(object name) my_file.txt

Question 10

Keys are usually just long names that contain ________

Answer 10

Slashes (/)

Question 11

Object values are the content of the _________

Answer 11

Body

Question 12

What are some aspects of objects related to their sizing?

Answer 12

• Max. object size is 5TB (5000GB)
• If uploading more than 5GB, must use “multi-part upload”

Question 13

Object can also contain __________

Answer 13

Metadata

Question 14

What are metadata?

Answer 14

Metadata consists of a list of text key/ value pairs, which can be used by the system or user to know some elements of the file

Question 15

Metadata contain ______– which are unicode key/ value pair up to 10 & they are useful for security/ lifecycle

Answer 15

Tags

Question 16

Metadata also contains a __________ if versioning is enabled

Answer 16

Version ID

Question 17

What are the different Amazon S3 securities?

Answer 17

1. User-based
2. Resources- Based
3. Encryption

Question 18

What are the user-based policies used in Amazon S3?

Answer 18

IAM policies

Question 19

What are IAM polices related to S3?

Answer 19

IAM policies are API calls that decide which API calls should be allowed for a specific user from IAM

Question 20

What are the different resource-based policies related to S3?

Answer 20

• Bucket policies
• Object Access Control List (ACL)
• Bucket Access control list (ACL)

Question 21

What is the bucket policies related to S3?

Answer 21

Its bucket wide rules from the S3 console which allows cross account (its what allows it to become public)

Question 22

What are the object access control list (ACL) related to S3?

Answer 22

Finer grain that can be disabled

Question 23

What are the bucket access control list (ACL) related to S3?

Answer 23

Less common & can be disabled

Question 24

What are the conditions that must be met for an IAM principal to access an S3 object?

Answer 24

1. The user IAM permissions allow it or the resources policy allows it
2. There’s no explicit deny

Question 25

How is encryption related to S3 security?

Answer 25

Encrypt object in amazon S3 using encryption keys

Question 26

S3 bucket policies mostly are what?

Answer 26

JSON based policies (with allow the features of JSONs such as the resources, effect, actions, principals, etc)

Question 27

Why do we use S3 bucket for policies?

Answer 27

• Grant public access to the bucket
• Force objects to be encrypted at upload
• Grant access to another account (cross account)

Question 28

S3 can host __________ websites & have them accessible on the internet

Answer 28

Static

Question 29

If you get a 403 forbidden error, make sure that the _________ allows public reads

Answer 29

bucket policy

Question 30

What does versioning your files mean?

Answer 30

Updating your files

Question 31

You can version your files in Amazon S3 but it has to be done at the ___________

Answer 31

bucket level (when you use the same key overwrite it will change the version, making updates)

Question 32

Why should you version your buckets?

Answer 32

• Protects against unintended deletes (ability to restore a version)
• Easy roll back to previous version
• Any file that is not versioned prior to enabling versioning will have version “null” (suspending versioning doesn’t delete the previous versions)

Question 33

What are the 2 different Amazon S3 replications?

Answer 33

1. CRR (cross-region replication) (the2 regions must be different)
2. SRR (same-region replication)(the 2 regions must be the same)

• Must enable versioning in source & destination buckets to use them

Question 34

How can CRR be beneficial?

Answer 34

If you use cross-region replication, it can be helpful for compliance or for providing lower latency access to your data because its in another region or to replicate data across accounts

Question 35

How can SRR be beneficial?

Answer 35

It can be helpful to aggregate logs across multiple S3 buckets or to perform a live replication between production & test accounts, so you basically have your own test environment

Question 36

What are the different S3 storage classes?

Answer 36

• Amazon S3 standard- general purpose
• Amazon S3 standard - infrequent access (IA)
• Amazon S3 one zone-infrquent access
• Amazon S3 glacier instant retrieval
• Amazon S3 glacier flexible retrieval
• Amazon S3 glacier deep archive
• Amazon S3 intelligent tiering

Question 37

What does durability mean related to Amazon S3?

Answer 37

Durability represents how many times an object is going to be lost by Amazon S3 so Amazon S3 has a high durability called 11 nines

Question 38

What does Amazon S3 11 nine durability means?

Answer 38

Means that if you decided to store 10 million object in Amazon S3 then you can expect to lose a single object once every 10,000 years

Question 39

What does availability mean related to S3?

Answer 39

It represents how readily a service is (depends on storage class)

Question 40

Amazon S3 standard has 99.99 availability & its used for ____________ accessed data & it has low latency & high throughputs. It can sustain two concurrent facility failures by AWS

Answer 40

Frequently

Question 41

What are the use case for Amazon S3 standard?

Answer 41

• Big data analytics
• Mobile & gaming applications
• Content distribution

Question 42

S3 infrequent access is used for data that is __________________ accessed but requires rapid access when needed

Answer 42

Less frequently accessed

Question 43

S3 infrequent access is _______ availability so a bit less available

Answer 43

99.9%

Question 44

What is the use case for amazon S3 infrequent access (IA)

Answer 44

Used for disaster recovery & backups

Question 45

_______________ has high durability within a single AZ only

Answer 45

Amazon S3 one zone -infrequent access (one-zone IA)

Question 46

Amazon S3 one zone -infrequent access has a __________ availability

Answer 46

99.5%

Question 47

What is the use case of S three one zone-IA?

Answer 47

To store secondary copies of backups of things like on-premise data, or data you can recreate

Question 48

____________ has the lowest cost object storage meant for arching & backup

Answer 48

Amazon S3 Glacier

• Pay for the storage & retrieval cost

Question 49

_______________ give you milliseconds retrieval for data that’s accessed once a quarter & the minimum store duration is 90 days

Answer 49

Amazon S3 Glacier instant retrieval

Question 50

_____________ has 3 flexibility, where you have expedited where you get the data back between 1 & 5 minutes, you have a standard where you get data back between 3-5 hours & you got minimum storage duration of 90 days

Answer 50

Amazon Glacier Flexible retrieval

Question 51

What is the difference between instant & flexible related to data retrieval?

Answer 51

Instant means you retrieve data instantly & flexible means that your willing to wait longer period of time like for example 12 hours

Question 52

___________ which is meant for long-term storage, & it has 2 different types of retrieval which are standard retrieval of 12 hours & bulk of 48 hours. Also get a minimum storage duration of 180 days

Answer 52

Amazon Deep Glacier archive

Question 53

___________ storage class allow you to move objects between excess tiers based on usage patterns & you get a small monthly monitoring fee & auto tiering fee

Answer 53

Amazon S3 intelligent -tiering

Question 54

What are the two different types of encryptions used for amazon S3?

Answer 54

1. Server side-encryption
2. Client - side enctryption

Question 55

What is server-side encryption?

Answer 55

Its when the server is doing the encryption for you

Question 56

What is client side encryption?

Answer 56

Its when the user does the encryption

Question 57

Within AWS by default the ___________- encryption is used

Answer 57

Server-side encryption

Question 58

What is the IAM access analyzer for amazon S3?

Answer 58

Its a monitoring feature for your amazon S3 bucket to ensure that only the intended people have access to your S3 bucket, so when its shared with unwanted people you can see it & take action

Question 59

What is AWS responsible for related to S3?

Answer 59

• Responsible for their infrastructure related to S3 (ability, availability, etc)
• Internal configuration & vulnerability analysis
• Compliance validation internally with their infrastructure

Question 60

What are you responsible related to Amazon S3?

Answer 60

• Supposed to correctly setup S3 versioning to make sure you setup the right S3 bucket policy so that data is protected in your buckets
• Make sure that if you want verfication you set it up yourself
• Use the most optimal cost storage cloud that is going to be most cost friendly for you
• Encrypt your data onto your amazon S3 bucket

Question 61

What is AWS snow family?

Answer 61

Its a highly secure portable device in AWS

Question 62

What are the two use cases for AWS snow family?

Answer 62

• Its used to collect & process data at the edge

-Or to migrate data in & out of AWS

Question 63

What are the different types of devices in the snow family related to data migration?

Answer 63

1. Snowcone
2. Edge
3. Snowmobile

Question 64

What are the two different types of devices within the snow family related to edge computing (collecting & transferring data at the edge)

Answer 64

1. Snowcone
2. Snowball edge

Question 65

The snow family is used for data migration why? and what is the rule of thumb related to the snow family & data migration?

Answer 65

To speed things up & rule of thumb is that if it takes more than a week to transfer data over the network then you should use a snowball device (it transfers data physically not by network)

Question 66

What are the two different types of snowball edge?

Answer 66

1. Snowball edge storage optimized
2. Snowball edge compute optimized

Question 67

What is snowball edge storage optimized?

Answer 67

Gives you 80 terabytes of hardware disk capacity which works for block volume or S3 compatible object storage

Question 68

What is snowball edge compute optimized?

Answer 68

Gives you 42 terabytes or 28 terabytes

Question 69

What is the use case for a snowball edge?

Answer 69

To do a large data cloud migration to decommission a data center or for a disaster recovery by backing up your data into AWS

Question 70

A ___________ is used for edge computing, storage & data transfer

Answer 70

Snowcone

Question 71

What are the two versions of snowcone?

Answer 71

1. Snowcone- which is 8 terabytes of HDD storage
2. Snowcone SSD with 14 terabytes of SSD storage

Question 72

You can transfer your data physically with __________, you can transfer exabytes of data with it & its highly secured

Answer 72

Snowmobile

Question 73

AWS recommends for migration size you wanna use ___________ for 24 terabytes, __________ petabytes, and exabytes for _________ want to

Answer 73

snowcone, snowball edge, snowmobile

Question 74

What is edge computing?

Answer 74

Edge computing is when you process data while its being created at an edge location

Question 75

What is an edge location?

Answer 75

An edge location is anything that really doesn’t have internet or that far away from the cloud

ex. a truck on the road or ship on sea, etc

Question 76

With snow edge pricing you pay for device usage & data transfer ______ of AWS

Answer 76

Out

Question 77

Putting data into Amazon S3 is _______

Answer 77

Free

Question 78

What are the different snowball edge pricing?

Answer 78

1. On-demand
2. Committed upfront- where you pay in advance for monthly, 1yr, or 3yr usage

Question 79

A _________ is used to bridge your on-premise data & cloud data in AWS (allows you to use a hybrid model with S3)

Answer 79

Storage gateway

Question 80

______________ is the most cost-effective option if you want to archive data and do not have a retrieval time requirement. You can retrieve data in 12 or 48 hours.

Answer 80

Amazon Glacier Deep Archive

Question 81

______________ can be used to define when S3 objects should be transitioned to another storage class or when objects should be deleted after some time.

Answer 81

Lifecycle Rules

Question 82

___________ devices are well suited for large-scale data migrations and recurring transfer workflows, as well as local computing with higher capacity needs.

Answer 82

Snowball Edge Storage Optimized