Upgrade to remove ads
AWS Simple Storage Service (S3)
Terms in this set (65)
Simple Storage Service
What is S3?
Storage for the internet. Secure, durable, highly-scalable object storage. Can upload files, but cannot install OS or software.
What can I do with S3?
Store and retrieve any amount of data, at any time, from anywhere on the web.
What size objects can be uploaded to S3?
1 byte - 5 TB. Largest object in a single PUT = 5GB.
What kind of data can be stored in S3?
Virtually any kind of data in any format.
How much storage is potentially available?
Unlimited (however much you can pay for)
How are files stored in S3?
In buckets (conceptually like folders)
True or False. Filenames in S3 do NOT have to be unique across regions.
False. S3 is a universal namespace, so names must be unique globally.
True or False. You can read immediately after adding a new object to S3.
True. Read after write consistency for PUTS of new Objects.
True or False. Updates and deletes in S3 will be visible immediately.
False. Eventual consistency for overwrite PUTS and DELETES (Updating or deleting objects can take some time to propagate)
What are the S3 storage classes/tiers?
What is S3 standard tier?
For frequently accessed data. Low latency and high throughput. Availability = 99.99%. Durability = 99.999999999% (11x9's). Use cases including cloud applications, dynamic websites, content distribution, mobile and gaming applications, and big data analytics
What is S3-IA tier?
S3 Standard - Infrequent Access. Availability = 99.99%. Durability = 99.999999999% (11x9's). Data is accessed less frequently, but requires rapid access when needed. Low per GB storage price and per GB retrieval fee. Ideal for long-term storage, backups, and as a data store for disaster recovery.
True or False. Data deleted from S3-IA tier within 30 days will be charged for a full 30 days.
What is Glacier tier?
Secure, durable, and extremely low-cost ($0.01/GB/mo) storage service for data archiving. Optimized for data that is rarely accessed and a retrieval time of several hours is suitable. Charged for amount of storage, # requests, data transfer pricing
What does it cost to recover from Glacier?
Archive and Restore requests are priced from $0.05 per 1,000 requests. For large restores, there is also a restore fee starting at $0.01 per gigabyte. Objects are restored to RRS, so you are charged for RRS and Glacier until restored object is moved.
True or False. Data deleted from Glacier w/in 90 days are charged a fee.
True. There is a pro-rated charge of $0.03 per GB.
How much data can be restored from Glacier for free?
You can restore up to 5% of the data stored in Glacier for free each month.
What is S3-RRS tier?
Reduced Redundancy Storage. Store non-critical, reproducible data (storing thumbnails, transcoded media, etc.) at lower levels of redundancy than S3's standard storage. Availability = 99.99%, Durability = 99.99%. Data is replicated fewer times, so the cost is less
What are the identifying parts of an S3 object?
1. Key - The name,
2. Value - The data,
3. Version ID,
4. Metadata (system and/or user-defined),
True or False. Bucket names don't have to be globally unique.
False. They must be globally unique AND lower case letters.
True or False. Uploaded objects are private by default.
How many buckets can each account have?
100 by default.
True or False. All objects in a bucket are replicated when replication is enabled.
False. Pre-existing objects are not replicated, but future uploads are replicated.
True or False. Versioning is not a requirement for cross-region replication.
False. Cross-region replication requires versioning.
True or False. Versioning can only be disabled, not turned off.
True. To stop versioning completely, you must delete and recreate the bucket.
True or False. You have to pay for each version of a file.
True. Each file has its own version ID, which means it's taking up space, which has to be paid for.
True or False. Lifecycle rules do NOT require versioning.
True, but you CAN use Lifecycle rules with versioning.
True or False. You can use multi-factor authentication with versioning.
True. Multi-factor authentication is used to enforce second authentication so objects are less likely to be deleted accidentally.
What are lifecycle rules?
Rules you can set up to automatically transition items from one type of storage to another.
What are the types of lifecycle rules?
1. Transition to Standard - Infrequent Access Storage,
2. Archive to Glacier storage,
3. Permanently delete
Explain the 'Transition to Standard - Infrequent Access Storage Class' rule.
Must wait minimum 30 days and min 128kb file size. Fee for retrieval, but almost instantaneous.
Explain the 'Archive to Glacier storage class' rule.
Can do 1 day after uploading (30 days after infrequently accessed). Fee for retrieval, takes 3-5 hrs for retrieval.
Explain the 'Permanently Delete' rule.
Can do 1 day after uploading. If versioning enabled, must expire, then permanently delete.
True or False. You can use lifecycle rules for versions of objects.
What is a CDN?
Content Delivery Network. Network of distributed servers that deliver webpages and content users based on their geographic location (and other factors).
What is CloudFront used for?
Deliver your entire website, including dynamic, static, streaming, and interactive content using a global network of edge locations.
How are request handled with CloudFront?
Requests are automatically routed to the nearest edge location, so content is delivered with the best possible performance.
True or False. CloudFront can only be used with other AWS services.
False. CloudFront works with non-AWS origin servers, but is optimized to work with other AWS services like S3, EC2, Elastic Load Balancing, and Route 53.
In CloudFront, what is an origin location?
Location of original, uncached, files. S3 bucket, EC2 instance, Elastic Load Balancer, Route53, or custom
In CloudFront, what is an edge location?
Location where content will be cached. Different from Regions and Availability Zones.
True or False. Edge locations are read-only.
False. Can send the PUT messages, which will be forwarded to the Origin.
How are objects removed from edge locations?
Objects are removed for free after the TTL expires, but you can manually clear objects for a fee.
What is a Distribution?
A collection of Edge Servers.
What are the types of distributions?
Web distribution and RTMP
What is a Web Distribution?
A distribution specifically for websites and static files (html, css, xml, etc)
What is RTMP?
Adobe's Real-Time Message Protocol. For media streaming (flash, etc). Allows an end user to begin playing a media file before the file has finished downloading
Why would you want to restrict user access to a distribution?
If users access your objects directly in S3, they bypass the controls provided by CloudFront signed URLs or signed cookies.
True or False. When a bucket is created it is private by default.
How can you control access to a bucket.
Using bucket policies and ACLs.
True or False. There is no way to track who accesses a bucket.
False. You can configure buckets to store logs w/in the bucket or in another bucket.
What are the 3 methods of encryption?
1. SSL/TLS (in transit),
2. Server Side Encryption (SSE),
3. Client Side Encryption (CSE)
What is SSE-S3?
Server Side Encryption that is fully Amazon managed. S3 encrypts each object with a unique key and it encrypts the key itself with a master key that it regularly rotates. Uses 256-bit Advanced Encryption Standard (AES-256).
What is SSE-KMS?
Server Side Encryption Key Management Services. Combines secure, highly available hardware and software to provide a key management system scaled for the cloud. AWS KMS uses customer master keys (CMKs) to encrypt your S3 objects. Provides audit trail.
What is SSE-C?
Server Side Encryption with customer provided keys. You manage the keys, AWS manages encryption/decryption when you write or read.
What is Client Side Encryption?
Refers to encrypting data before sending it to S3. Two options for using data encryption keys:
1. Use an AWS KMS-managed customer master key
2. Use a client-side master key
What is a Storage Gateway?
Connects an on-premises software appliance with cloud-based storage
What AWS service is the target of a Storage Gateway?
Target is typically S3 or Glacier, but also supports supports VMware ESXi or Microsoft Hyper-v
What are the 3 types of Storage Gateways?
1. Stored volumes,
2. Cached volumes,
3. Virtual Tape Library (VTL)
What is a Gateway Stored Volume?
Keep entire dataset on-site. Storage Gateway backs this up asynchronously to S3. Can recover locally or from EC2.
What is a Gateway Cached Volume?
Entire data set stored in S3. Only most frequently accessed data is cached on-site. If you lose internet connectivity, cannot access all of your data.
What is a Gateway Virtual Tape Library?
VTL. Limitless collection of virtual tapes. Backed by S3 (tape library) or Glacier (tape shelf). Exposes iSCSI interface providing your backup application with on-line access to the virtual tapes. Supported by NetBackup, Backup Exec, Veam, etc.
What is an import/export disk?
Use any portable storage device to transport data to AWS. AWS staff imports the data to S3, EBS, Glacier, etc., then sends the device back. Export from S3. This service is being replaced by Snowball.
What is import/export Snowball?
Rent Amazon's portable storage device. Petabyte scale data transport solution. 50TB/snowball limit, tamper-resistant enclosure, 256-bit encryption. Import/Export to S3 only.
Where is my data stored?
You specify a region when you create your Amazon S3 bucket. Within that region, your objects are redundantly stored on multiple devices across multiple facilities.
THIS SET IS OFTEN IN FOLDERS WITH...
AWS Solutions Architect Associate Test Questions
AWS Elastic Cloud Compute (EC2)
AWS Cloud Products, Services, and Terms
AWS Identity Access Management (IAM)
YOU MIGHT ALSO LIKE...
AWS Solutions Architect: Chapter 2
AWS S3 FAQ
AWS S3 FAQ
Review - Chapter 11 AWS
OTHER QUIZLET SETS
Finance Exam 3
AWS Associate Architect Study Deck
Sysops - Section 4
FIN 341 Final Exam