Amazon S3

Question 1

S3 - Buckets

Answer 1

• Amazon S3 allows people to store objects (files) in “buckets” (directories)
• Buckets must have a globally unique name (across all regions all accounts)
• Buckets are defined at the region level
• S3 looks like a global service but buckets are created in a region

Question 2

S3 - Objects

Answer 2

• Objects (files) have a Key
• The key is the FULL path
• The key is composed of prefix + object name

Question 3

S3 Security

Answer 3

User based
• IAM policies - which API calls should be allowed for a specific user from IAM
console

Resource Based
• Bucket Policies - bucket wide rules from the S3 console - allows cross account
• Object Access Control List (ACL) – finer grain
• Bucket Access Control List (ACL) – less common

Question 4

S3 Bucket Policies

Answer 4

• Grant public access to the bucket
• Force objects to be encrypted at upload
• Grant access to another account (Cross
Account)

Question 5

S3 Access Logs

Answer 5

• For audit purpose, you may want to log all access to S3 buckets
• Any request made to S3, from any account, authorized or denied, will be logged into another S3 bucket

Question 6

S3 Standard – General Purposes

Answer 6

• 99.99% Availability
• Used for frequently accessed data
• Low latency and high throughput
• Sustain 2 concurrent facility failures

Question 7

S3 Standard – Infrequent Access (IA)

Answer 7

• Suitable for data that is less frequently accessed, but requires rapid access when needed
• 99.9% Availability
• Lower cost compared to Amazon S3 Standard, but retrieval fee
• Sustain 2 concurrent facility failures

Question 8

S3 Intelligent-Tiering

Answer 8

• 99.9% Availability
• Same low latency and high throughput performance of S3 Standard

Cost-optimized by automatically moving objects between two access
tiers based on changing access patterns:
• Frequent access
• Infrequent access

• Resilient against events that impact an entire Availability Zone

Question 9

S3 One Zone - Infrequent Access (IA)

Answer 9

• Same as IA but data is stored in a single AZ
• 99.5% Availability
• Low latency and high throughput performance
• Lower cost compared to S3-IA (by 20%)

Question 10

Amazon Glacier and Glacier Deep Archive

Answer 10

• Low cost object storage (in GB/month) meant for archiving / backup
• Data is retained for the longer term (years)
• Various retrieval options of time + fees for retrieval:

Amazon Glacier – cheap:
• Expedited (1 to 5 minutes)
• Standard (3 to 5 hours)
• Bulk (5 to 12 hours)

Amazon Glacier Deep Archive – cheapest:
• Standard (12 hours)
• Bulk (48 hours)

Question 11

S3 Object Lock

Answer 11

• Adopt a WORM (Write Once Read Many) model

* Block an object version deletion for a specified amount of time

Question 12

Glacier Vault Lock

Answer 12

• Adopt a WORM (Write Once Read Many) model
• Lock the policy for future edits (can no longer be changed)
• Helpful for compliance and data retention

Question 13

Snowball Edge

Answer 13

• Physical data transport solution: move TBs or PBs of data in or out of AWS
• Alternative to moving data over the network (and paying network fees)
• Pay per data transfer job
• Provide block storage and Amazon S3-compatible object storage
• Snowball Edge Storage Optimized / Compute Optimized

Question 14

AWS Snowcone

Answer 14

• Small, portable computing, anywhere
• 8 TBs of usable storage
• Can be sent back to AWS offline, or connect it to internet and use AWS DataSync to send data

Question 15

AWS Snowmobile

Answer 15

• Transfer exabytes of data (1 EB = 1,000 PB = 1,000,000 TBs)
• Better than Snowball if you transfer more than 10 PB

Question 16

AWS OpsHub

Answer 16

• Historically, to use Snow Family devices, you needed a CLI (Command Line Interface tool)
• Today, you can use AWS OpsHub (a software you install on your computer / laptop) to manage your Snow Family Device

Question 17

AWS Storage Gateway

Answer 17

• Bridge between on-premise data and cloud data in S3

* Hybrid storage service to allow on- premises to seamlessly use the AWS Cloud

Question 18

AWS Storage Cloud Native Options

Answer 18

BLOCK
• EC2
• EBS

FILE
• EFS

OBJECT
• S3
• Glacier