AWS – S3 – Exam Tips

      No Comments on AWS – S3 – Exam Tips

S3 is an Object based storage.

 

file size 0-5 TB

universal namespace – names unique globally

 

file link format

https://s3-us-east-1.amazonaws.com/bucketname

 

http 200 code – if upload successful

 

S3 is not suitable for hosting databases or installing OS

 

Data Consistency:

Read after write consistency PUTs of new objects

Eventual consistency for overwrite PUTs and DELETEs

 

S3 object has:

key – filename

value – data

version id

metadata

subresources

  • ACL
  • torrent

Design Question – naming of S3 files.

  • add random SALT at start of file name so objects can be stored evenly across S3.

Amazon S3 Standard and Standard – IA are designed to provide 99.999999999% durability of objects over a given year.

Amazon S3 is designed to sustain the concurrent loss of data in two facilities.

 

Storage Tiers:

Standard (99.99% availability, 99.999999999% durability)

Standard -IA – cheaper

RRS – 99.99% durability, 99.99% availability

Glacier – data archival. 3-5 hour retrieval time – independent from S3

 

Galcier – $0.01 per 1GB per month

 

S3 – Charges

  • storage
  • requests
  • storage management pricing (tags)
  • data transfer pricing (data coming in is free but moving data around costs)
  • transfer acceleration (takes advantage of cloudfront edge locations)

 

a bucket name must contain lower case characters and numbers

objects can belong to different storage classes within the same bucket

 

Versioning  (lab)

Once versioning is turned on for a bucket it can’t be removed. it can only be disabled.
new version of same file will not have same permissions as the old version.
even if the bucket has read for everyone – the permissions don’t filter down to individual objects uploaded to the bucket
versioning integrates with lifecycle rules
can enable MFA with versioning on buckets or objects for additional layer of security
Cross Region Replication (lab)

versioning must be turned on for both source and destination buckets
objects in the source bucket prior to turning on cross region replication will not be replicated. only new objects uploaded to source buckets will be replicated to target bucket.
deleting an object in source bucket will also delete an object from target bucket
delete marker does replicate across region, version deletion doesn’t replicate either

Lifecycle Management

With transition action and expiration actions you can setup lifecycle management for S3 objects. You can use lifecycle management rules to move objects to lower tiers of storage and even to glacier and/or delete objects.

 

Security

All new buckets are private
access control can be setup using
bucket policies and
ACL (at the object level as well)
buckets can be configured to create access logs. logs can be created in another bucket or account
Encryption

in transit
ssl and tls
and data rest
server side encryption
S3 managed keys SSE-S3
AWS key management service, managed keys, SSE-KMS (provides audit trail)
SSE-C , customer manages the key
Client side encryption
Transfer Acceleration

uses cloudfront edge network to accelerate uploads to S3
can you a distinct URL to upload directly to an edge location, which will transfer file to S3
Static Website Hosting

You can host static website on S3.

URL format for static website hosting:
Endpoint : http://bucketname.s3-website-us-east-1.amazonaws.com

 

Make sure to read S3 FAQs:

https://aws.amazon.com/s3/faqs/

 

Leave a Reply

Your email address will not be published. Required fields are marked *