AWS, section 4, S3 and CORS

  1. Do S3 buckets  have to have a global unique address
  2. How much storage do you get on s3? How big can the inidividual files be?
    unlimited, 0-5TB
  3. What is S3
    • safe space to store data
    • Data is stored across multiple locations
    • object based storage
  4. What is the data consistency model for S3?
    • Read after write after PUTs
    • Its called eventual consistency. It might take time to delete stuff or edit the file though.
  5. what is the subresources in terms ofs3 buckets
    • They are bucket specific config
    • eg bucket policies, access control lists
  6. What is transfer acceleration in s3
    Lets you transfer lots of files in s3
  7. What is metadata in s3 buckets
    data about the data you're storing, eg team name using it
  8. What do objects in S3 buckets consist of?
    • Key - name of object
    • Value - the data
    • Version ID - supports version control
    • Metadata (data about the data you're sharing)
    • Subresources - bucket policies, access control lists
    • cross origin sharing. - allows buckets to access to other buckets
  9. What are the storage tiers for s3
    Standard S3. 99.99% availability, 99.9999999% durability. stored redundanly over multiple storage facilites capapble of 2 data centre losses.

    S3 (IA) - infrequenctly accesssed. only pay when you retrieve

    s3- One zone IA. Only stored in on availabiliity zone. Slighltly less aavailability. Cost is 20% less than regular IA.

    reduced redundancy storage. no longer recommended. Use for data that can be recreated if lost

    Glacier. Used for archiving and stuff you really dont use
  10. What is s3 intelligent tiering
    It moves you into two different storage tiers depending on how often you acess stuff. Its more cost effective.
  11. By default what is security setting of an s3 bucket?
  12. What will successful uploads generate when you use the CLI for API
    An HTTP 200 status code
  13. How can you modify access to buckets and at what level are each of these applied
    By bucket policies-applied at bucket level. Cant apply to individual object

    and access control lists - applied at object level
  14. What language are bucket policies written in
  15. What are the two types of encryption in s3?
    In transit - encrypting between the buckets

    • At rest (server side encryption)
    • SSE S3 - s3 managed keys
    • SSE KMS - kms managed keys
    • SSE C - Server side encryption with customer provided keys
  16. What is SSE S3 managed keys
    • Amazon manage the keys for you.
    • You get the strong multifactor authentication and they rotate the keys for you.
  17. What is AWS SSE-KMS.
    AMazon manage keys but additionally the keys are encrypted by an envelope which is encrypted. You get an audit trail too.
  18. What is AWS SSE-C
    AWS manage encryption and decryption but you manage the keys and the lifecycle
  19. Client side encryption? what is it
    You choose your own encryption methodology
  20. How do we enforce encryption on all the files we upload onto s3
    • We make a put request and then we put a request header on it. Two types of request headers are possible. 
    • SSE--S3 (s3 managed keys)
    • SSE-KMS (KMS managed keys)
    • If the header is not included, it wont get uploaded
  21. What is the difference between CDN and transfer acceleration?
    CDN is for content delivery eg downloads and stuff and trasnfer acceleration is about faster uploads to s3
  22. What is cloudfront?
    Its a CDN. System of distributed servers that deliver webpages and other web content based on where they are and where the page came from and where the content delivery server is.
  23. How does edge location work
    It caches fequently requested stuff.
  24. WHat is origin in CDN
    origin of files that CDN will distribute.
  25. What is distribution in CDN? And what are its two types?
    • Distribution is a name for CDN (cloud distribution network)
    • The two types are:
    • Web distribution - for websites
    • RTMP distribution - for media streaming adobe real time messaging
  26. What are Edge locations in CDN
    • Places you cache frequently accessed shit to
    • Its read and wirte. 
    • Used by S3 transfer acceleration to reduce latency for s3 uploads.
    • Object cached
    • Remember its not the same place as availability zone
  27. What might you use a signed url for?
    To provide users access to things only if they have paid for it.
  28. WHat should you use if you get GET intensive stuf in S3?
    Use cloudfront
  29. Whatis AWS WAF?
    its web application firewall to protect stuff on the application layer from sql injection attacks.
  30. What is the largest file size you can transfer to s3 using a put operation?
  31. WHat do you do if you have mixed request load in S3
    • Use the key name. 
    • If you use sequential names, you might end up with multiple ojects aiming for the same slot

    So S3 actually add random keys in there. like hex hash. Spreads the load a bit.

    UPDATE: This is not longer necessary
  32. What is the HTTP code you would see once you successfully place a file in an S3 bucket?
  33. Is s3 suitable for databases?
  34. How does S3 determine which partition to use to store files?
    It uses the bucket key name
Card Set
AWS, section 4, S3 and CORS
aws stuff