Amazon S3
Service that allows people to store objects (files) in buckets ("directories")
T/F: Buckets in Amazon S3 must have a globally unique name.
True
T/F: Objects (files) have a Key, which is the FULL path (e.g., <my_bucket>/my_file.txt)
True
T/F: The max object size in Amazon S3 is 5TB.
True
T/F: Object tags (key/value pairs) can be used in Amazon S3 for security and classification purposes.
True
T/F: Amazon S3 supports any file format for objects.
True
Amazon S3 Partitioning
Pattern for speeding up range queries
Amazon S3 Standard - General Purpose
Designed for frequently accessed data (more than once a month) with millisecond access
,Amazon S3 Standard-Infrequent Access
Used for data that is less frequently accessed but requires rapid access when needed; use cases include
disaster recovery and backups.
Amazon S3 One Zone-Infrequent Access
Used for data that is less frequently accessed but requires rapid access when needed; data is lost when
the AZ is destroyed.
Amazon S3 Glacier Instant Retrieval
Low-cost object storage meant for archiving / backup;
• Provides millisecond retrieval and is good for data accessed once a quarter
Amazon S3 Glacier Flexible Retrieval
Low-cost object storage meant for archiving / backup with different retrieval options:
• Expedited (1 to 5 minutes), Standard (3 to 5 hours), Bulk (5 to 12 hours) - free
• Minimum storage duration of 90 days
Amazon S3 Glacier Deep Archive
Lowest-cost object storage class ideal for archiving / backup
• Able to retrieve objects within 12 hours
Amazon S3 Intelligent Tiering
Storage classes that allows you to move data between storage classes based on usage for a small
monthly monitoring and auto-tiering fee
,Durability
Represents how many times an object could be lost by Amazon S3
Example: If you store 10,000,000 objects with Amazon S3, you can on average expect to incur a loss
of a single object once every 10,000 years.
Availability
Measures how readily available a service is
Example: S3 Standard has 99.99% availability = not available 53 minutes a year.
T/F: The durability is the same for all storage classes in Amazon S3.
True
Amazon S3 Lifecycle Rules
Set of rules that define actions that Amazon S3 applies to a group of objects
Two types of Amazon S3 Lifecycle Rules
• Transition Actions - Configuring objects to transition to another storage class
• Expiration Actions - Configuring objects to expire (delete) after some time
Amazon S3 Analytics - Storage Class Analysis
• Help you decide when to transition objects to
the right storage class
• Recommendations for Standard and Standard IA
, T/F: Amazon S3 Analytics - Storage Class Analysis works for One-Zone IA and Glacier.
False
T/F: IAM Policies are known as user-based security.
True
T/F: Bucket Policies are known as resource-based security.
True
Security Options in Amazon S3
• User-Based (e.g., IAM Policies)
• Resource-Based (e.g., Bucket Policies)
• Encryption (e.g., Encryption Keys)
Amazon S3 Bucket Policies
JSON-based policies with statements specifying resources, effect, actions, and principal
Bucket settings for Block Public Access
• These settings were created to prevent company data leaks
• If you know your bucket should never be public, leave these on
• Can be set at the account level
Amazon S3 Object Encryption Options
Service that allows people to store objects (files) in buckets ("directories")
T/F: Buckets in Amazon S3 must have a globally unique name.
True
T/F: Objects (files) have a Key, which is the FULL path (e.g., <my_bucket>/my_file.txt)
True
T/F: The max object size in Amazon S3 is 5TB.
True
T/F: Object tags (key/value pairs) can be used in Amazon S3 for security and classification purposes.
True
T/F: Amazon S3 supports any file format for objects.
True
Amazon S3 Partitioning
Pattern for speeding up range queries
Amazon S3 Standard - General Purpose
Designed for frequently accessed data (more than once a month) with millisecond access
,Amazon S3 Standard-Infrequent Access
Used for data that is less frequently accessed but requires rapid access when needed; use cases include
disaster recovery and backups.
Amazon S3 One Zone-Infrequent Access
Used for data that is less frequently accessed but requires rapid access when needed; data is lost when
the AZ is destroyed.
Amazon S3 Glacier Instant Retrieval
Low-cost object storage meant for archiving / backup;
• Provides millisecond retrieval and is good for data accessed once a quarter
Amazon S3 Glacier Flexible Retrieval
Low-cost object storage meant for archiving / backup with different retrieval options:
• Expedited (1 to 5 minutes), Standard (3 to 5 hours), Bulk (5 to 12 hours) - free
• Minimum storage duration of 90 days
Amazon S3 Glacier Deep Archive
Lowest-cost object storage class ideal for archiving / backup
• Able to retrieve objects within 12 hours
Amazon S3 Intelligent Tiering
Storage classes that allows you to move data between storage classes based on usage for a small
monthly monitoring and auto-tiering fee
,Durability
Represents how many times an object could be lost by Amazon S3
Example: If you store 10,000,000 objects with Amazon S3, you can on average expect to incur a loss
of a single object once every 10,000 years.
Availability
Measures how readily available a service is
Example: S3 Standard has 99.99% availability = not available 53 minutes a year.
T/F: The durability is the same for all storage classes in Amazon S3.
True
Amazon S3 Lifecycle Rules
Set of rules that define actions that Amazon S3 applies to a group of objects
Two types of Amazon S3 Lifecycle Rules
• Transition Actions - Configuring objects to transition to another storage class
• Expiration Actions - Configuring objects to expire (delete) after some time
Amazon S3 Analytics - Storage Class Analysis
• Help you decide when to transition objects to
the right storage class
• Recommendations for Standard and Standard IA
, T/F: Amazon S3 Analytics - Storage Class Analysis works for One-Zone IA and Glacier.
False
T/F: IAM Policies are known as user-based security.
True
T/F: Bucket Policies are known as resource-based security.
True
Security Options in Amazon S3
• User-Based (e.g., IAM Policies)
• Resource-Based (e.g., Bucket Policies)
• Encryption (e.g., Encryption Keys)
Amazon S3 Bucket Policies
JSON-based policies with statements specifying resources, effect, actions, and principal
Bucket settings for Block Public Access
• These settings were created to prevent company data leaks
• If you know your bucket should never be public, leave these on
• Can be set at the account level
Amazon S3 Object Encryption Options
