ryan-han.com โŒ ๐Ÿก’ integer.blog โญ•๏ธ

AWS S3 ์ด์ •๋ฆฌ

2018/10/07

๋ธ”๋กœ๊ทธ ์˜ฎ๊ฒผ์Šต๋‹ˆ๋‹ค! ๐Ÿก’ integer.blog

S3 (Simple Storage Service)

์ธํ„ฐ๋„ท ์Šคํ† ๋ฆฌ์ง€ ์„œ๋น„์Šค. ์šฉ๋Ÿ‰์— ๊ด€๊ณ„ ์—†์ด ํŒŒ์ผ์„ ์ €์žฅํ•  ์ˆ˜ ์žˆ๊ณ  ์›น(HTTP ํ”„๋กœํ† ์ฝœ)์—์„œ ํŒŒ์ผ์— ์ ‘๊ทผํ•  ์ˆ˜ ์žˆ๋‹ค.

1. ์‚ฌ์šฉ ์ด์œ 

  • S3๋Š” ์ €์žฅ ์šฉ๋Ÿ‰์ด ๋ฌดํ•œ๋Œ€์ด๊ณ  ํŒŒ์ผ ์ €์žฅ์— ์ตœ์ ํ™”๋˜์–ด ์žˆ๋‹ค. ์šฉ๋Ÿ‰์„ ์ถ”๊ฐ€ํ•˜๊ฑฐ๋‚˜ ์„ฑ๋Šฅ์„ ๋†’์ด๋Š” ์ž‘์—…์ด ํ•„์š”์—†๋‹ค.
  • ๋น„์šฉ์€ EC2์™€ EBS๋กœ ๊ตฌ์ถ•ํ•˜๋Š” ๊ฒƒ๋ณด๋‹ค ํ›จ์”ฌ ์ €๋ ด
  • S3 ์ž์ฒด๊ฐ€ ์ˆ˜์ฒœ ๋Œ€ ์ด์ƒ์˜ ๋งค์šฐ ์„ฑ๋Šฅ์ด ์ข‹์€ ์›น ์„œ๋ฒ„๋กœ ๊ตฌ์„ฑ๋˜์–ด ์žˆ์–ด์„œ EC2์™€ EBS๋กœ ๊ตฌ์ถ•ํ–ˆ์„ ๋•Œ ์ฒ˜๋Ÿผ Auto Scaling์ด๋‚˜ Load Balancing์— ์‹ ๊ฒฝ์“ฐ์ง€ ์•Š์•„๋„ ๋œ๋‹ค.
  • ๋™์  ์›นํŽ˜์ด์ง€์™€ ์ •์  ์›นํŽ˜์ด์ง€๊ฐ€ ์„ž์—ฌ์žˆ์„ ๋•Œ ๋™์  ์›นํŽ˜์ด์ง€๋งŒ EC2์—์„œ ์„œ๋น„์Šคํ•˜๊ณ  ์ •์  ์›นํŽ˜์ด์ง€๋Š” S3๋ฅผ ์ด์šฉํ•˜๋ฉด ์„ฑ๋Šฅ๋„ ๋†’์ด๊ณ  ๋น„์šฉ๋„ ์ ˆ๊ฐ.
  • ์›นํ•˜๋“œ ์„œ๋น„์Šค์™€ ๋น„์Šทํ•˜์ง€๋งŒ, ๋ณ„๋„์˜ ํด๋ผ์ด์–ธํŠธ ์„ค์น˜๋‚˜ ActiveX๋ฅผ ํ†ตํ•˜์ง€ ์•Š๊ณ  HTTP ํ”„๋กœํ† ์ฝœ๋กœ ํŒŒ์ผ ์—…๋กœ๋“œ/๋‹ค์šด๋กœ๋“œ ์ฒ˜๋ฆฌ
  • S3 ์ž์ฒด๋กœ ์ •์  ์›น์„œ๋น„์Šค ๊ฐ€๋Šฅ

2. ๋ฒ„ํ‚ท(Bucket)

  • ์ƒ์„ฑํ•˜๋ฉด default๋กœ private.
  • ํ•œ ๊ณ„์ • ๋‹น ์ตœ๋Œ€ 100๊ฐœ์˜ ๋ฒ„ํ‚ท ์‚ฌ์šฉ ๊ฐ€๋Šฅ.
  • ๋ฒ„ํ‚ท ์†Œ์œ ๊ถŒ์€ ์ด์ „ํ•  ์ˆ˜ ์—†๋‹ค.
  • ๋ฒ„ํ‚ท์˜ ์ด๋ฆ„์€ region์— ์ƒ๊ด€์—†์ด globally unique ํ•ด์•ผ ํ•œ๋‹ค.
  • ๋ฒ„ํ‚ท ์ฃผ์†Œ๋Š” https://s3-๋ฆฌ์ „์ด๋ฆ„.amazonaws.com/๋ฒ„ํ‚ท์ด๋ฆ„
  • S3 ๋ฐ์ดํ„ฐ ๋ชจ๋ธ์€ flat structure๋ผ์„œ ๋ฒ„ํ‚ท์— hierarchie๋‚˜ folder๋Š” ์—†๋‹ค.
  • ํ•˜์ง€๋งŒ keyname prefix (Folder1/Object1)๋ฅผ ์‚ฌ์šฉํ•ด์„œ ๋…ผ๋ฆฌ์ ์ธ hierarchies๋ฅผ ์•”์‹œํ•  ์ˆ˜ ์žˆ๋‹ค.
  • ๋ฒ„ํ‚ท ์•ˆ์— ๋‹ค๋ฅธ ๋ฒ„ํ‚ท์„ ๋‘˜ ์ˆ˜ ์—†๋‹ค.
  • Access Control
    • Bucket Policies
    • Access Control Lists
  • Path-Style URL์—์„œ ๋ฒ„ํ‚ท ์ด๋ฆ„์€ Region specific endpoint๋ฅผ ์‚ฌ์šฉํ•˜์ง€ ์•Š๋Š” ์ด์ƒ ๋„๋ฉ”์ธ๋ช…์— ํฌํ•จ๋˜์ง€ ์•Š๋Š”๋‹ค.
  • Virtual Hosted Style URL์—์„œ ๋ฒ„ํ‚ท์ด๋ฆ„์€ URL์˜ ๋„๋ฉ”์ธ๋ช…์˜ ์ผ๋ถ€๊ฐ€ ๋œ๋‹ค.
  • Virtual hosting์€ HTTP Host Header๋ฅผ ์‚ฌ์šฉํ•ด์„œ REST API ์ฝœ์˜ ๋ฒ„ํ‚ท์„ addressํ•˜๋Š” ๋ฐ ์‚ฌ์šฉ๋  ์ˆ˜ ์žˆ๋‹ค.

3. ๊ฐ์ฒด(Object)

  • Object level storage(not a Block level storage)
  • ๊ฐ์ฒด ํ•˜๋‚˜์˜ ํฌ๊ธฐ๋Š” 1Byte ~ 5TB
  • ์ €์žฅ ๊ฐ€๋Šฅํ•œ ๊ฐ์ฒด ๊ฐฏ์ˆ˜ ๋ฌด์ œํ•œ
  • ๊ฐ์ฒด๋งˆ๋‹ค ๊ฐ๊ฐ์˜ ์ ‘๊ทผ ๊ถŒํ•œ ์„ค์ • ๊ฐ€๋Šฅ
  • default๋กœ private ์ด๋‹ค.
  • ๊ฐ์ฒด metadata๋Š” ๊ฐ์ฒด๊ฐ€ ์—…๋กœ๋“œ ๋œ ํ›„์—๋Š” ์ˆ˜์ •๋  ์ˆ˜ ์—†๊ณ , ๋ณต์‚ฌํ•ด์„œ ์ˆ˜์ •ํ•ด์•ผ ํ•œ๋‹ค.
  • ๊ฐ์ฒด๋Š” Range HTTP header๋ฅผ ์ด์šฉํ•ด์„œ ๋ถ€๋ถ„์ ์œผ๋กœ ๊ฒ€์ƒ‰ํ•  ์ˆ˜ ์žˆ๋‹ค.
  • ๊ฐ์ฒด๋Š” Pre-signed url๋ฅผ ์‚ฌ์šฉํ•ด์„œ ๋‹ค์šด๋กœ๋“œ ํ•  ์ˆ˜ ์žˆ๋‹ค.
  • ๊ฐ์ฒด์˜ metadata๋Š” response header์— ๋ฐ˜ํ™˜๋œ๋‹ค.
  • Updating any metadata for an object requires all the metadata fields to be specified again

4. ์•”ํ˜ธํ™”

  1. In Transit (S3๋กœ ๋ฐ์ดํ„ฐ ์—…๋กœ๋“œํ•  ๋•Œ)
    • SSL/TLS
  2. At Rest
    • ์„œ๋ฒ„ ์‚ฌ์ด๋“œ ์•”ํ˜ธํ™”
      • None๊ณผ AES-256 ์ค‘ ์„ ํƒ ๊ฐ€๋Šฅ
      • S3 Managed Keys : SSE-S3
      • AWS Key Management Service, Managed Keys : SSE-KMS
      • Customer Provided Keys : SSE-C
    • ํด๋ผ์ด์–ธํŠธ ์‚ฌ์ด๋“œ ์•”ํ˜ธํ™”
  3. ๋ณตํ˜ธํ™”๋Š” ๋ฐ์ดํ„ฐ๋ฅผ ๊ฐ€์ ธ์˜ฌ ๋•Œ ์ด๋ฃจ์–ด์ง„๋‹ค.

5. S3 Tiers/Classes

  • ํŒŒ์ผ์„ ์˜ฌ๋ฆฌ๊ณ  ๋‚˜์„œ๋„ ์„ค์ •ํ•  ์ˆ˜ ์žˆ๋‹ค.
  • S3 Standard
    • 99.99% availability (์•„๋งˆ์กด ๊ฒŒ๋Ÿฐํ‹ฐ 99.9%)
    • 99.999999999% durablity.
    • ๋‹ค์ˆ˜์˜ ์žฅ์น˜์™€ ๋‹ค์ˆ˜์˜ ์‹œ์„ค์— ์ €์žฅ
    • 2๊ฐœ์˜ ์‹œ์„ค์„ ๋™์‹œ์— ์žƒ์–ด๋„ ์ง€์†๋˜๊ฒŒ๋” ์„ค๊ณ„
  • S3 IA (Infrequently Accessed)
    • ์ž์ฃผ ์ ‘๊ทผ๋˜์ง€ ์•Š์ง€๋งŒ, ํ•„์š”ํ•  ๋•Œ ๋น ๋ฅด๊ฒŒ ์ ‘๊ทผํ•  ํ•„์š”๊ฐ€ ์žˆ๋Š” ๋ฐ์ดํ„ฐ์— ์ ํ•ฉ
    • S3๋ณด๋‹ค ์ €๋ ดํ•˜๋‹ค. ํ•˜์ง€๋งŒ retrieval fee๊ฐ€ ๊ณผ๊ธˆ๋œ๋‹ค.
  • S3 One Zone IA
    • ์ด์ „์˜ RRS๋ฅผ ๋Œ€์ฒดํ•˜๋Š” ์ƒˆ๋กœ์šด ํด๋ž˜์Šค
    • RRS(Reduced Redundancy Storage)๋Š” ๋ฐ์ดํ„ฐ ์‚ฌ๋ณธ์˜ ์ˆ˜๋ฅผ ์ค„์—ฌ ๋น„์šฉ์„ ๋‚ฎ์ถค. ์›๋ณธ์—์„œ ๋‹ค์‹œ ์ƒ์„ฑํ•  ์ˆ˜ ์žˆ๋Š” ๋ฐ์ดํ„ฐ ์ €์žฅ์— ์ ํ•จ. (๋‚ด๊ตฌ์„ฑ 99.99%)
    • ์ž์ฃผ ์ ‘๊ทผ๋˜์ง€ ์•Š๋Š” ๋ฐ์ดํ„ฐ๋ฅผ ์œ„ํ•œ ์ €๋น„์šฉ ์˜ต์…˜
    • S3 IA์™€ ๊ฐ™์ง€๋งŒ ๋‹ค์ˆ˜์˜ AZ์ด ์•„๋‹ˆ๋ผ ํ•˜๋‚˜์˜ AZ์— ์ €์žฅ
  • Glacier
    • ๋งค์šฐ ์ €๋ ดํ•˜์ง€๋งŒ Archival only.
    • ์ข…๋ฅ˜๋Š” Expedidited / Standard / Bulk
    • Standard์˜ retrieval time์€ 3~5์‹œ๊ฐ„

6. Data Consistency Model

  • Read after Write consistency for PUTS of new Objects
    • ๊ฐ์ฒด๋ฅผ ์ƒˆ๋กœ ์ถ”๊ฐ€ํ•˜๋ฉด ๋ฐ”๋กœ ์ฝ์„ ์ˆ˜ ์žˆ๋‹ค.
    • S3๋Š” PUT ์š”์ฒญ์— ๋Œ€ํ•˜์—ฌ ๋‹ค์ˆ˜์˜ ์‹œ์„ค์— ๋ฐ์ดํ„ฐ๋ฅผ ์ €์žฅํ•œ ํ›„์— SUCCESS๋ฅผ ๋ฐ˜ํ™˜ํ•œ๋‹ค.
    • A process writes a new object to S3 and immediately lists keys within its bucket. Until the change is fully propagated, the object might not appear in the list.
  • Eventual Consistency for overwrite PUTS and DELETES (can take some time to propagate)
    • PUTS๋ฅผ ๋ฎ์–ด์“ฐ๊ฑฐ๋‚˜(์—…๋ฐ์ดํŠธ) ๊ฐ์ฒด๋ฅผ ์‚ญ์ œํ•˜๋ฉด propagateํ•˜๋Š”๋ฐ์— ์‹œ๊ฐ„์ด ๊ฑธ๋ฆฐ๋‹ค.

7. Storage Gateway (AWS ์„œ๋น„์Šค ์ค‘ ํ•˜๋‚˜)

  • On-premise IT ํ™˜๊ฒฝ๊ณผ AWS์˜ Storage ์ธํ”„๋ผ๋ฅผ ์—ฐ๊ฒฐ์‹œ์ผœ์ฃผ๋Š” ์„œ๋น„์Šค
  • VM image๋กœ ๋‹ค์šด๋กœ๋“œ ํ•˜์—ฌ ๋ฐ์ดํ„ฐ์„ผํ„ฐ์˜ host์— ์„ค์น˜ํ•  ์ˆ˜ ์žˆ๋‹ค.
  • Storage Gateway๋Š” VMware ESXi, Microsoft Hyper-V๋„ ์ง€์›ํ•œ๋‹ค.
  • ์ข…๋ฅ˜
    • File Gateway(NFS) - for flat files, stored directly on S3
    • Volumes Gateway(iSCSI)
    • Stored Volumes - Entire Dataset is stored on site and is asynchronously backed up to S3
    • Cached Volumes - Entire Dataset is stored on S3 and the most frequently accessed data is cached on site
    • Tape Gateway(VTL) - Used for backup and uses popular backup applications like NetBackup, Backup Exec, Veeam etc
  • File GateWay(NFS) ๋‹ค์ด์–ด๊ทธ๋žจ
  • Volumes Gateway(iSCSI)
    • Stored Volumes ๋‹ค์ด์–ด๊ทธ๋žจ
    • Cached Volumes ๋‹ค์ด์–ด๊ทธ๋žจ
  • Tape Gateway(VTL) ๋‹ค์ด์–ด๊ทธ๋žจ

8. ๊ธฐํƒ€

  • ์šด์˜์ฒด์ œ ์„ค์น˜ํ•  ์ˆ˜ ์—†๋‹ค.
  • ์‚ฌ์šฉ์ž ์„ค์ • metadata๋Š” ๋ฐ˜๋“œ์‹œ “x-amz-meta”๋ผ๋Š” prefix๋กœ ์‹œ์ž‘ํ•ด์•ผ ์‚ฌ์šฉ์ž๊ฐ€ ์ •ํ•œ key value pair๊ฐ€ ์„ค์ •๋œ๋‹ค.
  • S3 does not process user-defined metadata
  • S3 ์ž์ฒด์ ์œผ๋กœ Version Control ๊ธฐ๋Šฅ์„ ๋‚ด์žฅํ•˜๊ณ  ์žˆ๋‹ค. ํŒŒ์ผ์„ ์ด์ „ ๋‚ด์šฉ์œผ๋กœ ๋˜๋Œ๋ฆฌ๊ฑฐ๋‚˜ ์‚ญ์ œํ•œ ํŒŒ์ผ์„ ๋ณต์›ํ•  ์ˆ˜ ์žˆ๋‹ค.
    • Versioning์ด enabled ๋˜๋ฉด disabled ๋  ์ˆ˜ ์—†๋‹ค. ์˜ค์ง suspended ๋˜๋Š” ๊ฒƒ์ด๋‹ค.
  • ๋‹ค๋ฅธ ๋ฆฌ์ „์œผ๋กœ ๋ณต์‚ฌํ•˜๋ ค๋ฉด ์†Œ์Šค๋ฒ„ํ‚ท์˜ versioning์„ ํ™œ์„ฑํ™” ํ•ด์•ผํ•œ๋‹ค.
  • ๋ฒ„ํ‚ท์— ์ €์žฅ๋œ ๊ฐ์ฒด์˜ LifeCycle์„ ๊ด€๋ฆฌํ•  ์ˆ˜ ์žˆ๋‹ค.
  • Multi Part ์—…๋กœ๋“œ
    • 1 ~ 10000 parts๋ฅผ ์ง€์›ํ•˜๊ณ , ๊ฐ ํŒŒํŠธ๋Š” 5MB~5GB, ๋งˆ์ง€๋ง‰ ํŒŒํŠธ๋Š” 5MB ์ดํ•˜๋กœ๋„ ๊ฐ€๋Šฅํ•˜๋‹ค.
    • ์ตœ๋Œ€ ์—…๋กœ๋“œ ์‚ฌ์ด์ฆˆ๋Š” 5TB
  • S3 Transfer Acceleration
    • S3์— ๋ฐ”๋กœ ์—…๋กœ๋“œํ•˜์ง€ ์•Š๊ณ , ์ƒ์„ฑ๋˜๋Š” URL์„ ์‚ฌ์šฉํ•ด์„œ CloudFront์˜ Edge location์— ๋ฐ”๋กœ ์˜ฌ๋ฆฌ๊ณ  S3๋กœ ์˜ฎ๊ธฐ๋Š” ๊ฒƒ
  • S3๋กœ ์ •์ ์ธ ์›น์‚ฌ์ดํŠธ ๋งŒ๋“ค๊ธฐ
    • Endpoint ์ฃผ์†Œ : http://๋ฒ„ํ‚ท์ด๋ฆ„.s3-website-๋ฆฌ์ ผ์ด๋ฆ„.amazonaws.com
    • S3 website endpoints๋Š” https๋ฅผ ์ง€์›ํ•˜์ง€ ์•Š๋Š”๋‹ค.
  • Snowball
    • Snowball
    • Snowball Edge
    • Snowmobile
  • Notification์€ ๋ฒ„ํ‚ท ๋ ˆ๋ฒจ์—์„œ ์‚ฌ์šฉ๋œ๋‹ค.

9. ๋น„์šฉ

  • Charged for
    • Storage - GB/month
    • Requests - per Request. Request Type(GET, PUT)์— ๋”ฐ๋ผ ๋‹ค๋ฅด๋‹ค.
    • Storage Management Pricing
    • Data Transfer Pricing
    • Transfer in - free
    • Transfer out - GB/month (๊ฐ™์€ region์ด๋‚˜ CloudFront๋กœ ์ด์ „ ์ œ์™ธ)
    • Transfer Acceleration
  • S3์˜ ๋น„์šฉ์€ Region์— ๋”ฐ๋ผ ๋‹ค๋ฅด๋‹ค.

10. ๋” ์ž์„ธํ•œ ํ•™์Šต (์™„๋ฃŒํ•  ๋•Œ ๋งˆ๋‹ค ์ค„ ๊ธ‹๊ธฐ)

*์–ด๋ ค์šด ๋ฌธ์ œ๋“ค

  1. What are characteristics of Amazon S3? Choose 2 answers
    a. Objects are directly accessible via a URL
    b. S3 should be used to host a relational database
    c. S3 allows you to store objects or virtually unlimited size
    d. S3 allows you to store virtually unlimited amounts of data e. S3 offers Provisioned IOPS

  2. You are building an automated transcription service in which Amazon EC2 worker instances process an uploaded audio file and generate a text file. You must store both of these files in the same durable storage until the text file is retrieved. You do not know what the storage capacity requirements are. Which storage option is both cost-efficient and scalable?
    a. Multiple Amazon EBS volume with snapshots
    b. A single Amazon Glacier vault
    c. A single Amazon S3 bucket
    d. Multiple instance stores

  3. A media company produces new video files on-premises every day with a total size of around 100GB after compression. All files have a size of 1-2 GB and need to be uploaded to Amazon S3 every night in a fixed time window between 3am and 5am. Current upload takes almost 3 hours, although less than half of the available bandwidth is used. What step(s) would ensure that the file uploads are able to complete in the allotted time window?
    a. Increase your network bandwidth to provide faster throughput to S3
    b. Upload the files in parallel to S3 using mulipart upload
    c. Pack all files into a single archive, upload it to S3, then extract the files in AWS
    d. Use AWS Import/Export to transfer the video files

  4. A company is deploying a two-tier, highly available web application to AWS. Which service provides durable storage for static content while utilizing lower Overall CPU resources for the web tier?
    a. Amazon EBS volume
    b. Amazon S3
    c. Amazon EC2 instance store
    d. Amazon RDS instance

  5. When you put objects in Amazon S3, what is the indication that an object was successfully stored?
    a. Each S3 account has a special bucket named_s3_logs. Success codes are written to this bucket with a timestamp and checksum.
    b. A success code is inserted into the S3 object metadata.
    c. A HTTP 200 result code and MD5 checksum, taken together, indicate that the operation was successful.
    d. Amazon S3 is engineered for 99.999999999% durability. Therefore there is no need to confirm that data was inserted.

  6. You have private video content in S3 that you want to serve to subscribed users on the Internet. User IDs, credentials, and subscriptions are stored in an Amazon RDS database. Which configuration will allow you to securely serve private content to your users?
    a. Generate pre-signed URLs for each user as they request access to protected S3 content
    b. Create an IAM user for each subscribed user and assign the GetObject permission to each IAM user
    c. Create an S3 bucket policy that limits access to your private content to only your subscribed usersโ€™ credentials
    d. Create a CloudFront Origin Identity user for your subscribed users and assign the GetObject permission to this user

  7. You run an ad-supported photo sharing website using S3 to serve photos to visitors of your site. At some point you find out that other sites have been linking to the photos on your site, causing loss to your business. What is an effective method to mitigate this?
    a. Remove public read access and use signed URLs with expiry dates.
    b. Use CloudFront distributions for static content.
    c. Block the IPs of the offending websites in Security Groups.
    d. Store photos on an EBS volume of the web server.

  8. You are designing a web application that stores static assets in an Amazon Simple Storage Service (S3) bucket. You expect this bucket to immediately receive over 150 PUT requests per second. What should you do to ensure optimal performance?
    a. Use multi-part upload.
    b. Add a random prefix to the key names.
    c. Amazon S3 will automatically manage performance at this scale.
    d. Use a predictable naming scheme, such as sequential numbers or date time sequences, in the key names

  9. What is the maximum number of S3 buckets available per AWS Account?
    a. 100 Per region
    b. There is no Limit
    c. 100 Per Account (Refer documentation)
    d. 500 Per Account
    e. 100 Per IAM User

  10. Your customer needs to create an application to allow contractors to upload videos to Amazon Simple Storage Service (S3) so they can be transcoded into a different format. She creates AWS Identity and Access Management (IAM) users for her application developers, and in just one week, they have the application hosted on a fleet of Amazon Elastic Compute Cloud (EC2) instances. The attached IAM role is assigned to the instances. As expected, a contractor who authenticates to the application is given a pre-signed URL that points to the location for video upload. However, contractors are reporting that they cannot upload their videos. Which of the following are valid reasons for this behavior? Choose 2 answers { โ€œVersionโ€: โ€œ2012-10-17โ€, โ€œStatementโ€: [ { โ€œEffectโ€: โ€œAllowโ€, โ€œActionโ€: โ€œs3:*โ€, โ€œResourceโ€: โ€œ*โ€ } ] }
    a. The IAM role does not explicitly grant permission to upload the object. (์˜ค๋‹ต์ฒดํฌ: The role has all permissions for all activities on S3)
    b. The contractorsหˆ accounts have not been granted โ€œwriteโ€ access to the S3 bucket. (์˜ค๋‹ต์ฒดํฌ: using pre-signed urls the contractors account donโ€™t need to have access but only the creator of the pre-signed urls)
    c. The application is not using valid security credentials to generate the pre-signed URL.
    d. The developers do not have access to upload objects to the S3 bucket. (์˜ค๋‹ต์ฒดํฌ: developers are not uploading the objects but its using pre-signed urls)
    e. The S3 bucket still has the associated default permissions. (์˜ค๋‹ต์ฒดํฌ: does not matter as long as the user has permission to upload)
    f. The pre-signed URL has expired.

  11. S3 has what consistency model for PUTS of new objects?
    a. Read After Write Consistency
    b. Write After Read Consistency
    c. Eventual Consistency
    d. Usual Consistency

  12. What is AWS Storage Gateway?
    a. It's an on-premise virtual appliance that can be used to cache S3 locaaly at a customers site
    b. It allows large scale import/exports in to the AWS cloud without the use of an internet connection
    c. It allows a direct MPLS connection in to AWS
    d. None of the above.

  13. S3 has eventual consistency for which HTTP Methods?
    a. PUTS of new Objects and DELETES
    b. overwrite PUTS and DELETES
    c. PUTS of new objects and UPDATES
    d. UPDATES and DELETES

  14. You need to use an Object based storage solution to store your critical, non replaceable data in a cost effective way. This data will be frequently updated and will need some form of version control enabled on it. Which S3 storage solution should you use?
    a. S3
    b. S3-IA
    c. S3-RRS
    d. Glacier

  15. You work for a health insurance company who collects large amounts of documents regarding patients health records. This data will be used usually only once when assessing a customer and will then need to be securely stored for a period of 7 years. In some rare cases you may need to retrieve this data within 24 hours of a claim being lodged. Which storage solution would best suit this scenario? You need to keep your costs as low as possible.
    a. S3
    b. S3-IA
    c. S3-RRS
    d. Glacier

  16. You run a meme creation website that frequently generates meme images. The original images are stored in S3 and the meta data about the memes are stored in DynamoDB. You need to store the memes themselves in a low cost storage solution. If an object is lost, you have created a Lambda function that will automatically recreate this meme using the original file in S3 and the metadata in Dynamodb. Which storage solution should you consider to store this non-critical, easily reproducible data on in the most cost effective solution as possible?
    a. S3
    b. S3-IA
    c. S3-RRS
    d. Glacier

  17. You run a popular photo sharing website that is based off S3. You generate revenue from your website via paid for adverts, however you have discovered that other websites are linking directly to the images on your site, and not to the HTML pages that serve the content. This means that people are not seeing your adverts and every time a request is made to S3 to serve an image it is costing your business money. How could you resolve this issue?
    a. Use CloudFront to serve the static content
    b. Remove the ability for images to be served publicly to the site and then used signed URL's with expiry dates
    c. Use security groups to blacklist the IP addresses of the sites that do this
    d. Use EBS rather than S3 to store the content

  18. A user has an S3 object in the US Standard region with the content โ€œcolor=redโ€. The user updates the object with the content as โ€œcolor=โ€whiteโ€. If the user tries to read the value 1 minute after it was uploaded, what will S3 return?
    a. It will return “color=white”
    b. It will return “color=red”
    c. It will return and error saying that the object was not found
    d. It may return either "color=red" or "color=white" i.e. any of the value

  19. A user is enabling a static website hosting on an S3 bucket. Which of the below mentioned parameters cannot be configured by the user?
    a. Error document
    b. Conditional error on object name
    c. Index document
    d. Conditional redirection on object name

  20. Company ABCD is running their corporate website on Amazon S3 accessed from http//www.companyabcd.com. Their marketing team has published new web fonts to a separate S3 bucket accessed by the S3 endpoint: https://s3-us-west1.amazonaws.com/abcdfonts. While testing the new web fonts, Company ABCD recognized the web fonts are being blocked by the browser. What should Company ABCD do to prevent the web fonts from being blocked by the browser?
    a. Enable versioning on the abcdfonts bucket for each web font
    b. Create a policy on the abcdfonts bucket to enable access to everyone c. Add the Content-MD5 header to the request for webfonts in the abcdfonts bucket from the website
    d. Configure the abcdfonts bucket to allow cross-origin requests by creating a CORS configuration

*Reference