AWS Console Basics
This type of authentication adds an extra layer of security to AWS accounts and should be enabled for all users.
What is Multi-Factor Authentication (MFA)?
This website serves as your starting point for exploring AWS Free Tier offerings and allows you to search for services you want to learn about.
What is aws.com/free?
In S3, this is the maximum size limit for a single object that can be stored, making it suitable for everything from small files to large media content.
What is 5 TB (terabytes)?
This AWS service manages user permissions and access controls for S3, serving as a key connecting element between services that designers must understand for secure applications.
What is IAM (Identity and Access Management)?
You should never use this type of AWS user for everyday tasks, and it should be kept protected with MFA enabled.
What is the root user?
With this compute service, you can use up to 750 hours per month of qualifying instance types in the 12 months free tier.
What is EC2?
Objects in S3 are stored in these containers, and each object can be up to 5 TB in size.
What are buckets?
This S3 feature automatically encrypts objects when they are stored in S3 buckets using either Amazon S3-managed keys or AWS KMS-managed keys.
What is Server-Side Encryption (SSE)?
This AWS security principle ensures users are granted only the minimum permissions necessary to perform their job functions.
What is the principle of least privilege?
This is the number of different types of free tier offerings that AWS provides, helping customers understand the variety of pricing models customers encounter.
What is three? (Always Free, 12 Months Free, and Trials)
This S3 storage class automatically moves data to the most cost-effective access tier without performance impact or operational overhead, making it ideal for unknown access patterns.
What is S3 Intelligent-Tiering?
This S3 security feature helps prevent accidental public access to buckets and objects by blocking public access at the account or bucket level.
What is S3 Block Public Access?
These two AWS services can be used together to track costs and identify opportunities to optimize resource usage.
What are AWS Cost Explorer and AWS Budgets?
This is the minimum storage duration requirement for S3 Standard-IA in the free tier, after which you can move or delete objects without additional charges.
What is 30 days?
This S3 storage class costs about half of S3 Standard and is designed for data that is accessed less frequently but requires rapid access when needed, with a minimum storage duration of 30 days.
What is S3 Standard-IA (Infrequent Access)?
This type of S3 policy allows or denies access to S3 buckets or objects based on conditions like IP addresses, ensuring resources are only available via HTTPS.
What is a bucket policy?
This AWS monitoring service, along with VPC Flow Logs, should be utilized to monitor infrastructure for performance, security, and resource usage, and can help capture and analyze logs to detect security threats
What is Amazon CloudWatch?
When customers exceed their free tier usage limits, AWS automatically transitions to this pricing model, which designers should understand to help customers avoid unexpected costs.
What is pay-as-you-go (or standard pricing)?
This S3 storage class is designed for long-term archive with retrieval times from minutes to hours, has a minimum storage duration of 90 days, and costs significantly less than standard storage classes.
What is S3 Glacier Flexible Retrieval?
This S3 feature provides an audit trail of when encryption keys were used and by whom, offers separate permissions for envelope keys, and provides added protection against unauthorized access with customer-managed encryption keys
What is SSE-KMS (Server-Side Encryption with AWS Key Management Service)?