S3 Fundamentals
The service described as reliable, scalable, and secure object storage
What is AWS S3?
The default, general-purpose storage class for frequently accessed data
What is S3 Standard?
The virtual firewall operating at the instance/ENI level
What is a Security Group?
AWS service for registering domain names and routing DNS queries
What is Route 53?
Amazon S3 Standard is designed to provide this percentage of durability for your objects, often referred to as "11 nines"
What is 99.999999999%?
The containers used to hold objects in S3, whose names must be globally unique
What are S3 Buckets
Cheaper than Standard for storage, charges for retrieval, stores data redundantly across multiple AZs. Good for backups
What is S3 Standard-IA?
The virtual firewall operating at the subnet level.
What is a Network ACL?
AWS's Content Delivery Network (CDN) service
What is CloudFront?
These allow you to establish a private connection from your VPC to supported AWS services (like S3 or DynamoDB) or third-party services via PrivateLink, without requiring traffic to traverse the public internet
What are VPC Endpoints?
The maximum size for a single S3 object
What is 5TB?
Lowest cost storage, data stored in only a single AZ, suitable for recreatable data
What is S3 One Zone-IA?
This VPC component allows instances within your VPC to communicate with the public internet
What is an Internet Gateway (IGW)?
The Route 53 routing policy used for active-passive disaster recovery setups
What is Failover Routing?
This type of AWS Storage Gateway provides a virtual tape library (VTL) interface, helping integrate existing on-premises backup software with cloud storage like S3 and S3 Glacier
What is Tape Gateway?
The unique identifier for an object within a bucket, often resembling a file path
What is Object Key?
Automatically moves objects between access tiers based on usage, with no retrieval fees
What is S3 Intelligent-Tiering?
This managed service allows instances in a private subnet to initiate outbound internet connections (e.g., for updates) but prevents inbound connections from the internet
What is NAT Gateway?
The CloudFront feature used to restrict direct S3 access, ensuring users go through CloudFront
What is Origin Access Control (OAC)?
More numerous than Availability Zones, these AWS global network locations are used by CloudFront to cache content closer to users and by Route 53 to reduce DNS resolution latency.
What are Edge Locations?
The upload method required for objects larger than 5GB
What is Multi-Part Upload?
The S3 storage class offering the absolute lowest storage cost, designed for long-term archiving with retrieval times of 12-48 hours
What is S3 Glacier Deep Archive?
This service acts as a central hub to simplify connectivity and enable transitive routing between thousands of VPCs and on-premises networks
What is Transit Gateway?
The service that uses the AWS global network and static Anycast IPs to accelerate traffic for global applications (often non-HTTP)
What is AWS Global Accelerator?
This AWS-specific Route 53 record type allows you to map your domain's zone apex (e.g., example.com) directly to AWS resources like an Elastic Load Balancer, CloudFront distribution, or an S3 bucket configured for website hosting
What is an Alias Record?