Demystifying Cloud and Consoles..

Demystifying Cloud and Consoles..

AWS Solution Architect Associate Exam Prep Notes

AWS Solution Architect Associate Exam Prep Notes

Subscribe to my newsletter and never miss my upcoming articles

Dear readers,

I cleared my AWS certified SAA exam few months back.

AWS Certified Solutions Architect - Associate certificate-page-001.jpg

For my exam, I prepared notes covering all important topics and key points to remember. I highly recommend the Udemy course by Ryan Kroonerberg.

The following notes are taken based on the aforementioned course material.

I've divided the notes into a 5 part series.

Disclaimer: These notes are to be used as supplementary material. Don’t rely entirely on the notes for your exam. Use these notes for last-minute revision before your exam.

S3 Notes


S3 consists of

  • Keys
  • Values
  • Version ID
  • Metadata
  • Subresources
    • ACL
    • Torrents

Data consistency in S3

  1. Read after write consistency for PUTS of a new object.

    • Meaning: if you write a new file and read it immediately afterward, you’ll be able to view that data.
  2. Eventual consistency for overwrite PUTS and DELETES( can take some time to propagate).

    • Meaning: If you update AN EXISTING file or delete a file and read it immediately, you may get the older version, or you may not. Basically, changes to objects can take a little bit longer to propagate

S3 Guarantees

  • S3 platform is Built for 99.99% availability
  • But, Amazon will give you 99.9% availability ( for all customers )
  • Amazon guarantees 99.99999999999% durability for S3 information. ( 99 followed by 11x9’s )

S3 Features

  • Tiered Storage available
  • Lifecycle Management
  • Versioning
  • Encryption
  • MFA Delete
  • Secure your data using Access Control Lists and Bucket Policies

S3 Storage Classes

  • S3 Standard - 99.99% availability
  • S3 - IA - 99.9% availability
  • S3 Intelligent Tiering
  • S3 One Zone - IA - 99.95% availability
  • S3 Glacier - configurable retrieval ( from minutes to hours) - 99.99% availability
  • S3 Glacier Deep Archive - 12 hours of retrieval time - 99.99% availability

S3 Pricing based on

  • Storage
  • Requests
  • Storage management
  • Data transfer
  • Transfer Acceleration
  • Cross-Region Replication

S3 General Notes

  • FIles can be 0 bytes to 5TB
  • Unlimited storage
  • Address looks like this:
  • You can turn on MFA delete for objects in the S3 bucket - optional
  • S3 is stored in a minimum of 3 AZ.
  • ACL is for object-level & Bucket policy is for bucket level
  • Once Versioning is enabled, It Cannot be disabled, It can only be suspended.
  • Versioning stores all the versions of a file (including “delete marker”), If you delete the “delete marker”, then it will be recovered
  • You can have 100 buckets/account
  • S3 now supports 3500 PUTS/sec [ previously *before 2018, was only 100 PUTS/sec]

S3 Encryption

  1. Encryption at Transit
    • Through SSL/TLS
  2. Encryption at Rest (Server Side)
    • S3 Managed Keys; SSE-S3
    • AWS KMS managed keys; SSE-KMS
  3. SSE with customer-managed keys; SSE-C
    • Encryption at Rest (Client-Side)

AWS Organization

  • Similar to IAM policy, we have SCP(Service control policies to define policy for aws accounts under the org account). Either apply SCP on Organization Unit(OU) or individual accounts.

Three ways to share S3 bucket across accounts

  • Using Bucket Policies(Bucket level) & IAM (programmatic only)
  • Using Access Control List(object level) & IAM (programmatic only)
  • Cross-Account IAM Roles ( Programmatic & Console)

For CRR(Cross-Region Replication)

  • Versioning must be enabled for both source and destination buckets
  • Files in an existing bucket are not replicated. Only new files are replicated
  • All Subsequent updated will be replicated
  • Delete markers are not replicated

AWS Storage gateway

  • To communicate on-premise with AWS Cloud
  • Three types
    • FIle gateway
    • Volume gateway
      • Stored Volume: Entire data on site, but asynchronously backed up to S3
      • Cached Volume: Entire data on S3, frequently accessed data alone on site.
    • Tape gateway (VTL - Virtual Tape Library)

Athena

  • Used to run queries on S3 using SQL like language

Macie

  • Uses AI to identify PII(Personal Identifiable Information) by analyzing the object's data in S3

Continue reading Part 2 - AWS EC2...

 
Share this