{"id":6,"date":"2021-11-20T13:11:30","date_gmt":"2021-11-20T13:11:30","guid":{"rendered":"https:\/\/192.168.1.3\/wordpress\/?p=6"},"modified":"2025-07-02T06:56:52","modified_gmt":"2025-07-02T06:56:52","slug":"aws-solution-architect-associate-review-material","status":"publish","type":"post","link":"https:\/\/mylinuxsite.com\/wordpress\/?p=6","title":{"rendered":"AWS Solution Architect Associate (SAA-C02) Review Material &#8211; S3"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/192.168.1.3\/wordpress\/wp-content\/uploads\/2022\/01\/Screenshot-2022-01-26-at-18.10.33-1024x617.png\" alt=\"\" class=\"wp-image-125\" width=\"1054\" height=\"635\" srcset=\"https:\/\/mylinuxsite.com\/wordpress\/wp-content\/uploads\/2022\/01\/Screenshot-2022-01-26-at-18.10.33-1024x617.png 1024w, https:\/\/mylinuxsite.com\/wordpress\/wp-content\/uploads\/2022\/01\/Screenshot-2022-01-26-at-18.10.33-300x181.png 300w, https:\/\/mylinuxsite.com\/wordpress\/wp-content\/uploads\/2022\/01\/Screenshot-2022-01-26-at-18.10.33-768x463.png 768w, https:\/\/mylinuxsite.com\/wordpress\/wp-content\/uploads\/2022\/01\/Screenshot-2022-01-26-at-18.10.33.png 1241w\" sizes=\"auto, (max-width: 1054px) 100vw, 1054px\" \/><\/figure>\n\n\n\n<!--more continue reading-->\n\n\n\n<h4 class=\"wp-block-heading\">General<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Files are stored in containers called &#8216;buckets.&#8217;<\/li><li>A bucket is regional, but the name must be globally unique (universal namespace).<\/li><li>A bucket name:<ul><li>can only be lower case letters, numbers. dots(.) and hyphens (-)<\/li><li>must begin with a letter or number<\/li><li>cannot be an IP address<\/li><\/ul><\/li><li>Unlimited storage.<\/li><li>Files are stored in buckets as objects.<\/li><li>Objects are identified by their key.<\/li><li>No concept of directories in S3 although a key name may contain prefix which appears as directories or path. <\/li><li>Object size can be from 0 &#8211; 5TB<\/li><li>As of Dec 2020, <em>all operations are strongly consistent<\/em>.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Versioning<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Versioning must be enabled (on a bucket level).  Not set on default.<\/li><li>Existing objects that are not versioned will get version id = &#8216;null&#8217; once versioning is enabled (i.e. they have no version).<\/li><li>When the latest version is deleted, the object is not deleted but hidden by placing a <strong>delete marker<\/strong> in the object.<\/li><li>When an older version is deleted it is deleted permanently.<\/li><li>Versioning can be enabled or disabled anytime. When disabled the versions are not deleted.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Encryption<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Object encryption can be done on the server-side or client-side.<\/li><li>You encrypt the object, not the bucket although you can set default encryption for the bucket.<\/li><li>The default server-side encryption is enabled at the bucket level. When enabled all uploaded objects will be encrypted by S3 (server side) using the default key.<\/li><li>S3 exposes both HTTP and HTTPS REST API endpoints.<\/li><li>Server-side encryption keys can be:<ul><li>SSE-S3<ul><li>a key that is managed by S3<\/li><li>encrypts each object with a unique key<\/li><li>must pass the header <strong>&#8220;x-amz-server-side-encryption&#8221;:&#8221;AES256&#8243;<\/strong> in the REST API call<\/li><li>key is rotated every 3 years<\/li><li>no additional cost and with no impact on performance<\/li><\/ul><\/li><li>SSE-KMS<ul><li>a  key stored and managed in KMS (either AWS or CMK)<\/li><li>must pass the header <strong>&#8220;x-amz-server-side-encryption&#8221;:&#8221;aws:kms&#8221;<\/strong> in the REST API call<\/li><\/ul><\/li><li>SSE-C<ul><li>must use HTTPS<\/li><li>a key stored and managed by the client<\/li><li>must pass provide the algorithm (<strong> x-amz-server-side\u200b-encryption\u200b-customer-algorithm<\/strong>),  encryption key( x<strong>-amz-server-side\u200b-encryption\u200b-customer-key<\/strong>) and md5 digest(<strong>x-amz-server-side\u200b-encryption\u200b-customer-key-MD5<\/strong>) in the REST API call<\/li><\/ul><\/li><li>\u00a0DSSE-KMS<ul><li>dual-layer server-side encryption<\/li><li>applies <strong>two layers<\/strong> of encryption to objects when they are uploaded<\/li><li>AWS KMS keys must be in the same Region as the bucket<\/li><\/ul><\/li><\/ul><\/li><li>Client-side encryption <ul><li>client stores and managed the encryption keys as well the actual encryption itself.    <\/li><li>no server-side encryption is performed.<\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Storage Class<\/h4>\n\n\n\n<ol class=\"wp-block-list\"><li>Standard<\/li><li>Standard-IA<\/li><li>Intelligent Tiering<ul><li>3 Access Tiers:<ol><li>Frequent<\/li><li>Infrequent<\/li><li>Archive Instant Access<\/li><\/ol><\/li><li>Opt-ins<ol><li>Archive Access<\/li><li>Deep Archive Access<\/li><\/ol><\/li><\/ul><\/li><li>One Zone-IA<\/li><li>Glacier Instant Retrieval<\/li><li>Glacier Flexible Retrieval<\/li><li>Glacier Deep Archive<\/li><li>Reduced Redundancy (not recommended)<\/li><\/ol>\n\n\n\n<ul class=\"wp-block-list\"><li>Glacier is different from S3. It uses containers called <strong>Vaults<\/strong> instead of &#8216;buckets&#8217;.  It also has other resources such as <strong>Archive<\/strong>, <strong>Jobs<\/strong>, and <strong>Notification Configuration<\/strong>. The Glacier storage classes present Glacier as another form of storage, but underneath it, it still uses Glacier.  <\/li><\/ul>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td><strong>Storage class<\/strong><\/td><td><strong>Designed for<\/strong><\/td><td><strong>Durability (designed for)<\/strong><\/td><td><strong>Availability (designed for)<\/strong><\/td><td><strong>Availability Zones<\/strong><\/td><td><strong>Min storage duration<\/strong><\/td><td><strong>Min billable object size<\/strong><\/td><td><strong>Other considerations<\/strong><\/td><\/tr><tr><td>Standard<\/td><td>Frequently accessed data (more than once a month) with <strong>millisecond access<\/strong><\/td><td>11 9s<\/td><td>4 9s<\/td><td>&gt;=3<\/td><td>None<\/td><td>None<\/td><td>None<\/td><\/tr><tr><td>Standard -IA<\/td><td>Long-lived, infrequently accessed data (once a month) with <strong>millisecond access<\/strong><\/td><td>11 9s<\/td><td>3 9s<\/td><td>&gt;=3<\/td><td>30 days<\/td><td>128KB<\/td><td><strong>Per GB retrieval fee<\/strong><\/td><\/tr><tr><td>Intelligent Tiering<\/td><td>Data with unknown, changing, or unpredictable access patterns<\/td><td>11 9s<\/td><td>3 9s<\/td><td>&gt;=3<\/td><td>None<\/td><td>None<\/td><td>Monitoring and automation fees per object apply. <strong>No retrieval fees<\/strong>.<\/td><\/tr><tr><td>One Zone-IA<\/td><td>Frequently accessed data (more than once a month) with <strong>millisecond access<\/strong><\/td><td>11 9s<\/td><td>99.5%<\/td><td>1<\/td><td>30 days<\/td><td>128KB<\/td><td><strong>Per GB retrieval fees apply. <\/strong>Not resilient to the loss of the Availability Zone.<\/td><\/tr><tr><td>Glacier Instant Retrieval<\/td><td>Long-lived, archive data accessed once a <span class=\"has-inline-color has-ast-global-color-8-color\">quarter<\/span> <strong>with millisecond access<\/strong><\/td><td>11 9s<\/td><td>99.99% (after you restore objects)<\/td><td>&gt;=3<\/td><td>90 days<\/td><td>128KB<\/td><td><strong>Per GB retrieval fees apply.<\/strong><\/td><\/tr><tr><td>Glacier Flexible Retrieval<\/td><td>Long-lived archive data accessed once a year with <strong>retrieval times of minutes to hours<\/strong><\/td><td>11 9s<\/td><td>99.99% (after you restore objects)<\/td><td>&gt;=3<\/td><td>90 days<\/td><td>40KB<\/td><td><strong>Per GB retrieval fees apply. <\/strong>You must <strong>first restore<\/strong> archived objects before you can access them<\/td><\/tr><tr><td>Glacier Deep Archive<\/td><td>Long-lived archive data accessed less than once a year with r<strong>etrieval times of hours<\/strong><\/td><td>11 9s<\/td><td>99.99% (after you restore objects)<\/td><td>&gt;=3<\/td><td>180 days<\/td><td>40KB<\/td><td><strong>Per GB retrieval fees apply<\/strong>. You must <strong>first restore <\/strong>archived objects before you can access them.&nbsp;<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\">Lifecycle Management<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Has rules that define actions to a set of objects.  These actions include:<ul><li>move object between storage classes<\/li><li>permanently delete <strong>non-current<\/strong> objects<\/li><li>expires object<\/li><li>delete expired object delete marker<\/li><li>delete incomplete multi-part uploads<\/li><\/ul><\/li><li>Order of transition. Lower order cannot transition to a higher order.<ol><li>Standard <\/li><li>Standard-IA  <\/li><li>Intelligent Tiering<\/li><li>One Zone-IA. Cannot transition to Glacier Instant Retrieval<\/li><li>Glacier Instant Retrieval<\/li><li>Glacier Flexible Retrieval<\/li><li>Glacier Deep Archive<\/li><\/ol><\/li><li>For the number of days required refer to the Min storage duration in the above table.<ul><li>The rule for <strong><span class=\"has-inline-color has-vivid-red-color\">Standard<\/span><\/strong> is that objects must be &gt;= <strong>30<\/strong> days old to transition to Standard-IA or One Zone-IA.<\/li><li>Example 1: Standard-&gt;Standard-IA &#8211; Minimum <strong>Days after object creation<br> = 30<\/strong> <strong>days<\/strong> because of rule above<\/li><li>Example 2: Standard-&gt;Standard-IA[-&gt;One Zone-IA  &#8211; One Zone-IA Minimum <strong>Days after object creation = 60 days<\/strong> because 30 days in Standard +  30 days in Standard-IA  <\/li><li>Example 3: Standard-&gt;Glacier Deep Archive &#8211; Minimum <strong>Days after object creation = 0 days<\/strong> because above rule does not apply<\/li><li>Example 3: Standard-&gt;Glacier Instant Retrieval-&gt;Glacier Deep Archive &#8211; Glacier Deep Archive Minimum <strong>Days after object creation = 100 days<\/strong>[assuming Glacier Instant Retrieval is set to 10]  because the object must be in Glacier Instant Retrieval for 90 days.<\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Bucket Security and Access<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Ways to allow or deny access to S3:<ul><li>IAM policy<\/li><li>Bucket policy<\/li><li>Bucket ACL<\/li><li>Object ACL<\/li><\/ul><\/li><li>Difference between IAM policy and S3 (bucket) policy in S3 context:<ul><li>IAM policy is attached to a role, user, or group while S3 policy is attached to a bucket.<\/li><li>S3 policy answers the question &#8220;who  (user or role)&#8221; can access my resources; IAM policy answers the question &#8220;what&#8221; s3 and s3 resources can I access.<\/li><li>IAM policy does not require <strong>Entity<\/strong> while S3 policy does.<\/li><\/ul><\/li><li>Object ownership can be owned by other AWS accounts by disabling the <strong>bucker owner enforced<\/strong> (disable bucket <strong>ACL<\/strong>)<\/li><li>The ultimate authorization is the least-privilege union of all policies and ACLs.<\/li><li>ACL control access not only on the bucket level but on an object level as well. <\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Static Website Hosting<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>S3 can host static content by enabling <strong>Static Website Hosting<\/strong>.<\/li><li>Objects must be <em>publicly<\/em> accessible. Disable<strong> Block Public Access<\/strong> and provide the right <strong>Bucket Policy<\/strong>.<\/li><li>URL is either:<ul><li>&lt;bucket-name&gt;.s3-website<strong>.<\/strong>&lt;aws region&gt;.amazonaws.com<\/li><li>&lt;bucket-name&gt;.s3-website<strong><span class=\"has-inline-color has-vivid-red-color\">&#8211;<\/span><\/strong>&lt;aws region&gt;.amazonaws.com<\/li><\/ul><\/li><li>Can specify the<ul><li>Index Document e.g. <em>index.html<\/em><\/li><li>Error Document e.g. <em>error.html<\/em><\/li><li>Redirection<\/li><\/ul><\/li><li>If the bucket will be a <em>cross-origin<\/em> bucket (i.e. original request is from a different domain) then the CORS must be configured in the cross-origin<em> bucket<\/em> (not in the origin bucket)<\/li><li>CORS configuration basically adds <strong>ACCESS-CONTROL-ALLOW-*<\/strong> header<em><strong>s<\/strong><\/em> in the response, which would allow the browser to load the page<\/li><li>Bucket names must match your domain name in Route 53 exactly.<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Replication<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Bucket objects can be replicated to another bucket in the same (<strong>SRR<\/strong> &#8211; Same-Region Replication) or different region (<strong>CRR<\/strong>) &#8211; Cross-Region Replication) on the same or different account.<\/li><li>Versioning must be enabled on both the source and destination.<\/li><li>Objects that existed before replication will not be replicated.<\/li><li>The source bucket must have the right IAM role and specify that role in your replication configuration.<\/li><li><strong>Objects can be encrypted on the destination bucket.<\/strong><\/li><li>Permanent object deletion is not replicated. However, the<strong> delete marker<\/strong> (latest version) can be replicated. <\/li><li>Object tags can be replicated across AWS Regions using Cross-Region Replication<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">S3 Performance<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Object Prefix:<ul><li>The object prefix is the characters before the object name .e.g. for an object with a key  &#8216;<strong>\/<\/strong>path1\/path2\/myobject.jpg,&#8217; the prefix is <strong>\/path1\/path2<\/strong>. <\/li><li>A prefix can impact performance.  Prefix is used to calculate (hash) the object location.<\/li><li>Each prefix can achieve 3,500 PUT\/POST\/DELETE\/COPY and 5,500 GET\/HEAD requests\/second.<\/li><li>Spreading objects across multiple prefixes can improve performance.  So placing 2 objects on the same prefix allows you to perform 5,500 GET requests\/sec, whereas placing them on 2 different prefixes will double that.<\/li><\/ul><\/li><li>Multi-part Upload: <ul><li>Allows for a single file to be uploaded as a set of parts.<\/li><li>Upload can be done in parallel.<\/li><li>Must be used if  &gt; 5GB<\/li><li>Recommended if &gt; 100MB <\/li><\/ul><\/li><li>SS3-KMS<ul><li>There&#8217;s a quota on the number of requests S3 can make on KMS for encrypted objects.<\/li><li>The quota is per region.<\/li><li>The quota cannot be increased.<\/li><li> Downloads and uploads count toward the quota.<\/li><\/ul><\/li><li>Byte-Range Fetch<ul><li>Sort of the opposite of Multi-part Upload.<\/li><li>Allows for parts of a file to be fetched by specifying the start end bytes in the request GetObject request header. <\/li><li>Good practice to use GET the same size when the object was PUT<\/li><\/ul><\/li><li>S3 Select<ul><li>Retrieves a subset of data using a simple SQL query.<\/li><li>Works on objects stored in CSV, JSON, or Apache Parquet format<\/li><li>Reduce network transfer by returning only the data needed.<\/li><li>Works for both S3 and Glacier (<em>but not on Glacier Deep Archive<\/em>)<\/li><li>S3 Select vs Athena:<ul><li>Only works on 1 object; Athena can work on multiple objects.<\/li><li>Only perform simple queries; Athena can perform complex queries e.g. group by, having.<\/li><li>Intended to reduce data transfer; Athena is for analytics.<\/li><\/ul><\/li><\/ul><\/li><li>Transfer Acceleration<ul><li>Usually used when the source is in a different region from the destination bucket.<\/li><li>Uses CloudFront edge infrastructure to transfer data from locations closest to the source into the destination S3 buckets.<\/li><li>Makes use of AWS private network.<\/li><li>Uses a distinct URL to transfer data (&lt;object-name&gt;.s3-accelerate.amazonaws.com)<\/li><li>You only pay for a transfer that is accelerated<\/li><\/ul><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Object Protection<\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>MFA Delete<ul><li><strong>Can only be enabled from CLI.<\/strong><\/li><li>Versioning must be enabled<\/li><li>Requires 2 forms of authentication:<ol><li>security credentials<\/li><li>MFA code<\/li><\/ol><\/li><li>The following actions require MFA:<ul><li>Permanently delete<\/li><li>Disable versioning<\/li><\/ul><\/li><\/ul><\/li><li>Pre-signed URL<ul><li>A URL that is encoded with a security credential that expires and has limited permission.<\/li><li>URL can be generated using AWS SDK, console, REST API or through Console.<\/li><li> Credentials that can be used to create Pre-signed URLs:<ol><li>IAM instance profile (EC2)<\/li><li>IAM user<\/li><li>STS token service<\/li><\/ol><\/li><\/ul><\/li><li>OAI<ul><li>Prevents direct access to objects using the S3 URL<\/li><li>Used in conjunction with CloudFront, i.e. objects can only be accessed via CloudFront.<\/li><li>Implemented via <strong>Bucket Policy<\/strong>. CloudFront can update the S3 Bucket Policy when enabled through CloudFront.<\/li><\/ul><\/li><li>S3 Object Lock<ul><li>Stores objects in a write-once-read-many (<strong>WORM<\/strong>) model.<\/li><li>Can only be enabled during bucket creation.<\/li><li><em>Versioning<\/em> must be enabled.<\/li><li>To protect an object you must:<ul><li>set its <strong>Retention Period<\/strong> &#8211; the period of time where it can&#8217;t be overwritten or deleted,   <strong>and\/or<\/strong><\/li><li>set a <strong>Legal Hold<\/strong> &#8211; prevents objects from being overwritten or deleted until it is removed.<\/li><\/ul><\/li><li>2  types of <strong>Lock Modes<\/strong>:<ul><li><strong>Governance<\/strong> <ul><li><span class=\"has-inline-color has-vivid-cyan-blue-color\">Ordinary<\/span> users cannot overwrite, delete or alter the <strong>lock<\/strong> setting of protected objects.<\/li><li>Users with special permission can overwrite, delete or alter the <strong>lock<\/strong> setting of protected objects.<\/li><\/ul><\/li><li><strong>Compliance<\/strong><ul><li><strong>No user<\/strong> (including root) can overwrite, delete or alter the lock settings of protected objects.<\/li><\/ul><\/li><\/ul><\/li><\/ul><\/li><li>Glacier Vault Lock<ul><li>Enforces compliance through lock policy (e.g. WORM) then lock the policy from future changes. <\/li><\/ul><\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"image","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[11],"tags":[],"class_list":["post-6","post","type-post","status-publish","format-image","hentry","category-aws-review-notes","post_format-post-format-image"],"_links":{"self":[{"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6"}],"version-history":[{"count":99,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6\/revisions"}],"predecessor-version":[{"id":1563,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6\/revisions\/1563"}],"wp:attachment":[{"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mylinuxsite.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}