AWS interview questions and answers 👇

  1. General


General

What is S3?

View answer

S3 stands for Simple Storage Service. You can use the S3 interface to store and retrieve any amount of data, at any time and from anywhere on the web.

What is the relation between the Availability Zone and Region?

View answer

AWS regions are separate geographical areas, like the US-West 1 (North California) and Asia South (Mumbai). On the other hand, availability zones are the areas that are present inside the regions. These are generally isolated zones that can replicate themselves whenever required.

What is auto-scaling?

View answer

Auto-scaling is a function that allows you to provision and launch new instances whenever there is a demand. It allows you to automatically increase or decrease resource capacity in relation to the demand.

What is a DDoS attack, and what services can minimize them?

View answer

DDoS is a cyber-attack in which the perpetrator accesses a website and creates multiple sessions so that the other legitimate users cannot access the service. The native tools that can help you deny the DDoS attacks on your AWS services are:

  • AWS Shield
  • AWS WAF
  • ELB
  • VPC
  • Amazon Route53
  • Amazon CloudFront

Name AWS services which are not region-specific

View answer

AWS services that are not region-specific are:

  • IAM
  • Route 53
  • Web Application Firewall
  • CloudFront

What is the difference between stopping and terminating an EC2 instance?

View answer

When you stop an EC2 instance, it performs a normal shutdown on the instance and moves to a stopped state. However, when you terminate the instance, it is transferred to a stopped state, and the EBS volumes attached to it are deleted and can never be recovered.

What is Solaris?

View answer

Solaris is an operating system that uses SPARC processor architecture, which is not supported by the public cloud currently.

What is AIX?

View answer

AIX is an operating system that runs only on Power CPU and not on Intel, which means that you cannot create AIX instances in EC2.

How do you allow a user to gain access to a specific bucket?

View answer

You need to follow the four steps mentioned below to allow access. They are:

  • Categorize your instances
  • Define how authorized users can manage specific servers.
  • Lockdown your tags
  • Attach your policies to IAM users

What are the factors to consider while migrating to Amazon Web Services?

View answer

These are the factors to consider during AWS migration:

  • Operational Costs - cost of infrastructure, ability to match demand and supply, transparency, and others.
  • Workforce Productivity
  • Cost avoidance
  • Operational resilience
  • Business agility

How is AWS CloudFormation different from AWS Elastic Beanstalk?

View answer

Here are the differences between AWS CloudFormation and AWS Elastic Beanstalk:

  • AWS CloudFormation helps you provision and describe all of the infrastructure resources that are present in your cloud environment. On the other hand, AWS Elastic Beanstalk provides an environment that makes it easy to deploy and run applications in the cloud.
  • AWS CloudFormation supports the infrastructure needs of various types of applications, like legacy applications and existing enterprise applications. On the other hand, AWS Elastic Beanstalk is combined with the developer tools to help you manage the lifecycle of your applications.

How can you automate EC2 backup using EBS?

View answer

Use the following steps in order to automate EC2 backup using EBS:

  • Get the list of instances and connect to AWS through API to list the Amazon EBS volumes that are attached locally to the instance.
  • List the snapshots of each volume, and assign a retention period of the snapshot. Later on, create a snapshot of each volume.
  • Make sure to remove the snapshot if it is older than the retention period.

What is the difference between EBS and Instance Store?

View answer

EBS is a kind of permanent storage in which the data can be restored at a later point. When you save data in the EBS, it stays even after the lifetime of the EC2 instance. On the other hand, Instance Store is temporary storage that is physically attached to a host machine. With an Instance Store, you cannot detach one instance and attach it to another. Unlike in EBS, data in an Instance Store is lost if any instance is stopped or terminated.

What are the different types of load balancers in AWS?

View answer

There are 3 types of load balancers supported by Elastic Load Balancing:

  • Application Load Balancer
  • Network Load Balancer
  • Classic Load Balancer

What is the difference between an IAM role and an IAM user?

View answer

The 2 key differences between the IAM role and IAM user are:

  • An IAM role is an IAM entity that defines a set of permissions for making AWS service requests, while an IAM user has permanent long-term credentials and is used to interact with the AWS services directly.
  • In the IAM role, trusted entities, like IAM users, applications, or an AWS service, assume roles whereas the IAM user has full access to all the AWS IAM functionalities.

Can AWS Config aggregate data across different AWS accounts?

View answer

Yes, you can set up AWS Config to deliver configuration updates from different accounts to one S3 bucket, once the appropriate IAM policies are applied to the S3 bucket.

Which type of scaling would you recommend for RDS and why?

View answer

There are two types of scaling - vertical scaling and horizontal scaling. Vertical scaling lets you vertically scale up your master database with the press of a button. A database can only be scaled vertically, and there are 18 different instances in which you can resize the RDS. On the other hand, horizontal scaling is good for replicas. These are read-only replicas that can only be done through Amazon Aurora.

What are the consistency models in DynamoDB?

View answer

There are two consistency models In DynamoDB. First, there is the Eventual Consistency Model, which maximizes your read throughput. However, it might not reflect the results of a recently completed write. Fortunately, all the copies of data usually reach consistency within a second. The second model is called the Strong Consistency Model. This model has a delay in writing the data, but it guarantees that you will always see the updated data every time you read it.

If you need to perform real-time monitoring of AWS services and get actionable insights, what service would you use?

View answer

Amazon CloudWatch

Which AWS service lets you run code without provisioning or managing servers?

View answer

AWS Lambda

What is Connection Draining?

View answer

Connection Draining is a feature provided by AWS which enables your servers which are either going to be updated or removed, to serve the current requests.

If Connection Draining is enabled, the Load Balancer will allow an outgoing instance to complete the current requests for a specific period but will not send any new request to it. Without Connection Draining, an outgoing instance will immediately go off and the requests pending on that instance will error out.

What is a Power User Access in AWS?

View answer

An Administrator User will be similar to the owner of the AWS Resources. He can create, delete, modify or view the resources and also grant permissions to other users for the AWS Resources.

A Power User Access provides Administrator Access without the capability to manage the users and permissions. In other words, a user with Power User Access can create, delete, modify or see the resources, but he cannot grant permissions to other users.

What are Recovery Time Objective and Recovery Point Objective in AWS?

View answer

Recovery Time Objective - It is the maximum acceptable delay between the interruption of service and restoration of service. This translates to an acceptable time window when the service can be unavailable.

Recover Point Objective - It is the maximum acceptable amount of time since the last data restore point. It translates to the acceptable amount of data loss which lies between the last recovery point and the interruption of service.

Can you change the Private IP Address of an EC2 instance while it is running or in a stopped state?

View answer

No, a Private IP Address of an EC2 instance cannot be changed. When an EC2 instance is launched, a private IP Address is assigned to that instance at the boot time. This private IP Address is attached to the instance for its entire lifetime and can never be changed.

What is Cross Region Replication?

View answer

Cross Region Replication is a service available in aws that enables to replicate the data from one bucket to another bucket which could be in a same or different region. It provides asynchronous copying of objects, i.e., objects are not copied immediately. If you want to know more about the Cross Region Replication, then click on the link shown below:

What is CloudFront?

View answer

CloudFront is a computer delivery network which consists of distributed servers that delivers web pages and web content to a user based on the geographic locations of a user. If you want to know more about the CloudFront, then click on the link shown below:

What is the minimum and maximum size that you can store in S3?

View answer

The minimum size of an object that you can store in S3 is 0 bytes and the maximum size of an object that you can store in S3 is 5 TB.

What are EBS Volumes?

View answer

Elastic Block Store is a service that provides a persistent block storage volume for use with EC2 instances in AWS cloud. EBS volume is automatically replicated within its availability zone to prevent from the component failure. It offers high durability, availability, and low-latency performance required to run your workloads.

What is an EIP?

View answer

EIP (Elastic IP address) is a service provided by an EC2 instance. It is basically a static IP address attached to an EC2 instance. This address is associated with your AWS account not with an EC2 instance. You can also disassociate your EIP address from your EC2 instance and map it to another EC2 instance in your AWS account.

What are the different storage classes in S3?

View answer

Storage classes are used to assist the concurrent loss of data in one or two facilities. Each object in S3 is associated with some storage class. Amazon S3 contains some storage classes in which you can store your objects. You can choose a storage class based on your requirements and these storage classes offer high durability.

What is a snowball?

View answer

Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of AWS cloud.

What is a Load Balancer?

View answer

Load Balancer is a virtual machine that balances your web application load that could be Http or Https traffic that you are getting in. It balances a load of multiple servers so that no web server gets overwhelmed.

What is Redshift?

View answer

Redshift is a fast, powerful, scalable and fully managed data warehouse service in the cloud. You can run petabytes of data in Redshift datawarehouse and exabytes of data in your data lake built on Amazon S3.

Explain SNS

View answer

SNS stands for Simple Notification Service. It is a web service that provides highly scalable, cost-effective, and flexible capability to publish messages from an application and sends them to other applications.

What is Amazon EMR?

View answer

An Amazon EMR stands for Amazon Elastic MapReduce. It is a web service used to process the large amounts of data in a cost-effective manner. The central component of an Amazon EMR is a cluster. Each cluster is a collection of EC2 instances and an instance in a cluster is known as node. Each node has a specified role attached to it known as a node type, and an Amazon EMR installs the software components on node type.

What is the use of lifecycle hooks in Autoscaling?

View answer

Lifecycle hooks perform custom actions by pausing instances when Autoscaling group launches or terminates an instance. When instance is paused, an instance moves in a wait state. By default, an instance remains in a wait state for 1 hour. For example, when you launch a new instance, lifecycle hooks pauses an instance. When you pause an instance, you can install a software on it or make sure that an instance is completely ready to receive the traffic.

What is Amazon Kinesis Firehose?

View answer

An Amazon Kinesis Firehose is a web service used to deliver real-time streaming data to destinations such as Amazon Simple Storage Service, Amazon Redshift, etc.

How will you access the data on EBS in AWS?

View answer

EBS stands for Elastic Block Store. It is a virtual disk in a cloud that creates the storage volume and attach it to the EC2 instances. It can run the databases as well as can store the files. All the files that it store can be mounted as a file system which can be accessed directly.

What are the differences between horizontal scaling and vertical scaling?

View answer

Vertical scaling means scaling the compute power such as CPU, RAM to your existing machine while horizontal scaling means adding more machines to your server or database. Horizontal scaling means increasing the number of nodes, and distributing the tasks among different nodes.

Explain Amazon Transfer Acceleration Service

View answer

An Amazon Transfer Acceleration Service is a service that enables fast and secure transfer of data between your client and S3 bucket.

What is a subnet?

View answer

A large section of IP address divided into smaller units is known as subnet.

A Virtual Private Cloud (VPC) is a virtual network provided to your AWS account. When you create a virtual cloud, you need to specify the IPv4 addresses which is in the form of CIDR block. After creating a VPC, you need to create the subnets in each availability zone. Each subnet has a unique ID. When launching instances in each availability zone, it will protect your applications from the failure of a single location.

What are NAT Gateways?

View answer

NAT stands for Network Address Translation. It is an aws service that enables to connect an EC2 instance in private subnet to the internet or other AWS services.

How many Elastic IPs can you create?

View answer

You can create 5 elastic IP addresses per AWS account per region.

What are policies?

View answer

Policy is an object which is associated with a resource that defines the permissions. AWS evaluate these policies when user makes a request. Permissions in the policy determine whether to allow or to deny an action. Policies are stored in the form of a JSON documents.

What are edge locations in AWS?

View answer

Edge locations are the endpoints in aws used for caching content.

What is Elastic Block Store?

View answer

It provides a persistent block storage volume for use with EC2 instances in aws cloud. EBS volume is automatically replicated within its availability zone to prevent the component failure. It offers high durability, availability, and low-latency performance required to run your workloads.

What is Identity Access Management?

View answer

It is a service of aws used to manage users and their level of access to the aws management console. It is used to set users, permissions, and roles. It allows you to grant permission to the different parts of the aws platform.

What is Route53?

View answer

It is a highly available and scalable DNS (Domain Name Service) service. It provides a reliable and cost-effective way for the developers and businesses to route end users to internet applications by translating domain names into numeric IP addresses.

What is AWS Lambda?

View answer

AWS Lambda is a compute service that runs your code without managing servers. Lambda function runs your code whenever needed. You need to pay only when your code is running.