AWS INTERVIEW QUESTIONS & ANSWERS
1. What is CloudWatch?
CloudWatch helps you to monitor AWS environments like EC2, RDS Instances, and CPU utilization. It also triggers alarms depending on various metrics.
2 .What is SnowBall?
SnowBall is a small application that enables you to transfer terabytes of data inside and outside of the AWS environment.
- Give the comparison between AWS and OpenStack.
Criteria | AWS | OpenStack |
License | Amazon proprietary | Open-source |
Operating system | Provided as per the cloud administrator | AMIs provided by AWS |
Performing repeatable operations | Through templates | Through text files |
4. What is the maximum number of S3 buckets you can create?
The maximum number of S3 buckets that can be created is 100
5. How can you save the data on root volume on an EBS-backed machine?
We can save the data by overriding the terminate option
6.How many total VPCs per account/region and subnets per VPC can you have?
We can have a total of 5 VPCs for every account/region and 200 subnets for every VPC that you have.
7.What is the name of Amazon’s Content Delivery Network ?
Amazon CloudFront
8. What is EC2?
EC2, a Virtual Machine in the cloud on which you have OS-level control. You can run this cloud server whenever you want and can be used when you need to deploy your own servers in the cloud, similar to your on-premises servers, and when you want to have full control over the choice of hardware and the updates on the machine.
9. DNS and Load Balancer Services come under which type of Cloud Service?
DNS and Load Balancer are a part of IaaS-Storage Cloud Service.
10. What are the Storage Classes available in Amazon S3?
Storage Classes available with Amazon S3 are:
- Amazon S3 Standard
- Amazon S3 Standard-Infrequent Access
- Amazon S3 Reduced Redundancy Storage
- Amazon Glacier
- What are Key-Pairs in AWS?
Key-Pairs are secure login information for your Virtual Machines. To connect to the instances, you can use Key-Pairs which contain a Public Key and a Private Key.
- How many Subnets can you have per VPC?
You can have 200 Subnets per VPC.
- List different types of Cloud Services.
Different types of Cloud Services are:
- Software as a Service (SaaS)
- Data as a Service (DaaS)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
- What are the different types of Instances?
Following are the types of instances:
- Compute Optimized
- Memory-Optimized
- Storage Optimized
- Accelerated Computing
- General Purpose
- Is there any other alternative tool to log into the cloud environment other than console?
The that can help you log into the AWS resources are:
- Putty
- AWS CLI for Linux
- AWS CLI for Windows
- AWS CLI for Windows CMD
- AWS SDK
- Eclipse
.16. What are the elements of an AWS CloudFormation template?
AWS CloudFormation templates are YAML or JSON formatted text files that are comprised of five essential elements, they are:
- Template parameters
- Output values
- Data tables
- Resources
- File format version
17.What is a DDoS attack, and what services can minimize them?
DDoS is a cyber-attack in which the perpetrator accesses a website and creates multiple sessions so that the other legitimate users cannot access the service. The native tools that can help you deny the DDoS attacks on your AWS services are:
- AWS Shield
- AWS WAF
- Amazon Route53
- Amazon CloudFront
- ELB
- VPC
- Name some of the AWS services that are not region-specific
AWS services that are not region-specific are:
- IAM
- Route 53
- Web Application Firewall
- CloudFront
19.What are the different types of EC2 instances based on their costs?
The three types of EC2 instances are:
On-demand Instance
It is cheap for a short time but not when taken for the long term
Spot Instance
It is less expensive than the on-demand instance and can be bought through bidding.
Reserved Instance
If you are planning to use an instance for a year or more, then this is the right one for you.
- How do you allow a user to gain access to a specific bucket?
You need to follow the four steps provided below to allow access. They are:
- Categorize your instances
- Define how authorized users can manage specific servers.
- Lockdown your tags
- Attach your policies to IAM users
20.What are the common types of AMI designs?
There are many types of AMIs, but some of the common AMIs are:
- Fully Baked AMI
- Just Enough Baked AMI (JeOS AMI)
- Hybrid AMI
22.How do you monitor Amazon VPC?
You can monitor VPC by using:
- CloudWatch and CloudWatch logs
- VPC Flow Logs
23.What are the elements of an AWS CloudFormation template?
AWS CloudFormation templates are YAML or JSON formatted text files that are comprised of five essential elements, they are:
- Template parameters
- Output values
- Data tables
- Resources
- File format version
24.What are the different types of load balancers in AWS?
There are three types of load balancers that are supported by Elastic Load Balancing:
- Application Load Balancer
- Network Load Balancer
- Classic Load Balancer
25.How do you monitor Amazon VPC?
You can monitor Amazon VPC using:
- CloudWatch
- VPC Flow Logs
27.What are the different AWS IAM categories that you can control?
Using AWS IAM, you can do the following:
- Create and manage IAM users
- Create and manage IAM groups
- Manage the security credentials of the users
- Create and manage policies to grant access to AWS services and resources
28.How does AWS IAM help your business?
IAM enables to:
- Manage IAM users and their access – AWS IAM provides secure resource access to multiple users
- Manage access for federated users – AWS allows you to provide secure access to resources in your AWS account to your employees and applications without creating IAM roles
29.What Is Amazon Route 53?
Amazon Route 53 is a scalable and highly available Domain Name System (DNS). The name refers to TCP or UDP port 53, where DNS server requests are addressed.
30. Explain what T2 instances are?
T2 Instances are designed to provide moderate baseline performance and the capability to burst to higher performance as required by the workload.
31. How many Subnets can you have per VPC?
You can have 200 Subnets per VPC.
32. What are Key-Pairs in AWS?
Key-Pairs are secure login information for your Virtual Machines. To connect to the instances, you can use Key-Pairs which contain a Public Key and a Private Key.
33. What do you understand by stopping and terminating an EC2 Instance?
Stopping an EC2 instance means to shut it down as you would normally do on your Personal Computer. This will not delete any volumes attached to the instance and the instance can be started again when needed.
On the other hand, terminating an instance is equivalent to deleting an instance. All the volumes attached to the instance get deleted and it is not possible to restart the instance if needed at a later point in time.
34. What are the advantages of AWS IAM?
AWS IAM enables an administrator to provide granular level access to different users and groups. Different users and user groups may need different levels of access to different resources created. With IAM, you can create roles with specific access-levels and assign the roles to the users.
It also allows you to provide access to the resources to users and applications without creating the IAM Roles, which is known as Federated Access.
35. What are Spot Instances and On-Demand Instances?
When AWS creates EC2 instances, there are some blocks of computing capacity and processing power left unused. AWS releases these blocks as Spot Instances. Spot Instances run whenever capacity is available. These are a good option if you are flexible about when your applications can run and if your applications can be interrupted.
On the other hand, On-Demand Instances can be created as and when needed. The prices of such instances are static. Such instances will always be available unless you explicitly terminate them.
36. What is the use of lifecycle hooks is Autoscaling?
Lifecycle hooks are used for Auto-scaling to put an additional wait time to a scale-in or a scale-out event.
37.What are key pairs?
When connecting to an Amazon EC2 instance, you need to prove your identity. Key pairs are used to execute this. Basically, a key pair is a set of security credentials that are used during identity proof. It consists of a public key and a private key.
38.What are the different types of EC2 instances based on their costs?
The three types of EC2 instances are:
On-demand Instance
It is cheap for a short time but not when taken for the long term
Spot Instance
It is less expensive than the on-demand instance and can be bought through bidding.
Reserved Instance
If you are planning to use an instance for a year or more, then this is the right one for you.
- What are the common types of AMI designs?
There are many types of AMIs, but some of the common AMIs are:
- Fully Baked AMI
- Just Enough Baked AMI (JeOS AMI)
- Hybrid AMI
- How do you allow a user to gain access to a specific bucket?
You need to follow the four steps provided below to allow access. They are:
- Categorize your instances
- Define how authorized users can manage specific servers.
- Lockdown your tags
- Attach your policies to IAM users
- How do you monitor Amazon VPC?
You can monitor VPC by using:
- CloudWatch and CloudWatch logs
- VPC Flow Logs
- What are the factors to consider while migrating to Amazon Web Services?
Here are the factors to consider during AWS migration:
- Operational Costs – These include the cost of infrastructure, ability to match demand and supply, transparency, and others.
- Workforce Productivity
- Cost avoidance
- Operational resilience
- Business agility
43. What are the managed policies in AWS IAM?
There are two types of managed policies; one that is managed by you and one that is managed by AWS. They are IAM resources that express permissions using IAM policy language. You can create, edit, and manage them separately from the IAM users, groups, and roles to which they are attached.
44. What is a Power User Access in AWS?
An Administrator User will be similar to the owner of the AWS Resources. He can create, delete, modify or view the resources and also grant permissions to other users for the AWS Resources.
A Power User Access provides Administrator Access without the capability to manage the users and permissions. In other words, a user with Power User Access can create, delete, modify or see the resources, but he cannot grant permissions to other users.
45. What are Recovery Time Objective and Recovery Point Objective in AWS?
Recovery Time Objective – It is the maximum acceptable delay between the interruption of service and restoration of service. This translates to an acceptable time window when the service can be unavailable.
Recover Point Objective – It is the maximum acceptable amount of time since the last data restore point. It translates to the acceptable amount of data loss which lies between the last recovery point and the interruption of service
46. When you need to move data over long distances using the internet, for instance across countries or continents to your Amazon S3 bucket, which method or service will you use?
Amazon Transfer Acceleration
Transfer Acceleration shall be the right choice here as it throttles your data transfer with the use of optimized network paths and Amazon’s content delivery network upto 300% compared to normal data transfer speed.
47. How will you change the instance type for instances which are running in your application tier and are using Auto Scaling. Where will you change it from the following areas?
Auto Scaling launch configuration
48. What does Connection draining do?
Re-routes traffic from instances which are to be updated or failed a health check
49. What are lifecycle hooks used for in AutoScaling?
They are used to put an additional wait time to a scale in or scale out event.
50. What happens if CloudTrail is turned on for my account but my Amazon S3 bucket is not configured with the correct policy?
CloudTrail files are delivered according to S3 bucket policies. If the bucket is not configured or is misconfigured, CloudTrail might not be able to deliver the log files.