Amazon Web Services Interview Questions And Answers
1. What is Amazon Web Services?
Answer: Amazon Web Service. It is a platform which provides secure cloud services, database storage, offerings to compute power, content delivery, and other services to help business level and develop. It is a collection of remote computing services also known as a cloud computing platform. This new domain of cloud computing is also known as IaaS or Infrastructure as a Service.
2. How can you secure your data while carrying in the cloud?
Answer: One thing must be ensured that no one should seize the information in the cloud while data is moving from point one to another and also there should not be any leakage with the security concerns from several storerooms associated in the cloud. The collaboration of information from other companies’ information and then encrypting it by means of approved methods is one of the options.
3. Can I vertically scale an Amazon instance? How do you do it?
Answer: Yes. Spinup a new larger instance than the one you are running, then pause that instance to detach the root ebs volume from this server and discard. After that, stop the live instance and detach its root volume. Note the unique device ID and attach that root volume to the new server, and start again. This way you will have scaled vertically.
4. What is Amazon SQS?
Answer: It is a component that acts as a mediator for two controllers. Also, as worn for the cushioning needs, which are obtained by Amazon’s manager.
5. Mention the work of an Amazon VPC router?
Answer: Enabling of Amazon EC2 instances that are within the subnet so that it can communicate with Amazon EC2 instances on other subnets that are in the same VPC is done by an Amazon VPC router. It also helps in enabling Internet gateways, subnets, and virtual private gateways so that it can communicate with each other. You will not get between usage data from the router. But you are entitled to obtain network usage statistics from the instances which are using Amazon cloud watch.
6. In the case of peering connections, is there any limitation on bandwidth?
Answer: There is no difference in bandwidth between instances in peered VPCs and also between instances in the VPC. Peered VPCs can be spanned by a placement group. But you will not be provided with full bisects on the bandwidth that is present between instances in peered VPCs.
7. You are creating a number of EBS Volumes for your EC2 instances. You are concerned on the backups of the EBS Volumes. Which of the below is a way to backup the EBS Volumes?
Answer: Configure Amazon Storage Gateway with EBS volumes as to the data source and store the backups on-premise through the storage gateway
Write a cronjob that uses the AWS CLI to take a snapshot of production EBS volumes.
Use a lifecycle policy to back up EBS volumes stored on Amazon S3 for durability
Write a cronjob on the server that compresses the data and then copies it to Glacier.
8. Mention the process in which instances without public IP addresses access the Internet.?
Answer: There are two ways in which instances without public addresses can make use of the Internet.
Those instances that are without public IP addresses can route their traffic through a NAT instance or a NAT gateway so that it can access the Internet. In order to traverse the Internet, these instances make use of public IP address of the NAT gateway or the NAT instance. Outbound communication is allowed by the NAT instance or NAT gateway but it does not permit machines on the Internet to start a connection with the addressed instances privately.
For those VPCs that are provided by a hardware VPN connection or direct connect connection, the instances can route the Internet traffic through the virtual private gateway to the existing data center. It can then access the Internet through the existing egress points and also new tweak security or monitoring devices.
9. Explain the relationship between an instance and AMI?
Answer: A single Amazon Machine Image is used to launch multiple instances. The hardware of the host computer used by our instance is defined by the instance type. Each instance is provided with different capabilities of computing and memory. When the instance is launched, it looks like a traditional host and can be interacted like that of a computer.
10. How will you access the data on EBS in AWS?
Answer: Elastic block storage as the name indicates provides persistent, highly available and high-performance block-level storage that can be attached to a running EC2 instance. The storage can be formatted and mounted as a file system or the raw storage can be accessed directly.
11. Differentiate between vertical and horizontal scaling in AWS?
Answer: The main difference between vertical and horizontal scaling is the way in which you add compute resources to your infrastructure. In vertical scaling, more power is added to the existing machine while in horizontal scaling additional resources are added into the system with the addition of more machines into the network so that the workload and processing are shared among multiple devices. The best way to understand the difference is to imagine that you are retiring your Toyota and buying a Ferrari because you need more horsepower. This is vertical scaling. Another way to get that added horsepower is not to ditch the Toyota for the Ferrari but buy another car. This can be related to horizontal scaling where you drive several cars all at once.
When the users are up to 100, an EC2 instance alone is enough to run the entire web application or the database until the traffic ramps up. Under such circumstances when the traffic ramps up, it is better to scale vertically by increasing the capacity of the EC2 instance to meet the increasing demands of the application. AWS supports instances up to 128 virtual cores or 488GB RAM.
When the users for your application grow up to 1000 or more, vertical cannot handle requests and there is a need for horizontal scaling which is achieved through the distributed file system, clustering, and load balancing.
12. What happens when you reboot an EC2 instance?
Answer: Rebooting an instance is just similar to rebooting a PC. You do not return to image’s original state, however, the contents of the hard disk are the same as before the reboot.
13. To deploy a 4 node cluster of Hadoop in AWS which instance type can be used?
Answer: First, let’s understand what actually happens in a Hadoop cluster, the Hadoop cluster follows a master-slave concept. The master machine processes all the data, slave machines store the data and act as data nodes. Since all the storage happens at the slave, a higher capacity hard disk would be recommended and since master does all the processing, a higher RAM and a much better CPU is required. Therefore, you can select the configuration of your machine depending on your workload. For e.g. – In this case, c4.8xlarge will be preferred for master machine whereas for slave machine we can select i2.large instance. If you don’t want to deal with configuring your instance and installing Hadoop cluster manually, you can straight away launch an Amazon EMR (Elastic Map Reduce) instance which automatically configures the servers for you. You dump your data to be processed in S3, EMR picks it from there, processes it, and dumps it back into S3.
14. What is the difference between Scalability and Elasticity?
Answer: Scalability is the ability of a system to increase its hardware resources to handle the increase in demand. It can be done by increasing the hardware specifications or increasing the processing nodes.
Elasticity is the ability of a system to handle the increase in the workload by adding additional hardware resources when the demand increases(same as scaling) but also rolling back the scaled resources when the resources are no longer needed. This is particularly helpful in Cloud environments, where a pay per use model is followed.
15. What is auto-scaling?
Answer: It is one of the outstanding features of AWS, which permits the arrangement and stipulation robotically and also the spin up fresh example without the user’s involvement. This feature can be achieved by setting metrics and brinks to the watch.
A fresh example of the user’s selection is configured, spinup and copied to the weight planner collection if we overcome all those entrances.
16. Is an internet gateway required to use peering connections?
No! The Internet gateway is required in order to use virtual private cloud peering connections.
17. Explain the AWS Certificate Manager?
Answer: AWS Certificate Manager, which can be shortened as ACM manages the complexity of extending, providing and regulating the certificates, which are granted over ACM to the user’s AWS based forms and websites.
People work on ACM to maintain and petition the certificates and practice other Amazon web services for the website’s purpose.
ACM certificates cannot be handled outside of AWS.
18. What type of performance can you expect from Elastic Block Storage? How do you back it up and enhance the performance?
Answer: Performance of elastic block storage varies i.e. it can go above the SLA performance level and after that drop below it. SLA provides an average disk I/O rate which can at times frustrate performance experts who yearn for reliable and consistent disk throughput on a server. Virtual AWS instances do not behave this way. One can backup EBS volumes through a graphical user interface like an elastic fox or use the snapshot facility through an API call. Also, the performance can be improved by using a Linux software raid and striping across four volumes.
19. How will you configure an instance with the application and its dependencies, and make it ready to serve traffic?
Answer: You can achieve this with the use of lifecycle hooks. They are powerful as they let you pause the creation or termination of an instance so that you can sneak peek in and perform custom actions like configuring the instance, downloading the required files, and any other steps that are required to make the instance ready. Every auto-scaling group can have multiple lifecycle hooks.
20. How is stopping and terminating an instance different from each other?
Starting, stopping and terminating are the three states in an EC2 instance, let’s discuss them in detail:
Stopping and Starting an instance: When an instance is stopped, the instance performs a normal shutdown and then transitions to a stopped state. All of its Amazon EBS volumes remain attached, and you can start the instance again at a later time. You are not charged for additional instance hours while the instance is in a stopped state.
Terminating an instance: When an instance is terminated, the instance performs a normal shutdown, then the attached Amazon EBS volumes are deleted unless the volume’s delete On Termination attribute is set to false. The instance itself is also deleted, and you can’t start the instance again at a later time.
21. Where do you think an AMI fits, when you are designing an architecture for a solution?
Answer: AMIs(Amazon Machine Images) are like templates of virtual machines and an instance is derived from an AMI. AWS offers pre-baked AMIs which you can choose while you are launching an instance, some AMIs are not free, therefore can be bought from the AWS Marketplace. You can also choose to create your own custom AMI which would help you save space on AWS. For example, if you don’t need a set of software on your installation, you can customize your AMI to do that. This makes it cost-efficient since you are removing the unwanted things.
22. How do I transfer my existing domain name registration to Amazon Route 53 without disrupting my existing web traffic?
Answer: You will need to get a list of the DNS record data for your domain name first, it is generally available in the form of a “zone file” that you can get from your existing DNS provider. Once you receive the DNS record data, you can use Route 53’s Management Console or simple web-services interface to create a hosted zone that will store your DNS records for your domain name and follow its transfer process. It also includes steps such as updating the name servers for your domain name to the ones associated with your hosted zone. For completing the process you have to contact the registrar with whom you registered your domain name and follow the transfer process. As soon as your registrar propagates the new
Explanation: Lambda is used for running serverless applications. It can be used to deploy functions triggered by events. When we say serverless, we mean without you worrying about the computing resources running in the background. It is not designed for creating applications which are publicly accessed.
23. How can you send a request to Amazon S3?Answer: You can send a request by using the REST API or the AWS SDK wrapper libraries that wrap the underlying Amazon S3 REST API.
24. What is Geo Restriction in Cloud Front? Answer: Geo restriction, also known as geo-blocking, is used to prevent users in specific geographic locations from accessing content that you’re distributing through a Cloud Front web distribution.
25. What is a Serverless application in AWS?Answer: The AWS Serverless Application Model (AWS SAM) extends AWS Cloud Formation to provide a simplified way of defining the Amazon API Gateway APIs, AWS Lambda functions, and Amazon Dynamo DB tables needed by your serverless application.
26. Explain in detail the function of Amazon Machine Image (AMI)?
Answer: An Amazon Machine Image AMI is a pattern that comprises a software conformation (for instance, an operative system, a request server, and applications). From an AMI, we present an example, which is a duplicate of the AMI successively as a virtual server in the cloud. We can even offer plentiful examples of an AMI.
27. Describe storage for Amazon EC2 occurrence?
Answer: Amazon EC2 offers numerous data storage choices for your occurrences. Each choice has an exclusive mixture of presentation and sturdiness. These storages can be used self-sufficiently or in grouping to suit your necessities.
There are chiefly four types of storage offered by AWS:
Amazon EBS: Its sturdy, block-level storage capacities can involve in running Amazon EC2 occurrence. The Amazon EBS volume continues self-sufficiently from the running lifespan of an Amazon EC2 occurrence. After an EBS volume is involved to an example, you can use it like any other bodily hard drive. Amazon EBS encryption feature provisions encryption feature.
Amazon EC2 Instance Store: Storage disk that is involved to the host computer is mentioned to as occurrence store. The instance storage offers provisional block-level storing for Amazon EC2 instances. The data on an illustration store volume perseveres only during the life of the related Amazon EC2 instance; if you halt or dismiss an instance, any data on occurrence store volumes is misplaced.
Amazon S3: Amazon S3 delivers access to dependable and budget data storage organization. It is intended to make web-scale calculating simpler by permitting you to store and save any amount of data, at any period, from within Amazon EC2 or anyplace on the web.
Addition Storage: Every time your presentation an occurrence from an AMI, a root storage device is twisted for that occurrence. The root storage device comprises all the information essential to boot the occurrence. You can stipulate storage volumes in the calculation to the root device volume when you generate an AMI or present an instance using hunk device mapping.
28. What is the best way of viewing this course?
Answer: You have to just watch the course from beginning to end. Once you go through all the videos, try to answer the questions in your own words. Also, mark the questions that you could not answer by yourself. Then, in the second pass go through only the difficult questions. After going through this course 2-3 times, you will be well prepared to face a technical interview in Amazon Web Services (AWS) architecture.
29. Is it possible to specify the subnet that will be used by a gateway as its default?
Answer: Yes, it possible to specify which subnet will be used by which gateway as its default. You are entitled to make a default route for each and every subnet. Via the VPC, Internet gateway or the NAT gateway, the default route will be able to direct traffic to egress the virtual private cloud.
30. What are the VPCs, elastic IP addresses, subnets, Internet gateways, virtual private gateways, customer gateways and VPN connections can be created?
1. There are five Amazon VPCs per AWS account per region.
2. For per Amazon VPC there are two hundred subnets
3. For per AWS account per region, there are five Amazon VPC elastic IP addresses.
4. For per AWS per region there are five virtual private gateways.
5. For each VPC there is one Internet gateway.
6. There are fifty customer gateways for every AWS account per region.
7. For every virtual private gateway, there are ten IPsec VPN connections.
31. What is the importance of buffer in Amazon Web Services?
Answer: An Elastic Load Balancer ensures that the incoming traffic is distributed optimally across various AWS instances. A buffer will synchronize different components and makes the arrangement additional elastic to a burst of load or traffic. The components are prone to work in an unstable way of receiving and processing the requests. The buffer creates the equilibrium linking various apparatus and crafts them effort at the identical rate to supply more rapid services.
32. What do you mean by classic link?
Answer: The Amazon virtual private cloud classic link will permit EC2 instances in the EC2 classic platform. This occurs so that it can communicate with the instances that are present in the virtual private cloud. The communication occurs with the help of private IP addresses. In order to use a classic link, it is important that you enable it to for virtual private cloud in your account. Then you will need to associate a security group with an instance in the EC2 classic. This security group is from the VPC for which you enabled the classic link in your account. Each and every rule that is there for the VPC security group is applicable for the communications between the instances in EC2 classic and those instances in the VPC.
33. What are the topics covered in this course?
Answer: We cover a wide range of topics in this course. We have questions on Amazon Web Services (AWS) best practices, Security, Simple Storage Service S3, Elastic Compute Cloud EC2, Elastic Load Balancing ELB, CloudFront, DynamoDB, CloudWatch, ElastiCache, and Lambda.
34. What could be done to resolve this issue? Answer: Attach an Internet gateway to the VPC and route it to the subnet
Add an elastic IP address to the instance
Use Amazon Elastic Load Balancer to serve requests to your instances located in the internal subnet.
35. Which of the following is incorrect with regards to Private IP addresses?
- In Amazon EC2 classic, the private IP addresses are only returned to Amazon EC2 when the instance is stopped or terminated
- In Amazon VPC, an instance retains its private IP addresses when the instance is stopped.
- In Amazon VPC, an instance does NOT retain its private IP addresses when the instance is stopped.
- In Amazon EC2 classic, the private IP address is associated exclusively with the instance for its lifetime
36. How can one connect a VPC to the corporate data center?
Answer: In order to establish a hardware VPN connection among an existing network and Amazon, VPC will permit you to interact with Amazon EC2 instances that are present within a VPC as if they were already present within the existing network. Network address translation is not performed by AWS on Amazon EC2 instances that are present within a VPN connection that is VPC accessed through hardware.
37. Which automation gears help with spinup services?
Answer: For spinup services as well as for the written script, API tools are used.
All these scripts can be coded in your preferred languages like Perl, bash, etc. Another option is patterned administration and stipulating tools like a dummy or improved descendants. For a controlled explanation like Rightscale, a tool called Scalar can be used…
38. How can you safeguard EC2 instances running on a VPC?
Answer: AWS Security groups associated with EC2 instances can help you safeguard EC2 instances running in a VPC by providing security at the protocol and port access level. You can configure both INBOUND and OUTBOUND traffic to enables secured access for the EC2 instance.AWS security groups are much similar to a firewall-they contain a set of rules which filter the traffic coming into and out of an EC2 instance and deny any kind of unauthorized access to EC2 instances.
39. What happens when you launch instances in Amazon VPC?
Answer: Each instance has a default IP address when the instance is launched in Amazon VPC. This approach is considered ideal when you need to connect cloud resources with the data centers.
40. How do you choose an Availability Zone?
Answer: Let’s understand this through an example, consider there’s a company which has a user base in India as well as in the US.
Let us see how we will choose the region for this use case :
So, with reference to the above figure the regions to choose between are, Mumbai and North Virginia. Now let us first compare the pricing, you have hourly prices, which can be converted to your per month figure. Here North Virginia emerges as a winner. But, pricing cannot be the only parameter to consider. Performance should also be kept in mind hence, let’s look at latency as well. Latency basically is the time that a server takes to respond to your requests i.e the response time. North Virginia wins again!
So concluding, North Virginia should be chosen for this use case.
41. How is AWS Elastic Beanstalk different than AWS Ops Works?
Answer: AWS Elastic Beanstalk is an application management platform while OpsWorks is a configuration management platform. BeanStalk is an easy to use service which is used for deploying and scaling web applications developed with Java, .Net, PHP, Node.js, Python, Ruby, Go and Docker. Customers upload their code and Elastic Beanstalk automatically handles the deployment. The application will be ready to use without any infrastructure or resource configuration.
In contrast, AWS Opsworks is an integrated configuration management platform for IT administrators or DevOps engineers who want a high degree of customization and control over operations.
42. What are the different types of cloud services?
Answer: Software as a Service (SaaS), Data as a Service (DaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
43. Explain what is T2 instances?
Answer: T2 instances are designed to provide moderate baseline performance and the capability to burst to higher performance as required by workload.
44. Give one instance where you would prefer Provisioned IOPS over Standard RDS storage?
When you have batch-oriented workloads.
These are some of the popular questions asked in AWS architect interviews. Always be prepared to answer all types of questions — technical skills, interpersonal, leadership or methodology. If you are someone who has recently started your career in cloud computing, you can always get certified in one of the technical courses like AWS Architect to get the requisite knowledge and skills.
45. Describe the definition of AWS?
Answer: AWS means the Amazon Web Service; it is a gathering of remote computing facilities also identified as cloud computing stage. This new-fangled dominion of cloud computing is also recognized as IaaS which means Infrastructure as a Service.
46. what is the connection between Instance and AMI?
Answer: Amazon Web Services offers numerous ways to contact Amazon EC2, like web-based border, AWS Command Line Interface CLI as well as Amazon Tools for Windows Power Shell. Initially, you are required to sign up for an AWS version and you can contact Amazon EC2. Amazon EC2 offers a Query API. These requirements are HTTP or HTTPS requirements that practice the HTTP verbs GET or POST and a Query constraint called Action.
47. How can you differentiate between EC2 and Amazon S3?
Answer: EC2 is a cloud web service used for hosting your application
Amazon S3 is a data storage system where any amount of data can be stored
EC2 is like a huge computer machine that can run on both Linux and Windows. It is capable of handling applications like PHP, Python, Apache or any databases
Amazon S3 has a REST interface and uses secure HMAC-SHA1 authentication keys
48. Where do you think AMI fits in designing architecture for a solution?
Answer: AMIs(Amazon Machine Images) are like templates of virtual machines and an instance is derived from an AMI. AWS offers unique sample AMIs, out of which you can choose the favorable for you, while you are launching an instance. Some AMIs are not free, therefore can be purchased from the AWS Marketplace. You can always choose to create your custom AMI that would help you save space on AWS. For example, if you don’t need a set of software on your installation, you can customize your AMI to do that. This makes it cost-efficient since you are removing the unwanted things.
49. What is auto-scaling and how does it work? Answer: The feature of AWS like autoscaling enables you to create and automatically provision and spinup new instances, without your intervention. You can do this by setting thresholds and metrics to monitor. Once the thresholds are crossed, you can opt for a new instance of your choice will be spun up, configured, and rolled into the load balancer pool.
50. What happens if my application stops responding to requests in beanstalk?
Answer: AWS Beanstalk applications have a system in place for avoiding failures in the underlying infrastructure. If an Amazon EC2 instance fails for any reason, Beanstalk will use Auto Scaling to automatically launch a new instance. Beanstalk can also detect if your application is not responding on the custom link, even though the infrastructure appears healthy, it will be logged as an environmental event( e.g a bad version was deployed) so you can take appropriate action.
51. In order to control and mane Amazon VPC, is it possible to make use of AWS management console?
Answer: It is possible to use the AWS management console to manage and control Amazon VPC objects that include subnets, virtual private cloud, IPsec VPN connections, and Internet gateways. Also, you can make use of a simple wizard in order to create a virtual private cloud.
Description: Amazon Web Service (AWS) is one of the fastest-growing fields in the technology world. This course is designed to help you achieve your goals in AWS field. Engineers with AWS knowledge may get more salary than others with similar qualifications without AWS knowledge.
In this course, you will learn how to apply AWS technology in Software Design and Development. I will explain to you what are the tools in AWS to build a highly scalable, resilient system.