AWS Interview Questions and Answers
AWS Certified Solutions Architect Drives to the 15 Top Paying IT Certifications. Absolutely, AWS Solution Architect position is an illustration of the many aimed at amongst IT positions.
We at SVR Technologies are committed to serving you enhance your career in sync with enterprise provisions. That’s how? We have designed a program of AWS Architect Interview questions and answers that will most apparently get asked while your interview. If you’ve visited an AWS Architect interview or have supplementary questions beyond what we have covered, we inspire you to supplement them in the comments segment subsequently.
In the meantime, you can maximize the Cloud computing profession occasions that are positive to grow your way by practicing AWS Certified Solutions Architect Training with SVR Technologies. You can go for the AWS Architect certification exam after competition of the course at SVR Technologies.
AWS Interview Questions and Answers:
The AWS Solution Architect Purpose: With concerns to AWS, a Solution Architect would outline and describe AWS architecture for subsisting methods, moving them to cloud architectures as well as elaborating professional road-maps for prospective AWS cloud implementations. So, in this AWS Architect interview questions blog, in all segment, we will begin with the fundamentals and later lead our way ahead to further technological questions, toward the best learning experience please indicate the questions in series so that the thoughts for the following question will be apparent in the first.
This page comprises the number of Amazon Web Services the top AWS Interview Questions and Answers (FAQs) below level AWS. Certain questions are accumulated from different sources like educational websites, blogs, forums, discussion boards including Wikipedia. These scheduled questions can definitely help in preparing for the AWS interview job.
1. What is AWS Lambda?
Answer: AWS Lambda is a compute service that lets you run code in the AWS Cloud without provisioning or managing servers.
2. What is a Serverless application in AWS?
Answer: The AWS Serverless Application Model (AWS SAM) extends AWS CloudFormation to provide a simplified way of defining the Amazon API Gateway APIs, AWS Lambda functions, and Amazon DynamoDB tables needed by your serverless application.
3. What is the use of Amazon ElastiCache?
Answer: Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud.
4. Differentiate between stopping and terminating an instance?
Answer: When an instance is stopped, the instance performs a normal shutdown and then transitions to a stopped state.
When an instance is terminated, the instance performs a normal shutdown, then the attached Amazon EBS volumes are deleted unless the volume’s delete on termination attribute is set to false.
5. Give one instance where you would prefer Provisioned IOPS over Standard RDS storage?
Answer: When you have batch-oriented workloads.
These are some of the popular questions asked in AWS architect interviews. Always be prepared to answer all types of questions — technical skills, interpersonal, leadership or methodology. If you are someone who has recently started your career in cloud computing, you can always get certified in one of the technical courses like AWS Architect to get the requisite knowledge and skills.
6. What Automation Tools Can I Use To Spin Up Servers?
Answer: The most obvious way is to roll-your-own scripts, and use the AWS API tools. Such scripts could be written in bash, Perl or another language or your choice.
The next option is to use configuration management and provisioning tools like puppet or better it’s successor Opscode Chef. You might also look towards a tool like Scalr. Lastly, you can go with a managed solution such as Rightscale.
7. Explain How You Would Simulate Perimeter Security Using The Amazon Web Services Model?
Answer: Traditional perimeter security that we’re already familiar with using firewalls and so forth is not supported in the Amazon EC2 world. AWS supports security groups. One can create a security group for a jump box with ssh access – only port 22 open. From there a webserver group and database group are created. The webserver group allows 80 and 443 from the world, but port 22 *only* from the jump box group. Further, the database group allows port 3306 from the webserver group and port 22 from the jump box group. Add any machines to the webserver group and they can all hit the database. No one from the world can, and no one can directly ssh to any of your boxes.
8. How To Use Amazon Sqs?
Answer: Amazon SQS (Simple Queue Service) is a message passing mechanism that is used for communication between different connectors that are connected with each other. It also acts as a communicator between various components of Amazon. It keeps all the different functional components together. This functionality helps different components to be loosely coupled, and provide an architecture that is more failure resilient system.
9. What kind of network performance parameters can you expect when you launch instances in a cluster placement group?
Answer: The network performance depends on the instance type and network performance specification, if launched in a placement group you can expect up to
10 Gbps in a single-flow,
20 Gbps in multi-flow i.e full duplex
Network traffic outside the placement group will be limited to 5 Gbps(full-duplex).
10. To deploy a 4 node cluster of Hadoop in AWS which instance type can be used?
Answer: First let’s understand what actually happens in a Hadoop cluster, the Hadoop cluster follows a master-slave concept. The master machine processes all the data, slave machines store the data and act as data nodes. Since all the storage happens at the slave, a higher capacity hard disk would be recommended and since master does all the processing, a higher RAM and a much better CPU is required. Therefore, you can select the configuration of your machine depending on your workload. For e.g. – In this case, c4.8xlarge will be preferred for master machine whereas for slave machine we can select i2.large instance. If you don’t want to deal with configuring your instance and installing Hadoop cluster manually, you can straight away launch an Amazon EMR (Elastic Map Reduce) instance which automatically configures the servers for you. You dump your data to be processed in S3, EMR picks it from there, processes it, and dumps it back into S3.
11. Where do you think an AMI fits, when you are designing an architecture for a solution?
Answer: AMIs(Amazon Machine Images) are like templates of virtual machines and an instance is derived from an AMI. AWS offers pre-baked AMIs which you can choose while you are launching an instance, some AMIs are not free, therefore can be bought from the AWS Marketplace. You can also choose to create your own custom AMI which would help you save space on AWS. For example, if you don’t need a set of software for your installation, you can customize your AMI to do that. This makes it cost-efficient since you are removing the unwanted things.
12. How do you choose an Availability Zone?
Answer: Let’s understand this through an example, consider there’s a company which has a user base in India as well as in the US.
Let us see how we will choose the region for this use case :
So, with reference to the above figure the regions to choose between are, Mumbai and North Virginia. Now let us first compare the pricing, you have hourly prices, which can be converted to your per month figure. Here North Virginia emerges as a winner. But, pricing cannot be the only parameter to consider. Performance should also be kept in mind hence, let’s look at latency as well. Latency basically is the time that a server takes to respond to your requests i.e the response time. North Virginia wins again!
So concluding, North Virginia should be chosen for this use case.
13. Is one Elastic IP address enough for every instance that I have running?
Answer: Depends! Every instance comes with its own private and public address. The private address is associated exclusively with the instance and is returned to Amazon EC2 only when it is stopped or terminated. Similarly, the public address is associated exclusively with the instance until it is stopped or terminated. However, this can be replaced by the Elastic IP address, which stays with the instance as long as the user doesn’t manually detach it. But what if you are hosting multiple websites on your EC2 server, in that case, you may require more than one Elastic IP address.
14. How can you speed up data transfer in Snowball?
Answer: The data transfer can be increased in the following way:
By performing multiple copy operations at one time i.e. if the workstation is powerful enough, you can initiate multiple cp commands each from different terminals, on the same Snowball device.
Copying from multiple workstations to the same snowball.
Transferring large files or by creating a batch of small file, this will reduce the encryption overhead.
Eliminating unnecessary hops i.e. make a setup where the source machine(s) and the snowball are the only machines active on the switch being used, this can hugely improve performance.
15. When do you need to move data over long distances using the internet, for instance across countries or continents to your Amazon S3 bucket, which method or service will you use?
Answer: You would not use Snowball, because for now, the snowball service does not support cross-region data transfer, and since, we are transferring across countries, Snowball cannot be used. aws Online Training Institute Acceleration shall be the right choice here as it throttles your data transfer with the use of optimized network paths and Amazon’s content delivery network to 300% compared to normal data transfer speed.
16. Can I connect my corporate data center to the Amazon Cloud?
Answer: Yes, you can do this by establishing a VPN(Virtual Private Network) connection between your company’s network and your VPC (Virtual Private Cloud), this will allow you to interact with your EC2 instances as if they were within your existing network
17. In CloudFront what happens when content is NOT present at an Edge location and a request is made to it?
Answer: CloudFront is a content delivery system, which caches data to the nearest edge location from the user, to reduce latency. If data is not present at an edge location, the first time the data may get transferred from the original server, but from the next time, it will be served from the cached edge.
18. If I’m using Amazon CloudFront, can I use Direct Connect to transfer objects from my own data center?
Answer: Yes. Amazon CloudFront supports custom origins including origins from outside of AWS. With AWS Direct Connect, you will be charged with the respective data transfer rates.
19. If my AWS Direct Connect fails, will I lose my connectivity?
Answer: If a backup AWS Direct connect has been configured, in the event of a failure it will switch over to the second one. It is recommended to enable Bidirectional Forwarding Detection (BFD) when configuring your connections to ensure faster detection and failover. On the other hand, if you have configured a backup IPsec VPN connection instead, all VPC traffic will failover to the backup VPN connection automatically. Traffic to/from public resources such as Amazon S3 will be routed over the Internet. If you do not have a backup AWS Direct Connect link or an IPsec VPN link, then Amazon VPC traffic will be dropped in the event of a failure.
20. If I launch a standby RDS instance, will it be in the same Availability Zone as my primary?
Answer: No, since the purpose of having a standby instance is to avoid an infrastructure failure (if it happens), therefore the standby instance is stored in a different availability zone, which is a physically different independent infrastructure.
21. When would I prefer Provisioned IOPS over Standard RDS storage?
Answer: Provisioned IOPS deliver high IO rates but on the other hand it is expensive as well. Batch processing workloads do not require manual intervention they enable full utilization of systems, therefore a provisioned IOPS will be preferred for the batch-oriented workload.
22. How is Amazon RDS, DynamoDB and Redshift different?
Answer: Amazon RDS is a database management service for relational databases, it manages patching, upgrading, backing up of data, etc. of databases for you without your intervention. RDS is a Db management service for structured data only.
DynamoDB, on the other hand, is a NoSQL database service, NoSQL deals with unstructured data.
Redshift is an entirely different service, it is a data warehouse product and is used in data analysis.
23. If I am running my DB Instance as a Multi-AZ deployment, can I use the standby DB Instance for reading or write operations along with primary DB instance?
Answer: No, Standby DB instance cannot be used with primary DB instance in parallel, as the former is solely used for standby purposes, it cannot be used unless the primary instance goes down.
24. Can I run more than one DB instance for Amazon RDS for free?
Answer: Yes. You can run more than one Single-AZ Micro database instance, that too for free! However, any use exceeding 750 instance hours, across all Amazon RDS Single-AZ Micro DB instances, across all eligible database engines and regions, will be billed at standard Amazon RDS prices. For example: if you run two Single-AZ Micro DB instances for 400 hours each in a single month, you will accumulate 800 instance hours of usage, of which 750 hours will be free. You will be billed for the remaining 50 hours at the standard Amazon RDS price.
25. Which AWS services will you use to collect and process e-commerce data for near real-time analysis?
Answer: DynamoDB is a fully managed NoSQL database service. DynamoDB, therefore, can be fed any type of unstructured data, which can be data from e-commerce websites as well, and later, an analysis can be done on them using Amazon Redshift. We are not using Elastic MapReduce since a near-real-time analysis is needed.
26. Can I retrieve only a specific element of the data, if I have a nested JSON data in DynamoDB?
Answer: Yes. When using the GetItem, BatchGetItem, Query or Scan APIs, you can define a Projection Expression to determine which attributes should be retrieved from the table. Those attributes can include scalars, sets, or elements of a JSON document.
27. What happens to my backups and DB Snapshots if I delete my DB Instance?
Answer: When you delete a DB instance, you have an option of creating a final DB snapshot, if you do that you can restore your database from that snapshot. RDS retains this user-created DB snapshot along with all other manually created DB snapshots after the instance is deleted, also automated backups are deleted and only manually created DB Snapshots are retained.
28. How can I load my data to Amazon Redshift from different data sources like Amazon RDS, Amazon DynamoDB and Amazon EC2?
Answer: You can load the data in the following two ways:
You can use the COPY command to load data in parallel directly to Amazon Redshift from Amazon EMR, Amazon DynamoDB, or any SSH-enabled host.
AWS Data Pipeline provides a high performance, reliable, fault-tolerant solution to load data from a variety of AWS data sources. You can use the AWS Data Pipeline to specify the data source, desired data transformations, and then execute a pre-written import script to load your data into Amazon Redshift.
29. Suppose you have an application where you have to render images and also do some general computing. From the following services which service will best fit your need?
Answer: You will choose an application load balancer, since it supports path-based routing, which means it can take decisions based on the URL, therefore if your task needs image rendering it will route it to a different instance, and for general computing, it will route it to a different instance.
30. What is the difference between Scalability and Elasticity?
Answer: Scalability is the ability of a system to increase its hardware resources to handle the increase in demand. It can be done by increasing the hardware specifications or increasing the processing nodes.
Elasticity is the ability of a system to handle the increase in the workload by adding additional hardware resources when the demand increases(same as scaling) but also rolling back the scaled resources when the resources are no longer needed. This is particularly helpful in Cloud environments, where a pay per use model is followed.
31. How will you change the instance type for instances which are running in your application tier and are using Auto Scaling? Where will you change it from the following areas?
Answer: Autoscaling tags configuration, is used to attach metadata to your instances, to change the instance type you have to use auto-scaling launch configuration.
32. When should I use a Classic Load Balancer and when should I use an Application load balancer?
Answer: A Classic Load Balancer is ideal for simple load balancing of traffic across multiple EC2 instances, while an Application Load Balancer is ideal for microservices or container-based architectures where there is a need to route traffic to multiple services or load balance across multiple ports on the same EC2 instance.
33. What does Connection draining do?
Answer: Connection draining is a service under ELB which constantly monitors the health of the instances. If any instance fails a health check or if any instance has to be patched with a software update, it pulls all the traffic from that instance and reroutes them to other instances.
34. When an instance is unhealthy, it is terminated and replaced with a new one, which of the following services does that?
Answer: When ELB detects that an instance is unhealthy, it starts routing incoming traffic to other healthy instances in the region. If all the instances in a region becomes unhealthy, and if you have instances in some other availability zone/region, your traffic is directed to them. Once your instances become healthy again, they are re-routed back to the original instances.
35. What are lifecycle hooks used for in AutoScaling?
Answer: Lifecycle hooks are used for putting wait time before any lifecycle action i.e launching or terminating an instance happens. The purpose of this wait time can be anything from extracting log files before terminating an instance or installing the necessary software in an instance before launching it.
36. A user has set up an Auto Scaling group. Due to some issue the group has failed to launch a single instance for more than 24 hours. What will happen to Auto Scaling in this condition?
Answer: Auto Scaling allows you to suspend and then resume one or more of the Auto Scaling processes in your Auto Scaling group. This can be very useful when you want to investigate a configuration problem or other issue with your web application, and then make changes to your application, without triggering the Auto Scaling process.
37. What happens if CloudTrail is turned on for my account but my Amazon S3 bucket is not configured with the correct policy?
Answer: CloudTrail files are delivered according to S3 bucket policies. If the bucket is not configured or is misconfigured, CloudTrail might not be able to deliver the log files.
38. How do I transfer my existing domain name registration to Amazon Route 53 without disrupting my existing web traffic?
Answer: You will need to get a list of the DNS record data for your domain name first, it is generally available in the form of a “zone file” that you can get from your existing DNS provider. Once you receive the DNS record data, you can use Route 53’s Management Console or simple web-services interface to create a hosted zone that will store your DNS records for your domain name and follow its transfer process. It also includes steps such as updating the nameservers for your domain name to the ones associated with your hosted zone. For completing the process you have to contact the registrar with whom you registered your domain name and follow the transfer process. As soon as your registrar propagates the new name server delegations, your DNS queries will start to get answered.
39. How is AWS Elastic Beanstalk different than AWS OpsWorks?
Answer: AWS Elastic Beanstalk is an application management platform while OpsWorks is a configuration management platform. BeanStalk is an easy to use service which is used for deploying and scaling web applications developed with Java, .Net, PHP, Node.js, Python, Ruby, Go and Docker. Customers upload their code and Elastic Beanstalk automatically handles the deployment. The application will be ready to use without any infrastructure or resource configuration.
In contrast, AWS Opsworks is an integrated configuration management platform for IT administrators or DevOps engineers who want a high degree of customization and control over operations.
40. What happens if my application stops responding to requests in beanstalk?
Answer: AWS Beanstalk applications have a system in place for avoiding failures in the underlying infrastructure. If an Amazon EC2 instance fails for any reason, Beanstalk will use Auto Scaling to automatically launch a new instance. Beanstalk can also detect if your application is not responding on the custom link, even though the infrastructure appears healthy, it will be logged as an environmental event( e.g a bad version was deployed) so you can take an appropriate action.
41. How is AWS OpsWorks different than AWS CloudFormation?
Answer: OpsWorks and CloudFormation both support application modeling, deployment, configuration, management, and related activities. Both support a wide variety of architectural patterns, from simple web applications to highly complex applications. AWS OpsWorks and AWS CloudFormation differ in abstraction level and areas of focus.
AWS CloudFormation is a building block service which enables the customer to manage almost any AWS resource via JSON-based domain specific language. It provides foundational capabilities for the full breadth of AWS, without prescribing a particular model for development and operations. Customers define templates and use them to provision and manage AWS resources, operating systems and application code.
In contrast, AWS OpsWorks is a higher level service that focuses on providing highly productive and reliable DevOps experiences for IT administrators and ops-minded developers. To do this, AWS OpsWorks employs a configuration management model based on concepts such as stacks and layers and provides integrated experiences for key activities like deployment, monitoring, auto-scaling, and automation. Compared to AWS CloudFormation, AWS OpsWorks supports a narrower range of application-oriented AWS resource types including Amazon EC2 instances, Amazon EBS volumes, Elastic IPs, and Amazon CloudWatch metrics.
42. What happens when one of the resources in a stack cannot be created successfully in AWS OpsWorks?
Answer: When an event like this occurs, the “automatic rollback on error” feature is enabled, which causes all the AWS resources which were created successfully till the point where the error occurred to be deleted. This is helpful since it does not leave behind any erroneous data, it ensures the fact that stacks are either created fully or not created at all. It is useful in events where you may accidentally exceed your limit of the no. of Elastic IP addresses or maybe you may not have access to an EC2 AMI that you are trying to run etc.
43. What automation tools can you use to spin up servers?
Answer: Any of the following tools can be used:
Roll-your-own scripts, and use the AWS API tools. Such scripts could be written in bash, Perl or other language of your choice.
Use a configuration management and provisioning tool like puppet or its successor Opscode Chef. You can also use a tool like Scalr.
Use a managed solution such as Rightscale.
44. What are the differences among Spot instance, On-Demand instance, and Reserved Instances?
Answer: All these instances are models for pricing. Spot instance powers the customers to acquire compute capacity without having any upfront commitment. The hourly rate of Spot instance is usually higher than the speed of the On-Demand instance. Both in Spot instance and On-Demand instance, the users, do not commit to any particular duration. However, there is a fixed period to which the users have to stick in the Reserved Instance. Learn From Real-Time Experts
45. What are the network performance parameters that you should be expecting when you launch Instances in a cluster placement group?
Answer: The network performance depends on two elements:
Instance type
Network performance specification
One should expect the following things when instances are launched in a cluster placement group:
10 Gbps in a single flow
20 Gbps in full-duplex
Outside of the placement unit, the network traffic will be limited to 5 Gbps.
AWS Interview Questions and Answers
46. Is it enough to have only one Elastic IP for all the instances that I have been running?
Answer: There is no definite answer to this question because it depends on the instance. The instances have their public and private addresses. Both the private and the public address remains associated with the Amazon EC2 and instance respectively until it is terminated or stopped. These addresses can be replaced with Elastic address, and it remains with the Instance until the user does not manually detach it. If multiple websites are being hosted on the EC2 server, more than one Elastic IP will be required.
47. Why do you make subnets?
Answer: Subnets are created to utilize the networks efficiently that have a significant number of hosts. Managing a network, which is filled with a large number of hosts is very tedious. When the network is divided into subnets, it becomes easier to manage the hosts.
48. What is the difference between Elasticity and Scalability?
Answer: Scalability refers to the ability of the system to increase and improve its hardware resources so that it can meet the growth in demand. Scalability can be achieved by increasing:
1. Hardware specifications
2. Processing nodes
Elasticity refers to the ability of the system to manage the growth in workload by increasing the hardware resources when the demands are high. However, when the demand is low, the additional hardware resources have to be rolled back. Elasticity becomes helpful when one is dealing with Cloud environments.
49. I want to transfer my present domain name registration to the Amazon Route 53 without disturbing or disrupting my current web traffic. What should I do to achieve this?
Answer: Follow the steps given below to transfer your domain name registration to Amazon route 53:
Step 1: Get a list of the DNS record data, which is available for your domain name.
Step 2: Use Route 53 Management Console to create a hosted zone, which will be storing the DNS records of your domain and then start the transfer process.
Step 3: Contact with the registrar with whom you have registered the domain name. Follow the transfer process.
Your DNS queries will be answered when the registrar propagates the requirement of the new name server delegations.
50. What automation tools will you spin up servers?
Answer: The following tools can be used to spin up servers:
Roll-your-own scripts tool
AWS API tools
Configuration management and provisioning tool (Example, Opscode Chef)
Managed solution tool (Example, Rightscale)
The questions mentioned above are frequently asked in the AWS interview. Brush up your knowledge and try to answer these questions without actually reading the answers to know about the depth of your knowledge. If you could respond to these above-listed questions without going through the answers given in this post, then you are already standing at a high-level and may proceed to the next level to deal with the much complex questionnaire. In the other case, please brush up your skills and knowledge and try to answer these questions again.