Top 50 Amazon Web Services Interview Questions and Answers Pdf
AWS Certified Solutions Architect Drives to the 15 Top Paying IT Certifications. Absolutely, AWS Solution Architect position is an illustration of the many aimed at amongst IT positions.
We at SVR Technologies are committed to serving you enhance your career in sync with enterprise provisions. That’s how? We have designed a program of AWS Architect Interview questions and answers that will most apparently get asked while your interview. If you’ve visited an AWS Architect interview or have supplementary questions beyond what we have covered, we inspire you to supplement them in the comments segment subsequently.
In the meantime, you can maximize the Cloud computing profession occasions that are positive to grow your way by practicing AWS Certified Solutions Architect Training with SVR Technologies. You can go for the AWS Architect certification exam after competition of the course at SVR Technologies.
The AWS Solution Architect Purpose: With concerns to AWS, a Solution Architect would outline and describe AWS architecture for subsisting methods, moving them to cloud architectures as well as elaborating professional road-maps for prospective AWS cloud implementations .So, in this AWS Architect interview questions blog, in all segment, we will begin with the fundamentals and later lead our way ahead to further technological questions, toward the best learning experience please indicate the questions in series so that the thoughts for the following question will be apparent in the first.
This page comprises the number of Amazon Web Services Training the top AWS Interview Questions and Answers (FAQs) below level AWS. Certain questions are accumulated from different sources like educational websites, blogs, forums, discussion boards including Wikipedia. These scheduled questions can definitely help in preparing for AWS interview.
1. What is Amazon RDS?
Answer: RDS stands for Relational Database Service is a web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resize-able capacity for an industry-standard relational database and manages common database administration tasks.
2. What is MFA in AWS?
Answer: AWS Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection on top of your user name and password. With MFA enabled, when a user signs in to an AWS website, they will be prompted for their user name and password (the first factor—what they know), as well as for an authentication code from their AWS MFA device (the second factor—what they have). Taken together, these multiple factors provide increased security for your AWS account settings and resources.
3. What is Amazon AppStream and advantage of using AppStreaming?
Answer: Amazon AppStream is an application streaming service that lets you stream your existing resource-intensive applications from the cloud without code modifications.
4. Which AWS responsible for managed email and calendaring?
Answer: WorkMail is a managed email and calendaring service with strong security controls and support for existing desktop and mobile email clients. You can access their email, contacts, and calendars wherever you use Microsoft Outlook, your browser, or your iOS and Android mobile devices. You can integrate Amazon WorkMail with your existing corporate directory and control both the keys that encrypt your data and the location where your data is stored.
5. What are the benefits of EBS vs. instance-store?
- EBS backed instances can be set so that they cannot be (accidentally) terminated through the API.
- EBS backed instances can be stopped when you’re not using them and resumed when you need them again (like pausing a Virtual PC), at least with my usage patterns saving much more money than I spend on a few dozen GB of EBS storage.
- EBS backed instances don’t lose their instance storage when they crash (not a requirement for all users, but makes recovery much faster)
- You can dynamically resize EBS instance storage.
- You can transfer the EBS instance storage to a brand new instance (useful if the hardware at Amazon you were running on gets flaky or dies, which does happen from time to time)
- It is faster to launch an EBS backed instance because the image does not have to be fetched from S3.
6. How do you pass the custom environment variable on Amazon Elastic Beanstalk (AWS EBS)?
Answer: As a heads up to anyone who uses the .ebextensions/*.config way: nowadays you can add, edit and remove environment variables in the Elastic Beanstalk web interface.
The variables are under Configuration → Software Configuration:
7. Is it possible to use AWS as a web host? What is the way of using AWS as a web host?
Answer: Yes, it is completely possible to host websites on AWS in 2 ways:
1. Easy – S3 (Simple Storage Solution) is a bucket storage solution that lets you serve static content e.g. images but has recently been upgraded so you can use it to host flat.html files and your site will get served by a default Apache installation with the very little configuration on your part (but also little control).
2. Trickier – you can use EC2 (Elastic Compute Cloud) and create a virtual Linux instance then install Apache/NGinx (or whatever) on that to give you complete control over serving whatever/however you want. You use Security Groups to enable/disable ports for individual machines or groups of them.
8. How do you see how much disk space is using my S3 bucket?
Answer: s3cmd can show you this by running s3cmd du, optionally passing the bucket name as an argument.
9. Write down the command you will use to copy all files from one S3 bucket to another with s3cmd?
Answer: s3cmd sync s3://from/this/bucket/ s3://to/this/bucket/
10. What is the difference between Amazon SNS and Amazon SQS?
⦁ Amazon SNS allows applications to send time-critical messages to multiple subscribers through a “push” mechanism, eliminating the need to periodically check or “poll” for updates.
⦁ Amazon SQS is a message queue service used by distributed applications to exchange messages through a polling model and can be used to decouple sending and receiving components—without requiring each component to be concurrently available.
11. How many objects you can put in an S3 bucket? is there a limit to the number of objects I can put in an S3 bucket?
Answer: Write, read, and delete objects containing from 1 byte to 5 terabytes of data each. The number of objects you can store is unlimited.
12. How to delete files recursively from an S3 bucket?
aws s3 rm –recursive s3://your_bucket_name/foo/
Or delete everything under the bucket:
aws s3 rm –recursive s3://your_bucket_name
If what you want is to actually delete the bucket, there is one-step shortcut:
aws s3 RB –force s3://your_bucket_name
13. How to access/ping a server located on AWS?
Using UI: In your security group:
- Click the inbound tab
- Create a custom ICMP rule
- Select echo request
- Use range 0.0.0.0/0 for everyone or lock it down to specific IPs
- Apply the changes
- and you’ll be able to ping.
Using cmd: To do this on the command line you can run:
- ec2-authorize -P ICMP -t -1:-1 -s 0.0.0.0/0
14. What is the maximum length of a file-name in S3?
Answer: Names are the object keys. The name for a key is a sequence of Unicode characters whose UTF-8 encoding is at most 1024 bytes long.
15. Why should we consider AWS? How would you convince a customer to start using AWS? Answer: Primary advantage is going to be cost savings. As a customer support engineer, your job role involves talking to current customers, prospective customers to help them determine if they really have to move to AWS from their current infrastructure. In addition to providing a convincing answer in terms of cost savings, it would be better if you give them a real simple explanation of flexibility, elastic capacity planning that offers the option of pay as you use infrastructure, easy to manage AWS console, etc.
16. In RDS, what is the maximum value you can set for my backup retention period?
Answer: 35 Days.
17. How to find your regions and Availability Zones using the Amazon EC2 CLI?
Answer: Use the ec2-describe-regions command as follows to describe your regions.
REGION us-east-1 ec2.us-east-1.amazonaws.com
REGION ap-northeast-1 ec2.ap-northeast-1.amazonaws.com
REGION ap-southeast-1 ec2.ap-southeast-1.amazonaws.com
18. In RDS, Automated backups are enabled by default for new DB Instance, true or false? Answer: True
19. What is Amazon VPC?
Answer: Amazon Virtual Private Cloud (Amazon VPC) enables you to launch Amazon Web Services (AWS) resources into a virtual network that you’ve defined. This virtual network closely resembles a traditional network that you’d operate in your own data center, with the benefits of using the scalable infrastructure of AWS.
20. In S3, what does RRS stand for?
Answer: Reduced Redundancy Storage21. What are the 4 levels of AWS premium support? Answer: Basic, Developer, Business, Enterprise
22. What is the difference between Elastic Beanstalk and CloudFormation?
Answer: Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, auto-scaling to application health monitoring based on the code you upload to it.
CloudFormation is an automated provisioning engine to deploy entire cloud environments via JSON.
23. What action is required to establish an Amazon Virtual Private Cloud (VPC) VPN?
Answer: We need to assign a static internet-routable IP address to an Amazon VPC customer gateway.
24. Why we use VPC in AWS?
Answer: Normally, each EC2 instance you launch is randomly assigned a public IP address in the Amazon EC2 address space. VPC allows you to create an isolated portion of the AWS cloud and launch EC2 instances that have a private address in the range of your choice (10.0.0.0, for instance)
25. Can you describe the steps of creating default VPC in AWS?
Answer: When we create a default VPC, we do the following to set it up for you:
- Create a default subnet in each Availability Zone.
- Create an Internet gateway and connect it to your default VPC.
- Create the main route table for your default VPC with a rule that sends all traffic destined for the Internet to the Internet gateway.
- Create a default security group and associate it with your default VPC.
- Create a default network access control list (ACL) and associate it with your default VPC.
- Associate the default DHCP options set for your AWS account with your default VPC.
- The following figure illustrates the key components that we set up for a default VPC.
26. What are the three features provided by Amazon that you can use to increase and monitor the security?
Answer: Amazon VPC provides three features that you can use to increase and monitor the security for your VPC:
- Security groups — Act as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level
- Network access control lists (ACLs) — Act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level
- Flow logs — capture information about the IP traffic going to and from network interfaces in your VPC
27. What is the difference between Network ACLs and Security Groups in AWS?
Network ACLs: A network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC. For more information about the differences between security groups and network ACLs, see Comparison of Security Groups and Network ACLs.
Security Groups: A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign the instance to up to five security groups. Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in your VPC could be assigned to a different set of security groups. If you don’t specify a particular group at launch time, the instance is automatically assigned to the default security group for the VPC.
28. What benefits to VPC security groups give you that EC2 security groups do not?
1. Being able to change the security group after the instance is launched
2. Being able to specify any protocol with a standard number, rather than just TCP, UDP, or ICMP
29. What is an activity in the AWS Data Pipeline?
Answer: An activity AWS Data Pipeline is an Action that is initiated as a part of the pipeline. Some of the activities are: Elastic MapReduce (EMR) Hive jobs Data copies SQL queries Command-line scripts.
30. What is a schedule in the AWS Data Pipeline?
Answer: In AWS Data Pipeline we can define a Schedule. The Schedule contains the information about when will pipeline activities run and with what frequency.
All schedules have a start date and a frequency.
E.g. One schedule can be run every day starting Mar 1, 2016, at 6 am.
Schedules may also have an end date, after which the AWS Data Pipeline service will not execute any activity.
31. What is the main framework behind Amazon Elastic MapReduce (EMR)?
Answer: Apache Hadoop is the main framework behind Amazon EMR. It is a distributed data processing engine.
Hadoop is an Open source Java-based software framework. It supports data-intensive distributed applications running on large clusters of commodity hardware.
Hadoop is based on MapReduce algorithm in which data is divided into multiple small fragments of work. Each of these tasks can be executed on any node in the cluster.
In AWS EMR, Hadoop is run on the hardware provides by AWS cloud.
32. What are different states in AWS EMR cluster?
Answer: AWS EMR has the following cluster states:
⦁ STARTING – In this state, cluster provisions, starts, and configures EC2 instances
⦁ BOOTSTRAPPING – In this state cluster is executing the Bootstrap process
⦁ RUNNING – State in which cluster is currently being run
⦁ WAITING – In this state cluster is currently active, but there are no steps to run
⦁ TERMINATING – Shut down of cluster has started
⦁ TERMINATED – The cluster is shut down without any error
⦁ TERMINATED_WITH_ERRORS – The cluster is shut down with errors. ( Top 50 Amazon Web Services Interview Questions and Answers Pdf )
33. When should we use a Classic Load Balancer vs. an Application load balancer?
Answer: A Classic Load Balancer is used for simple load balancing of traffic across multiple EC2 instances.
An Application Load Balancer is more suited for Microservices based architecture or container-based architecture. Mainly in this architecture, there is a need to do load balancing as well as there is a need to route traffic to multiple services on the same EC2 instance.
34. What is the difference between AWS Data Pipeline and the Amazon Simple Workflow Service?
Answer: AWS Data pipeline is mainly used for data-driven workflows that are popular in Big Data systems. AWS Data pipeline can easily copy data between different data stores and it can execute data transformations. To create such data flows, little programming knowledge is required.
Amazon Simple Workflow Service (SWS) is mainly used for process automation. It can easily coordinate work across distributed application components.
We can do media processing, backend flows, analytics pipelines, etc. with SWS. So it is not limited to just Data-driven flows.
35. What is the difference between Region, Availability Zone and Endpoint in AWS?
Answer: In AWS, every region is an independent environment. Within a Region, there can be multiple Availability Zones.
Every Availability Zone is an isolated area. But there are low-latency links that connect one Availability Zone to another within a region.
An endpoint is just an entry point for a web service. Most of the AWS services offer an option to select a regional endpoint for incoming requests. But many services in AWS do not support regions. E.g. IAM. So their endpoints do not have a region. AWS Training
36. What are the use cases for Amazon Kinesis Streams?
Answer: Amazon Kinesis Streams helps in creating applications that deal with streaming data. Kinesis streams can work with data streams up to terabytes per hour rate. Kinesis streams can handle data from thousands of sources. We can also use Kinesis to produce data for use by other Amazon services. Some of the main use cases for Amazon Kinesis Streams are as follows:
Real-time Analytics: At times for real-time events like-Big Friday sale or a major game event, we get a large amount of data in a short period of time. Amazon Kinesis Streams can be used to perform real-time analysis on this data, and make use of this analysis very quickly. Prior to Kinesis, this kind of analysis would take days. Whereas now within a few minutes we can start using the results of this analysis.
Gaming Data: In online applications, thousands of users play and generate a large amount of data. With Kinesis, we can use the streams of data generated by an online game and use it to implement dynamic features based on the actions and behavior of players.
Log and Event Data: We can use Amazon Kinesis to process a large amount of Log data that is generated by different devices. We can build live dashboards, alarms, triggers based on this streaming data by using Amazon Kinesis.
Mobile Applications: In Mobile applications, there is a wide variety of data available due to a large number of parameters like- location of the mobile, type of device, time of the day, etc. We can use Amazon Kinesis Streams to process the data generated by a Mobile App. The output of such processing can be used by the same Mobile App to enhance user experience in real-time.
37. What is the difference between Amazon SQS and Amazon SNS?
Answer: Amazon SQS stands for Simple Queue Service. Whereas, Amazon SNS stands for Simple Notification Service.
SQS is used for implementing Messaging Queue solutions in an application. We can decouple the applications in the cloud by using SQS. Since all the messages are stored redundantly in SQS, it minimizes the chance of losing any message.
SNS is used for implementing Push notifications to a large number of users. With SNS we can deliver messages to Amazon SQS, AWS Lambda or any HTTP endpoint. Amazon SNS is widely used in sending messages to mobile devices as well. It can even send SMS messages to cell phones.
38. When should be using Amazon DynamoDB vs. Amazon S3?
Answer: Amazon DynamoDB is used for storing structured data. The data in DynamoDB is also indexed by a primary key for fast access. Reads and writes in DynamoDB have very low latency due to the use of SSD.
Amazon S3 is mainly used for storing unstructured binary large objects based data. It does not have a fast index like DynamoDB. So we should use Amazon S3 for storing objects with infrequent access requirements.
Another consideration is the size of the data. In DynamoDB the size of an item can be maximum 400 kilobytes. Whereas Amazon S3 supports size as large as 5 terabytes for an object.
Therefore, DynamoDB is more suitable for storing small objects with frequent access and S3 is ideal for storing very large objects with infrequent access.
39. What are the different APIs available in Amazon DynamoDB?
Answer: Amazon DynamoDB supports both documents as well as key-based NoSQL databases. Due to this APIs in DynamoDB are generic enough to serve both the types.
Some of the main APIs available in DynamoDB is as follows:
40. What are the main benefits of using Amazon DynamoDB?
Answer: Amazon DynamoDB is a highly scalable NoSQL database that has very fast performance. Some of the main benefits of using Amazon DynamoDB are as follows:
Administration: In Amazon DynamoDB, we do not have to spend effort on the administration of the database. There are no servers to provision or manage. We just create our tables and start using them.
Scalability: DynamoDB provides the option to specify the capacity that we need for a table. Rest of the scalability is done under the hood by DynamoDB.
Fast Performance: Even at a very high scale, DynamoDB delivers very fast performance with low latency. It will use SSD and partitioning behind the scenes to achieve the throughput that a user specifies.
Access Control: We can integrate DynamoDB with IAM to create fine-grained access control. This can keep our data secure in DynamoDB.
Flexible: DynamoDB supports both document and key-value data structures. So it helps in providing the flexibility of selecting the right architecture for our application.
Event-Driven: We can also make use of AWS Lambda with DynamoDB to perform any event-driven programming. This option is very useful for ETL tasks.
41. How will you manage and run a serverless application in AWS?
Answer: We can use AWS Serverless Application Model (AWS SAM) to deploy and run a serverless application. AWS SAM is not a server or software. It is just a specification that has to be followed for creating a serverless application.
Once we create our serverless application, we can use CodePipeline to release and deploy it on AWS. CodePipeline is built on Continuous Integration Continuous Deployment (CI/CD) concept.
42. Can we disable versioning on a version-enabled bucket in Amazon S3?
Answer: No, we cannot disable versioning on a version-enabled bucket in Amazon S3. We can just suspend the versioning on a bucket in S3.
Once we suspend versioning, Amazon S3 will stop creating new versions of the object. It just stores the object with null version ID.
On overwriting an existing object, it just replaces the object with null version ID. So any existing versions of the object still remain in the bucket. But there will be no more new versions of the same object except for the null version ID object.
43. What are the use cases of Cross Region Replication Amazon S3?
Answer: We can use Cross-Region Replication Amazon S3 to make copies of an object across buckets in different AWS Regions. This copying takes place automatically and in an asynchronous mode.
We have to add replication configuration on our source bucket in S3 to make use of Cross-Region Replication. It will create exact replicas of the objects from source bucket to destination buckets in different regions.
Some of the main use cases of Cross Region Replication are as follows:
Compliance: Some times there are laws/regulatory requirements that ask for storing data at farther geographic locations. This kind of compliance can be achieved by using AWS Regions that are spread across the world.
Failover: At times, we want to minimize the probability of system failure due to complete blackout in a region. We can use Cross-Region Replication in such a scenario.
Latency: In case we are serving multiple geographies, it makes sense to replicate objects in the geographical regions that are closer to the end customer. This helps in reducing the latency.
44. Can we do Cross Region replication in Amazon S3 without enabling versioning on a bucket?
Answer: No, we have to enable versioning on a bucket to perform Cross-Region Replication.
45. What are the different types of actions in Object Lifecycle Management in Amazon S3?
Answer: There are mainly two types of Object Lifecycle Management actions in Amazon S3.
Transition Actions: These actions define the state when an Object transitions from one storage class to another storage class. E.g. a new object may transition to STANDARD_IA (infrequent access) class after 60 days of creation. And it can transition to GLACIER after 180 days of creation.
Expiration Actions: These actions specify what happens when an Object expires. We can ask S3 to delete an object completely on expiration.
46. How do we get higher performance in our application by using Amazon CloudFront?Answer: If our application is content-rich and used across multiple locations, we can use Amazon CloudFront to increase its performance. Some of the techniques used by Amazon CloudFront are as follows:
⦁ Caching: Amazon CloudFront caches the copies of our application’s content at locations closer to our viewers. By this caching our users get our content very fast. Also due to caching the load on our main server decreases.
⦁ Edge / Regional Locations: CloudFront uses a global network of Edge and Regional edge locations to cache our content. These locations cater to almost all of the geographical areas across the world.
⦁ Persistent Connections: In certain cases, CloudFront keeps persistent connections with the main server to fetch the content quickly.
⦁ Other Optimization: Amazon CloudFront also uses other optimization techniques like TCP initial congestion window etc to deliver high-performance experience.
47. What is the mechanism behind Regional Edge Cache in Amazon CloudFront?
Answer: A Regional Edge Cache location lies between the main web server and the global edge location. When the popularity of an object/content decreases, the global edge location may take it out from the cache.
But Regional Edge location maintains a larger cache. Due to this the object/content can stay for a long time in Regional Edge location. Due to this CloudFront does not have to go back to the main webserver. When it does not find any object in Global Edge location it just looks for in Regional Edge location.
This improves the performance for serving content to our users in Amazon CloudFront.
48. How will you upload a file greater than 100 megabytes in Amazon S3?
Answer: Amazon S3 supports storing objects or files up to 5 terabytes. To upload a file greater than 100 megabytes, we have to use Multipart upload utility from AWS. By using Multipart upload we can upload a large file in multiple parts.
Each part will be independently uploaded. It doesn’t matter in what order each part is uploaded. It even supports uploading these parts in parallel to decrease overall time. Once all the parts are uploaded, this utility makes these as one single object or file from which the parts were created.
49. What is the use of Amazon Glacier?
Answer: Amazon Glacier is an extremely low-cost cloud-based storage service provided by Amazon.
We mainly use Amazon Glacier for long-term backup purpose.
Amazon Glacier can be used for storing data archives for months, years or even decades.
It can also be used for long term immutable storage based on regulatory and archiving requirements. It provides Vault Lock support for this purpose. In this option, we write once but can read many times the same data.
One use case is for storing certificates that can be issued only once and only the original person keeps the main copy.
50. What are the benefits of Streaming content?
Answer: We can get the following benefits by Streaming content:
Control: We can provide more control to our users for what they want to watch. In video streaming, users can select the locations in the video where they want to start watching from.
Content: With streaming our entire content does not stay at a user’s device. Users get only the part they are watching. Once the session is over, content is removed from the user’s device.
Cost: With streaming, there is no need to download all the content to a user’s device. A user can start viewing content as soon as some part is available for viewing. This saves costs since we do not have to download a large media file before starting each viewing session.