1. How to secure your data for transport in the cloud?
Answer: Ensure that no one can intercept the data as it moves from point A to point B in the cloud and also checks that there are no data leaks with the encryption key from any storage in the cloud. You can also segregate your data from other companies’ data and then encrypt it by using an approved method. In addition, you can ensure the security of older data that remains with a cloud vendor after you have no use for it.
2. What is S3? What is it used for? Should encryption be used in S3?
Answer: According to Amazon, S3 is storage for the Internet. They define it as a “simple storage service that offers software developers a highly-scalable, reliable, and low-latency data storage infrastructure at very low costs”.
Amazon S3 provides a simple web service interface which you can use to store and retrieve any amount of data, at any time, from anywhere on the web. Using this web service, developers can easily build applications that make use of Internet storage.
Encryption should be considered for sensitive data, as S3 is a proprietary technology developed by Amazon themselves, and yet to be proven from a security standpoint.
3. How is AWS OpsWorks different than AWS CloudFormation?
Answer: OpsWorks and CloudFormation both support application modeling, deployment, configuration, management, and related activities. Both support a wide variety of architectural patterns, from simple web applications to highly complex applications. AWS OpsWorks and AWS CloudFormation differ in abstraction level and areas of focus.
AWS CloudFormation is a building block service which enables the customer to manage almost any AWS resource via JSON-based domain-specific language. It provides foundational capabilities for the full breadth of AWS, without prescribing a particular model for development and operations. Customers define templates and use them to provision and manage AWS resources, operating systems and application code.
In contrast, AWS OpsWorks is a higher level service that focuses on providing highly productive and reliable DevOps experiences for IT administrators and ops-minded developers. To do this, AWS OpsWorks employs a configuration management model based on concepts such as stacks and layers and provides integrated experiences for key activities like deployment, monitoring, auto-scaling, and automation. Compared to AWS CloudFormation, AWS OpsWorks supports a narrower range of application-oriented AWS resource types including Amazon EC2 instances, Amazon EBS volumes, Elastic IPs, and Amazon CloudWatch metrics.
4. Explain what is AMI?
Answer: AMI stands for Amazon Machine Image. It’s a template that provides the information (an operating system, an application server, and applications) required to launch an instance, which is a copy of the AMI running as a virtual server in the cloud. You can launch instances from as many different AMIs as you need.
5. What is the Amazon EC2 service?
Answer: Amazon describes Elastic Compute Cloud (Amazon EC2) as a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. Amazon EC2’s simple web service interface allows developers to obtain and configure capacity with minimal friction.
6. How is buffer used in Amazon web services?
Answer: Buffer is used to making the system more resilient to burst of traffic or load by synchronizing different components. The components always receive and process the requests in an unbalanced way. Buffer keeps the balance between different components and makes them work at the same speed to provide faster services.
7. How to use the processor state control feature available on the c4.8xlarge instance?
The processor state control consists of 2 states:
The C state – Sleep state varying from c0 to c6. C6 being the deepest sleep state for a processor
The P state – Performance state p0 being the highest and p15 being the lowest possible frequency.
Now, why the C state and P state. Processors have cores, these cores need thermal headroom to boost their performance. Now since all the cores are on the processor the temperature should be kept at an optimal state so that all the cores can perform at the highest performance.
8. When should I use a Classic Load Balancer and when should I use an Application load balancer?
Answer: A Classic Load Balancer is ideal for simple load balancing of traffic across multiple EC2 instances, while an Application Load Balancer is ideal for microservices or container-based architectures where there is a need to route traffic to multiple services or load balance across multiple ports on the same EC2 instance.
9. What is the difference between SQL and NoSQL Database in AWS?
Answer: Explain about RDS options and Dynamo DB characteristics, their differences, benefits, and purpose of each related to AWS service.
Which option exists to accelerate the performance of a web application? Describe how to improve the performance of web applications by allowing you to retrieve information from a fast, managed, in-memory system, instead of relying entirely on slower disk-based databases. AWS offers a service called Amazon Elastic Cache, it can not only improve load and response time to user actions and queries but also reduce the cost associated with scaling web applications.
10. What is the function of the Amazon Elastic Compute Cloud?
Answer: Amazon Elastic compute cloud also known as Amazon EC2 is an Amazon web service that provides scalable resources and makes the computing easier for developers. The main functions of Amazon EC2 are:
- It provides easy configurable options and allows the user to configure the capacity.
- It provides the complete control of computing resources and let the user run the computing environment according to his requirements.
- It provides a fast way to run the instances and quickly book the system hence reducing the overall time.
- It provides scalability to the resources and changes its environment according to the requirement of the user.
- It provides varieties of tools to the developers to build failure resilient applications.
11. How to deliver content faster?
Answer: Describe in detail the service like Amazon CloudFront which is a content delivery web service. It integrates with other AWS services to give developers and businesses an easy way to distribute content to end-users with low latency, high data transfer speeds, and no minimum usage commitments.
12. What are the different deployment models for Cloud?
The different models are:
- Private Cloud
- Public Cloud
- Hybrid Clouds
13. How to enable an automatic scaling solution according to the user demand?
Explain about Autoscaling features of AWS. Remember that Auto Scaling allows you to scale your Amazon EC2 capacity up or down automatically according to conditions you define, and it is particularly well suited for applications that experience hourly, daily, or weekly variability in usage.
Describe how to create a launch configuration, an auto-scaling group including common limits and how to monitor it using Cloudwatch and how to establish automatic alerts and actions.
14. What is the use of Amazon ElastiCache?
Answer: Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud.
15. What are the managed database services provided by AWS?
Answer: Answer with the Amazon Relational Database Service (Amazon RDS). It is a web service that makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while managing time-consuming database management tasks, allowing you to focus on your applications and business.
It gives you access to the capabilities of a MySQL, Oracle, SQL Server, or PostgreSQL database engines running on your own Amazon RDS cloud-based database instance with high availability configurations.
16. What is the relation between Instance and AMI?
Answer: An Amazon Machine Image (AMI) is a template that contains a software configuration (for example, an operating system, an application server, and applications). From an AMI, you launch an instance, which is a copy of the AMI running as a virtual server in the cloud.
You can launch different types of instances from a single AMI. An instance type determines the hardware of the host computer used for your instance. Each instance type offers different compute and memory capabilities.
17. Explain how the buffer is used in Amazon web services?
Answer: The buffer is used to make the system more robust to manage traffic or load by synchronizing different component.
18. What is an EC2 instance? How to protect and reuse it?
Answer: Explain that EC2 is a web service that provides resizable computing capacity in the cloud. Describe how to create an AMI, taking EC2 snapshot to backup, and reuse EC2 instance. (Company)
19. What kind of instances does AWS offer?
Answer: Describe all EC2 instance types. Each EC2 instance type comprises varying combinations of CPU, memory, storage, and networking capacity giving you the flexibility to choose the appropriate mix of resources for your applications.
20. What uses do API’s have in cloud services?
Answer: Application Programming Interface (API) has the following uses:
- It eliminates the need to write fully-fledged programs
- It provides the instructions to set up communication between one or more applications
- It allows easy creation of applications and links the cloud services with other systems.
21. Is it possible to change the private IP addresses of an EC2 while it is running/stopped in a VPC?
Answer: Primary private IP address is attached with the instance throughout its lifetime and cannot be changed, however secondary private addresses can be unassigned, assigned or moved between interfaces or instances at any point.
22. Which AWS services are offered for business intelligence?
Answer: Describe each AWS related service, highlight Amazon Redshift as a fast, fully managed, petabyte-scale data warehouse solution that makes it simple and cost-effective to efficiently analyze all your data using your existing business intelligence tools.
From the end-user analytic point of view, there exists a service named Amazon QuickSight which is a very fast, easy-to-use, and cloud-powered business intelligence (BI) service. It makes it easy for all employees within an organization to build visualizations, perform ad-hoc analysis, and quickly get business insights from their data. Amazon QuickSight integrates automatically with AWS data services, enables organizations to scale to hundreds of thousands of users, and delivers fast and responsive query performance to them via the SPICE engine.
23. What happens if CloudTrail is turned on for my account but my Amazon S3 bucket is not configured with the correct policy?
Answer: CloudTrail files are delivered according to S3 bucket policies. If the bucket is not configured or is misconfigured, CloudTrail might not be able to deliver the log files.
24. Mention what is the relation between an instance and AMI?
Answer: From a single AMI, you can launch multiple types of instances. An instance type defines the hardware of the host computer used for your instance. Each instance type provides different compute and memory capabilities. Once you launch an instance, it looks like a traditional host, and we can interact with it as we would with any computer.
25. What do you know about the Shared Responsibility Model established with AWS?
Answer: Because you’re building systems on top of the AWS platform, the security responsibilities will be shared. While AWS manages the security of the cloud, security in the cloud is the responsibility of the customer. Customers retain control of the security they choose to implement to protect their own content, platform, applications, systems, and networks, no differently than they would have for the applications in an on-site datacenter.
26. What are storage options provided by AWS?
Answer: Describe in detail all the storage options provided by AWS like EBS, S3, Glacier, etc. Remember that AWS offers many different storage services, including Amazon S3, Amazon EBS, Amazon EFS, and Amazon Glacier. Amazon S3 is an object storage service, Amazon EBS is a block storage service, Amazon EFS is a file storage service, and Amazon Glacier is a long-term archive storage service.
Refer depending on scenario what is the best storage option.
27. How do you choose an Availability Zone?
Answer: Let’s understand this through an example, consider there’s a company which has a user base in India as well as in the US.
Let us see how we will choose the region for this use case:
So, with reference to the above figure the regions to choose between are, Mumbai and North Virginia. Now let us first compare the pricing, you have hourly prices, which can be converted to your per month figure. Here North Virginia emerges as a winner. But, pricing cannot be the only parameter to consider. Performance should also be kept in mind hence, let’s look at latency as well. Latency basically is the time that a server takes to respond to your requests i.e the response time. North Virginia wins again!
28. What are the best practices for Security in Amazon EC2?
There are several best practices to secure Amazon EC2. A few of them are given below:
- Use AWS Identity and Access Management (IAM) to control access to your AWS resources.
- Restrict access by only allowing trusted hosts or networks to access ports on your instance.
- Review the rules in your security groups regularly, and ensure that you apply the principle of least
- Privilege – only open up permissions that you require.
- Disable password-based logins for instances launched from your AMI. Passwords can be found or cracked, and are a security risk.
Learn To Use AWS Tools
Section 3: Amazon Storage.
29. How can you speed up data transfer in Snowball?
The data transfer can be increased in the following way:
- By performing multiple copy operations at one time i.e. if the workstation is powerful enough, you can initiate multiple cp commands each from different terminals, on the same Snowball device.
- Copying from multiple workstations to the same snowball.
- Transferring large files or by creating a batch of small file, this will reduce the encryption overhead.
- Eliminating unnecessary hops i.e. make a setup where the source machine(s) and the snowball are the only machines active on the switch being used, this can hugely improve performance.
30. How to create your own resources into the AWS Cloud?
Answer: Describe the Amazon VPC service. Notice that Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud, where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including the selection of your own IP address range, the creation of subnets, and the configuration of route tables and network gateways.
Highlight VPC security settings using security groups and ACLs for subnets.
31. What does an AMI include?
An AMI includes the following things
A template for the root volume for the instance
Launch permissions decide which AWS accounts can avail the AMI to launch instances
A block device mapping that determines the volumes to attach to the instance when it is launched.
32. What automation tools can you use to spin up servers?
Any of the following tools can be used:
Roll-your-own scripts, and use the AWS API tools. Such scripts could be written in bash, Perl or another language of your choice.
Use a configuration management and provisioning tools like puppet or its successor Opscode Chef. You can also use a tool like Scalr.
Use a managed solution such as Rightscale.
33. If an organization is facing a major change, what is your approach as AWS Solution Architect to suggest to face it?
Answer: This reveals if the candidate for AWS Solution Architect position possesses an open interest in a future customer, understand their business model, and recognize actual changes and challenges.
34. what are the relevant responsibilities of an AWS Solution Architect?
Answer: Describe relevant responsibilities, duties, and challenges for an AWS Solution Architect.
35. What is Geo Restriction in CloudFront?
Answer: Geo restriction, also known as geoblocking, is used to prevent users in specific geographic locations from accessing content that you’re distributing through a CloudFront web distribution.
36. How do you normally take AWS architecture requirements to design?
Answer: Describe your procedures and methodology for establishing relationships and how to understand business requirements from the customer.
37. What is a Serverless application in AWS?
Answer: The AWS Serverless Application Model (AWS SAM) extends AWS Cloud Formation to provide a simplified way of defining the Amazon API Gateway APIs, AWS Lambda functions, and Amazon DynamoDB tables needed by your serverless application.
38. What happens if my application stops responding to requests in beanstalk?
Answer: AWS Beanstalk applications have a system in place for avoiding failures in the underlying infrastructure. If an Amazon EC2 instance fails for any reason, Beanstalk will use Auto Scaling to automatically launch a new instance. Beanstalk can also detect if your application is not responding on the custom link, even though the infrastructure appears healthy, it will be logged as an environmental event( e.g a bad version was deployed) so you can take appropriate action.
39. Why AWS Architect Interview Questions?
Answer: For the 7th straight year, Gartner placed Amazon Web Services in the “Leaders” quadrant. Also, Forbes reported, AWS Certified Solutions Architect Leads the 15 Top Paying IT Certifications. Undoubtedly, AWS Solution Architect position is one of the most sought after amongst IT jobs.
We at Edureka are committed to helping you upgrade your career in sync with industry requirements. That’s why we have created a list of AWS Architect Interview questions and answers that will most probably get asked during your interview. If you’ve attended an AWS Architect interview or have additional questions beyond what we have covered, we encourage you to add them in the comments section below.
In the meantime, you can maximize the Cloud computing career opportunities that are sure to come your way by taking AWS Architect online training with svr.
The AWS Solution Architect Role: With regards to AWS, a Solution Architect would design and define AWS architecture for existing systems, migrating them to cloud architectures as well as developing technical road-maps for future AWS cloud implementations. So, in this AWS Architect interview questions blog, in every section, we will start with the basics and then move our way forward to more technical questions, for the best learning experience please refer the questions in sequence so that the concepts for the next question will be clear in the first.
40. You have a video transcoding application. The videos are processed according to a queue. If the processing of a video is interrupted in one instance, it is resumed in another instance. Currently, there is a huge back-log of videos which needs to be processed, for this you need to add more instances, but you need these instances only until your backlog is reduced. Which of these would be an efficient way to do it?
You should be using an On-Demand instance for the same. Why?
Answer: First of all, the workload has to be processed now, meaning it is urgent, secondly you don’t need them once your backlog is cleared, therefore Reserved Instance is out of the picture, and since the work is urgent, you cannot stop the work on your instance just because the spot price spiked, therefore Spot Instances shall also not be used. Hence On-Demand instances shall be the right choice in this case.
- When you use more than one Elastic IPs with your instance.
- When your Elastic IP is attached to a stopped instance.
- When your Elastic IP is not attached to any instance.
41. What are the different layers of cloud computing?
The three layers are:
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
42. How is a Spot instance different from an On-Demand instance or Reserved Instance?
Answer: First of all, let’s understand that Spot Instance, On-Demand instance, and Reserved Instances are all models for pricing. Moving along, spot instances provide the ability for customers to purchase compute capacity with no upfront commitment, at hourly rates usually lower than the On-Demand rate in each region. Spot instances are just like bidding, the bidding price is called Spot Price. The Spot Price fluctuates based on supply and demand for instances, but customers will never pay more than the maximum price they have specified. If the Spot Price moves higher than a customer’s maximum price, the customer’s EC2 instance will be shut down automatically. But the reverse is not true, if the Spot prices come down again, your EC2 instance will not be launched automatically, one has to do that manually. In Spot and On-demand instance, there is no commitment for the duration from the user side, however in reserved instances one has to stick to the time period that he has chosen.
43. Can I vertically scale an Amazon instance? How do you do it?
Answer: Yes. Spinup a new larger instance than the one you are running, then pause that instance to detach the root ebs volume from this server and discard. After that, stop the live instance and detach its root volume. Note the unique device ID and attach that root volume to the new server, and start again. This way you will have scaled vertically.
44. What is the type of architecture, where half of the workload is on the public load while at the same time half of it is on the local storage?
Hybrid cloud architecture.
45. Should encryption be used for S3?
Encryption should be considered for sensitive data as S3 is a proprietary technology.
46. What are the various AMI design options?
Answer: Fully Baked AMI, JeOS (just enough operating system) AMI, and Hybrid AMI.
47. What is a Serverless application in AWS?
Answer: The AWS Serverless Application Model (AWS SAM) extends AWS CloudFormation to provide a simplified way of defining the Amazon API Gateway APIs, AWS Lambda functions, and Amazon DynamoDB tables needed by your serverless application.
48. Now how will these states help in that?
Answer: If a core is put into sleep state it will reduce the overall temperature of the processor and hence other cores can perform better. Now the same can be synchronized with other cores so that the processor can boost as many cores it can by timely putting other cores to sleep, and thus get an overall performance boost.
Concluding, the C and P state can be customized in some EC2 instances like the c4.8xlarge instance and thus you can customize the processor according to your workload.
49. To deploy a 4 node cluster of Hadoop in AWS which instance type can be used?
Answer: First, let’s understand what actually happens in a Hadoop cluster, the Hadoop cluster follows a master-slave concept. The master machine processes all the data, slave machines store the data and act as data nodes. Since all the storage happens at the slave, a higher capacity hard disk would be recommended and since master does all the processing, a higher RAM and a much better CPU is required. Therefore, you can select the configuration of your machine depending on your workload. For e.g. – In this case, c4.8xlarge will be preferred for master machine whereas for slave machine we can select i2.large instance. If you don’t want to deal with configuring your instance and installing Hadoop cluster manually, you can straight away launch an Amazon EMR(Elastic Map Reduce) instance which automatically configures the servers for you. You dump your data to be processed in S3, EMR picks it from there, processes it, and dumps it back intoS3.
50. Where do you think an AMI fits, when you are designing an architecture for a solution?
Answer: AMIs(Amazon Machine Images) are like templates of virtual machines and an instance is derived from an AMI. AWS offers pre-baked AMIs which you can choose while you are launching an instance, some AMIs are not free, therefore can be bought from the AWS Marketplace. You can also choose to create your own custom AMI which would help you save space on AWS. For example, if you don’t need a set of software on your installation, you can customize your AMI to do that. This makes it cost-efficient since you are removing the unwanted things.