AWS interview questions and answers

Please find questions and answers of AWS cloud

Q1) What is AWS?

Answer: AWS stands for Amazon Web Services. AWS is a platform that provides on-demand resources for hosting web services, storage, networking, databases and other resources over the internet with a pay-as-you-go pricing.

Q2) What is the relation between AMI and Instance?

Instances can be launched by AMIs. One AMI can launch as many instances as required. An instance type defines the hardware of the host computer including information about computers and its memory abilities. After launching an instance, it works as a traditional host and could be interacted with as with any other computer..

Q3) What are key-pairs?

Answer:Key-pairs are secure login information for your instances/virtual machines. To connect to the instances we use key-pairs that contain a public-key and private-key.

Q4) What is S3?

Answer:S3 stands for Simple Storage Service. It is a storage service that provides an interface that you can use to store any amount of data, at any time, from anywhere in the world. With S3 you pay only for what you use and the payment model is pay-as-you-go.

Q5) What are the pricing models for EC2instances?

Answer:The different pricing model for EC2 instances are as below, • On-demand • Reserved • Spot • Scheduled • Dedicated

Q6) Can we recover the EC2 instance when we have lost the key?

If you have lost the key pair used to authenticate with an EC2 instance, you cannot recover or regain access to the instance using that key.

However, you can still regain access in several ways: -

• Recover the Original Key Pair: If you have a backup of the private key or can retrieve the lost key, you can regain access by replacing the key pair.
• Create a New EC2 Instance: If you can't recover the original key pair, you can create an AMI of the instance and launch a new one with a new key pair.
• Access via Instance Metadata (Linux Instances): In some cases, for Linux instances with IAM roles, you may access the instance using instance metadata and the public key.

It’s crucial to emphasize the importance of proactive key management and maintaining backups to prevent such access issues.

Q7) What are EBS volumes?

Answer:EBS stands for Elastic Block Stores. They are persistent volumes that you can attach to the instances. With EBS volumes, your data will be preserved even when you stop your instances, unlike your instance store volumes where the data is deleted when you stop the instances.

Q8) How to upgrade or downgrade a system with zero downtime?

Upgrading or downgrading a system with zero downtime can be achieved by implementing certain strategies and best practices. Here’s a high-level approach:

1. Load Balancer: Set up a load balancer to distribute traffic across multiple instances or nodes. This allows for seamless traffic redirection during the upgrade/downgrade process.
2. Multiple Environments: Create multiple environments (e.g., staging, production) to perform the upgrade/downgrade process. Direct traffic to the unaffected environment while upgrading/downgrading the other.
3. Blue/Green Deployment: Implement a blue/green deployment strategy where the new version (green) is deployed alongside the existing version (blue). Gradually switch traffic from the blue environment to the green environment.
4. Database Replication: Use database replication techniques to create a second instance with the upgraded/downgraded version. Sync the database changes and switch the application to use the updated database without downtime.
5. Rolling Upgrades: Perform rolling upgrades, where you update one instance or component at a time, ensuring the application remains available throughout the process.
6. Health Checks and Monitoring: Implement health checks to ensure the system’s availability and monitor the process closely for any issues. Roll back immediately if anomalies are detected.

Q9) What are the different types of instances?

Answer: Following are the types of instances, • General purpose • Computer Optimized • Storage Optimized • Memory Optimized • Accelerated Computing

Q10) What is an auto-scaling and what are the components?

Answer: Auto scaling allows you to automatically scale-up and scale-down the number of instances depending on the CPU utilization or memory utilization. There are 2 components in Auto scaling, they are Auto-scaling groups and Launch Configuration.

Q11) What is AWS Lambda and how does it work?

AWS Lambda is a Serverless computing service that allows you to run your code without provisioning or managing servers.

It follows an event-driven model, where your code is executed in response to events from various AWS services or custom triggers.

Lambda functions can be written in several programming languages and can be designed to handle specific events or perform specific tasks.

Lambda functions scale automatically and can run in parallel, ensuring high availability and efficient resource utilization. With Lambda, you pay only for the compute time consumed by your code.

Q12)What is an AMI?

Answer: AMI stands for Amazon Machine Image. AMI is a template that contains the software configurations, launch permission and a block device mapping that specifies the volume to attach to the instance when it is launched.

Q13) What is an EIP?

Answer: EIP stands for Elastic IP address. It is designed for dynamic cloud computing. When you want to have a static IP address for your instances when you stop and restart your instances, you will be using EIP address.

Q14) What is Cloudwatch?

Answer: Cloudwatch is a monitoring tool that you can use to monitor your various AWS resources. Like health check, network, Application, etc.

Q15) Explain VPC (Virtual Private Cloud) and its components.

VPC is a virtual network dedicated to your AWS account, providing a logically isolated section of the AWS cloud. It allows you to define a virtual network environment, including IP addressing, subnets, routing tables, security groups, and network gateways. The key components of a VPC include:

• Subnets: Segments of IP addresses within the VPC where resources can be provisioned.
• Route Tables: Define the rules for routing network traffic between subnets and the internet.
• Internet Gateway: Allows communication between instances in the VPC and the internet.
• NAT Gateway: Enables instances within private subnets to access the internet while remaining secure.
• Security Groups: Act as virtual firewalls to control inbound and outbound traffic to instances.
• Network Access Control Lists (NACLs): Additional layer of network security at the subnet level.

Q16) What are the cloudwatch metrics that are available for EC2 instances?

Answer: Diskreads, Diskwrites, CPU utilization, networkpacketsIn, networkpacketsOut, networkIn, networkOut, CPUCreditUsage, CPUCreditBalance.

Q17) What is the minimum and maximum size of individual objects that you can store in S3

Answer: The minimum size of individual objects that you can store in S3 is 0 bytes and the maximum bytes that you can store for individual objects is 5TB.

Q18) What is the purpose of making subnets?

Subnets are designed to divide a large network into smaller networks. It will help reduce congestion by routing traffic which increases substantially.

Q19) Explain the AWS services — you have used and how they communicate?

You can explain about this diagram — To know about each service — You can refer my another page.

Q20)What are edge locations in AWS?

Edge locations in AWS are data centers that deliver as low a latency as possible, i.e., these data centers are physically close to the client. When a user tries to access content, the searches automatically search in the edge location for the fastest responses.

Q21)What is the IGW and NAT?

Its highly available VPC component that allows communication between instances in the VPC and the Internet.An Internet gateway serves two purposes:

• To provide a target in the VPC route tables for Internet-routable traffic,
• To perform network address translation (NAT) for instances that have been assigned public IP addresses.

NAT — device enables instances in a private subnet to connect to the Internet or other AWS services, but prevents the Internet from initiating connections with the instances.

Q22)What is the difference between stopping and terminating an instance?

Both stopping and terminating are states in an EC2 instance:

Stopping: As soon as an instance is stopped, it performs a normal shutdown and transitions to a stopped state. You can start the instance at a later time and all of its Amazon EBS volumes remain attached.

Terminating: As soon as an instance is terminated, it performs a normal shutdown and transitions to the terminated state. The attached Amazon EBS volumes are deleted, when the volume’s deleteOnTermination attribute is set to false. As the instance itself is deleted, it is not possible to start the instance again at some later time.

Q23)Explain the difference between elasticity from scalability?

Elasticity : The ability of a system to handle an increase in the workload by simply adding hardware resources when demand rises, and rolling back scaled resources when there’s no demand.
Scalability : ability of a system to increase the hardware resources for handling an increase in demand. It can be achieved by either increasing the hardware specs or increasing the number of processing nodes.

Q24)Difference between NACL and SG?

Q24)How does AWS Identity and Access Management (IAM) play a role in securing DevOps workflows?

Answer: AWS IAM enables fine-grained control over who can access AWS resources and what actions they can perform. In DevOps, IAM policies can be used to grant developers and operations teams the necessary permissions for specific tasks while ensuring overall security. This ensures the principle of least privilege and helps prevent unauthorized access to critical resources.

Q25)Explain the role of AWS CloudTrail.

AWS CloudTrail is a service designed for monitoring and auditing actions of API calls. With AWS CloudTrail, the user can monitor and retain account activity connected with actions covering the AWS infrastructure.

Q26)Name the database types in RDS.

The following are the types of databases in RDS:

• MYSQL server
• PostgreSQL
• SQL Server
• Aurora
• Oracle
• MariaDB

Good to Know — Must Read for Basic Understanding of Clouds

Different types of cloud computing?

There are three main types of cloud computing offered as services by the service providers..

• Infrastructure as a Service (IaaS) provides basic building blocks such as virtual or dedicated hardware in the form of computers, data storage space as well as networking access in the form of IT infrastructure.
• Platform as a Service (PaaS) offers managing hardware and operating systems for the customers and focusing on deploying their products.
• Software as a Service (SaaS) offers complete management of end-user applications along with management of infrastructure supporting these applications.

What are the benefits for moving into cloud computing?

• Scalability: Cloud allows scale up or down based on usage, you only need to pay per use for the computing and storage perspective.
  • Reliability: Cloud providers offer the reliability of their infrastructure up to nearly 100%, with provision for multiple levels of redundancy and backups in case it is needed.
  • Security: Most cloud providers are compliant with industry-level security protocols like HIPAA, PCI, offer access restrictions to applications and systems at multiple levels and monitoring services at a very granular level to trigger alarms.
  • Cost Efficiency: Moving to the cloud for startup companies offers benefits of cost savings by differing from investing in expensive servers, managing, and maintaining them. Every month, companies have to pay only for the computing power and storage that are utilized by them during the month.

Explain about the SNS, SQS and SES services?

• Amazon Simple Notification Service (SNS) is fully managed, secured, available messaging services by AWS that help decouple server less applications, micro-services, and distributed systems. SNS can be started within minutes from either AWS management console, command-line interface, or software development kit.
  • Amazon Simple Queue Service (SQS) is a fully managed message queues for server less applications, micro-services, and distributed systems. The advantage of SQS FIFO guarantees single time processing and exact order sent by this kind of messaging service.
  • Amazon Simple Email Service (SES) offers sending and receiving email services for informal, notify, and marketing correspond
  ence via email for their cloud customers through SMTP interface.

Hope it helps..!

Thank you for reading so far! Before you go:

• 👏 Clap for the story if it helped :)
• 📰 View more content from me https://medium.com/@clouddevsecops