Top 42+ AWS Interview Questions And Answers 2019

Top 42+ AWS Interview Questions And Answers: Here are the top interview questions of AWS. Be prepared for the interview. You can download the entire questions in a pdf format. so guys All the best for your interview.

1) What is AWS?

AWS stands for Amazon Web Services. It is a service which is provided by the Amazon that uses distributed IT infrastructure to provide different IT resources on demand. It provides different services such as an infrastructure as a service, platform as a service, and software as a service.

2) What are the components of AWS?

The following are the main components of AWS are:

Simple Storage Service: S3 is a service of AWS that stores the files. It is object-based storage, i.e., you can store the images, word files, pdf files, etc. The size of the file that can be stored in S3 is from 0 Bytes to 5 TB. It is an unlimited storage medium, i.e., you can store the data as much you want. S3 contains a bucket which stores the files.

Elastic Compute Cloud: Elastic Compute Cloud is a web service that provides resizable compute capacity in the cloud. You can scale the compute capacity up and down as per the computing requirement changes. It changes the economics of computing by allowing you to pay only for the resources that you actually use.

Elastic Block Store: It provides a persistent block storage volume for use with EC2 instances in aws cloud. EBS volume is automatically replicated within its availability zone to prevent component failure. It offers high durability, availability, and low-latency performance required to run your workloads.

CloudWatch: It is a service which is used to monitor all the AWS resources and applications that you run in real time. It collects and tracks the metrics that measure your resources and applications.

Identity Access Management: It is a service of aws used to manage users and their level of access to the aws management console. It is used to set users, permissions, and roles. It allows you to grant permission to the different parts of the aws platform.

Simple Email Service: Amazon Simple Email Service is a cloud-based email sending service that helps digital marketers and application developers to send marketing, notification, and transactional emails. This service is very reliable and cost-effective for the businesses of all the sizes that want to keep in touch with the customers.

Route53: It is a highly available and scalable DNS (Domain Name Service) service. It provides a reliable and cost-effective way for the developers and businesses to route end users to internet applications by translating domain names into numeric IP addresses.

3) What are Key-pairs?

An Amazon EC2 uses public key cryptography which is used to encrypt and decrypt the login information. In public key cryptography, the public key is used to encrypt the information while at the receiver’s side, a private key is used to decrypt the information.

4) What is S3?

S3 is a storage service in aws that allows you to store the vast amount of data.

5) What are the pricing models for EC2 instances?

There are four pricing models for EC2 instances:

On-Demand instance

On-Demand pricing is also known as pay-as-you-go. Pay-as-you-go is a pricing model that allows you to pay only for those resources that you use.

On-Demand instances are used for those applications which have been developed or tested on EC2 for the first time.

Reserved instance

Reserved instance is the second most important pricing model that reduces the overall cost of your AWS environment by making an upfront payment for those services that you know will be used in the future.

Spot instance

Spot instances consist of unused capacity which is available at a highly discounted rate.

Dedicated Hosts
It is a physical EC2 server which is dedicated for your use. It reduces the overall costs by providing you a VPC that comprise of dedicated hardware.

6) Can Amazon Instance be vertically scaled? If yes, how?

Answer: Yes, it is very much possible to vertically scale an Amazon Instance. Here’s how:

  1. Form and twist a fresh massive instance on top of the currently governing instance.
  2. Make an attempt to delay the current instance and separate the source web mass of dispatch and server.

7) Name the basic components of Amazon Web Services.

Answer: Top 42+ AWS Interview Questions And Answers: Amazon Web Services or AWS consists of 4 main components that are as listed below:

  • Amazon S3:
  • Amazon EC2 instance:
  • Amazon SimpleDB:
  • Amazon SQS:

8) Define Amazon EC2.

Answer: This is one of the most basic and frequently asked EC2 based Amazon AWS interview questions and can be explained in very simple terms.

Amazon EC2 service is the acronym for Amazon Elastic Compute Cloud which has been designed to provide its customers with resizable and scalable computing capacity when they are using the cloud. Using the service of Amazon EC2, a client is able to launch as many virtual servers as he wants.

9) List out all the best security practices for AWS EC2.

Answer: As a client who is using the service of Amazon EC2, there are some security best practices that need to be followed at all times. The same is as outlined below.

  • Use the AWS identity and access management to control and limit access to all your AWS resources at all times.
  • You should only allow trusted networks and hosts to have access to all ports to the instance.
  • Regularly review all the groups on your security schedule regularly.
  • Only allow permission to the ports that are utmost required.

10) Explain Stopping, Starting, and Terminating an Amazon EC2 instance.

Answer: Stopping and Starting an instance is the most common commands used on the Amazon EC2 platform. Questions based on these commands are considered one of the best AWS interview questions. Mentioned below is the explanation of the commands.

11) Explain what T2 instances is?

Top 42+ AWS Interview Questions And Answers: T2 instances are designed to provide moderate baseline performance and the capability to burst to higher performance as required by the workload.

12) In VPC with private and public subnets, database servers should ideally be launched into which subnet?

With private and public subnets in VPC, database servers should ideally launch into private subnets.

13) Mention what the security best practices for Amazon EC2 are?

For secure Amazon EC2 best practices, follow the following steps

  • Use AWS identity and access management to control access to your AWS resources
  • Restrict access by allowing only trusted hosts or networks to access ports on your instance

14) Explain how the buffer is used in Amazon web services?

Top 42+ AWS Interview Questions And Answers: The buffer is used to make the system more robust to manage traffic or load by synchronizing different component.

15) While connecting to your instance what are the possible connection issues one might face?

The possible connection errors one might encounter while connecting instances are

  • Connection timed out
  • User key not recognized by the server
  • Host key not found, permission denied
  • An unprotected private key file.

16) Can a AMI be shared?

Yes, an AMI can be shared.

17) What is an EIP?

EIP (Elastic IP address) is a service provided by an EC2 instance. It is basically a static IP address attached to an EC2 instance. This address is associated with your AWS account, not with an EC2 instance.

Let’s understand the concept of EIP through an example:

Suppose we consider the website points to the instance which has a public IP address. When the instance is restarted, then AWS takes another public IP address from the pool and the previous public IP address is no longer valid. Due to this reason, the original link is no longer available between the website and EC2 instance.

18) What are the different storage classes in S3?

Storage classes are used to assist the concurrent loss of data in one or two facilities. Each object in S3 is associated with some storage class. Amazon S3 contains some storage classes in which you can store your objects. You can choose a storage class based on your requirements and these storage classes offer high durability.

19) How can you secure the access to your S3 bucket?

S3 bucket can be secured in two ways:

  • ACL (Access Control List)
    ACL is used to manage the access of resources to buckets and objects. An object of each bucket is associated with ACL. It defines which AWS accounts have granted access and the type of access.
  • Bucket Policies
    Bucket policies are only applied to the S3 bucket. Bucket policies define what actions are allowed or denied. Bucket policies are attached to the bucket, not to an S3 object but the permissions define in the bucket policy are applied to all the objects in S3 bucket.

20) What are policies and what are the different types of policies?

Top 42+ AWS Interview Questions And Answers: Policy is an object which is associated with a resource that defines the permissions. AWS evaluate these policies when the user makes a request. Permissions in the policy determine whether to allow or to deny an action. Policies are stored in the form of a JSON document.

AWS supports six types of policies:

  • Identity-based policies
  • Resource-based policies
  • Permissions boundaries
  • Organizations SCPs
  • Access Control Lists
  • Session policies

21) What is auto-scaling and how does it work?

Answer: Auto-scaling is one of the most important features that Amazon Web Service provides that gives you an allowance to configure and automatically stipulate and also twists new instances without even your intervention. This can be done by setting the edges and measurements to screen.

22) What is Server Load Balancing?

Answer: SLB (Server Load Balancing) provides the performance of the network and also it delivers the content by the implementation of a series of priorities as well as algorithms which helps in responding to the precise requests that are made to the network.

23) What is Global Server Load Balancing (GSLB) and does Clustering need to be turned on in order to use GSLB?

Answer: GSLB (Global Server Load Balancing) is very much similar to SLB (Server Load Balancing) but GSLB takes SLB to a global scale. It authenticates us to stack balance VIPs from various geographical locations as well as a single entity. From this, the geographic site gets scalability and fault tolerance.

part b) YES

24) What are the automation tools that can be used to spin up the servers?

Answer: Top 42+ AWS Interview Questions And Answers: The use of AWS API is the most prominent way to roll your own scripts. The scripts like this can be written in any language of one’s choice like bash or python. Another option is that we can use configuration management and also provisioning the tool like its puppet or it can be better when the successor Opcode Chef can be used.

25) What are those load balancing methods which are supported with array network GSLB and also explain Reverse Proxy Cache?

Answer: The following methods of Global Server Load Balancing are supported by Array appliance.

  1. Overflow: Overflow method allows all the requests to be sent to the different remote site when the local site id loaded up to 80%
  2. lc: “lc” here stands for Least Connections, it sends the clients to the site which has the least count of current connections.
  3. rr: “rr” here stands for Round Robin, it sends the clients in the round robin suction to each site.

26) What are the advantages of auto-scaling?

Following are the advantages of autoscaling

  • Offers fault tolerance
  • Better availability
  • Better cost management

27) What is meant by subnet?

A large section of IP Address divided into chunks is known as subnets.

28) Can you establish a Peering connection to a VPC in a different region?

No, It’s only possible between VPCs in the same region.

29) What is SQL?                                                          

Simple Queues Services also known as SQL. It is distributed queuing service which acts as a mediator for two controllers.

30) How many subnets can you have per VPC?

You can have 200 subnets per VPC.

31) What are the different database types in RDS?

Following are the different database types in RDS:

  • Amazon Aurora
    It is a database engine developed in RDS. Aurora database can run only on AWS infrastructure not like MySQL database which can be installed on any local device. It is a MySQL compatible relational database engine that combines the speed and availability of traditional databases with the open source databases.
  • Postgre SQL
    • PostgreSQL is an open source relational database for many developers and startups.
    • It is easy to set up, operate, and can also scale PostgreSQL deployments in the cloud.
  • MySQL
    • It is an open source relational database.
    • It is easy to set up, operate, and can also scale MySQL deployments in the cloud.
  • MariaDB
    • It is an open source relational database created by the developers of MySQL.
    • It is easy to set up, operate, and can also scale MariaDB server deployments in the cloud.
  • Oracle
    • It is a relational database developed by Oracle.
    • It is easy to set up, operate, and can also scale Oracle database deployments in the cloud.
  • SQL Server
    • SQL Server is a relational database developed by Microsoft.
    • It is easy to set up, operate, and can also scale SQL Server deployments in the cloud.

32) What is Redshift?

  • Redshift is a fast, powerful, scalable and fully managed data warehouse service in the cloud.
  • It provides ten times faster performance than other data warehouses by using machine learning, massively parallel query execution, and columnar storage on high-performance disk.

33) What is SNS?

Top 42+ AWS Interview Questions And Answers: SNS stands for Simple Notification Service. It is a web service that provides highly scalable, cost-effective, and flexible capability to publish messages from an application and sends them to other applications. It is a way of sending messages.

34) What are the different types of routing policies in route53?

Following are the different types of routing policies in route53:

  • Simple Routing Policy
    • Simple Routing Policy is a simple round-robin policy which is applied to a single resource doing the function for the domain, For example, the web server is sending the content to a website where the web server is a single resource.
  • Weighted Routing Policy
    • Weighted Routing Policy allows you to route the traffic to different resources in specified proportions. For example, 75% in one server, and 25% in another server.
  • Latency-based Routing Policy
    • Latent-based Routing Policy allows Route53 to respond to the DNS query at which data center gives the lowest latency.
  • Failover Routing Policy
  • Geolocation Routing Policy

35) What is the maximum size of messages in SQS?

The maximum size of message in SQS IS 256 KB.

36) Differences between Security group and Network access control list?

Security GroupNACL (Network Access Control List)
It supports only allow rules, and by default, all the rules are denied. You cannot deny the rule for establishing a connection.It supports both allow and deny rules, and by default, all the rules are denied. You need to add the rule which you can either allow or deny it.
It is a stateful means that any changes made in the inbound rule will be automatically reflected in the outbound rule. For example, If you are allowing an incoming port 80, then you also have to add the outbound rule explicitly.It is a stateless means that any changes made in the inbound rule will not reflect the outbound rule, i.e., you need to add the outbound rule separately. For example, if you add an inbound rule port number 80, then you also have to explicitly add the outbound rule.
It is associated with an EC2 instance.It is associated with a subnet.
All the rules are evaluated before deciding whether to allow the traffic.Rules are evaluated in order, starting from the lowest number.
Security Group is applied to an instance only when you specify a security group while launching an instance.NACL has applied automatically to all the instances which are associated with an instance.
It is the first layer of defense.It is the second layer of defense.

37) What are the two types of access that you can provide when you are creating users?

There are two types of access:

  • Console Access
    If the user wants to use the Console Access, a user needs to create a password to login in an AWS account.
  • Programmatic access
    If you use the Programmatic access, an IAM user needs to make an API calls. An API call can be made by using the AWS CLI. To use the AWS CLI, you need to create an access key ID and secret access key.

38) How can performance be improved in Lambda?

Answer: Top 42+ AWS Interview Questions And Answers: There are some of the methods by which performance can be improved in Lambda. You can improve the performance by using Linux software RAID and with the help of RAID, we can be assured of better security.

39) Define Automate Deployment.

Answer: This method is similar in many ways to programming in other languages. However, the unique advantages of this platform are that it helps in cutting down a lot of challenges.

40) List out the different ways to access EC2.

Answer: EC2 can be accessed both via web-based Interface and also Command Line Interface. Additionally, there are Powershell tools available in Windows which can be simply executed.

41) What are the advantages of using the serverless approach?

Answer: Using the serverless approach has multiple advantages. Mentioned below is a list of the same:

  • The approach is utterly simple which converts to quicker time to market and thus higher sales.
  • Clients are only required to pay when the code is in operation, thus a huge amount of money can be saved in enhanced profits.

42) Is it possible to debug and troubleshoot the small or microservices?

Answer: Yes, it is very much possible to debug and troubleshoot small as well as microservices. The unique feature enables it to be done even when appropriate tasks are being performed in the background.

Top 42+ AWS Interview Questions And Answers