This document provides 50 frequently asked AWS interview questions and answers to help prepare for AWS interviews. Some of the key topics covered include explaining AWS components and services like S3, EC2, VPC, IAM, CloudWatch, and more. Detailed explanations are provided for concepts like AMI, instances, security best practices, load balancers, auto-scaling, and other important AWS services.
2. www.infosectrain.com sales@infosectrain.com
The recent decades have witnessed a significant change in the work
environment of organizations and businesses around the world. The
Technological advancements and the pioneering of Cloud and cloud computing
platforms have been a considerable thrust behind this growth. At present,
most businesses are utilizing or are intending to utilize Cloud Computing for
their operations, which have led to a gigantic surge in the need for cloud
experts.
There are many Cloud service providers in the market. But AWS has emerged
as a leading and fastest-growing cloud service provider dominating the cloud
marketplace by holding the largest share. It has become the most desirable
cloud service providers for all enterprises, irrespective of their size and
capacity. This rising popularity of AWS has created excellent opportunities for
professionals willing to make a career in the AWS cloud space. However, to
kick start your career as an AWS professional, you need to ace up the interview
process.
Here are the most frequently asked AWS interview questions and answers to
assist you in cracking the AWS interviews.
3. www.infosectrain.com sales@infosectrain.com
Q1: Explain AWS and mention its main components?
Answer: AWS, also known as Amazon Web Services, is the leading Cloud
Computing Platform in the market. It offers reliable, scalable, and affordable
Cloud computing services to individuals, companies, and organizations. It
follows a pay-as-you-go pricing model, so you only pay for the services you use.
There are many components of AWS, but the main components are:
• Compute Services
• Server less Computing
• Amazon Cluster
• Storage Services
• Database Services
• Management and Security
• Networks
• Analytics
• Application Services
• Implementation and Management
• Mobile Services
Q2: Explain AMI, and how is it related to the instance?
Answer: AMI, an abbreviation of Amazon Machine Image, contains
fundamental information needed to launch an instance, and it is a copy of AMI
operating in the Cloud.
An AMI allows you to download as many instances as you want. Instances are
virtual servers in the AWS cloud. The instance type defines the hardware of the
host computer. All instances are different and offer abilities in computational
and storage skills.
4. www.infosectrain.com sales@infosectrain.com
Q3: What does an AMI consist of?
Answer: An AMI mainly consists of the following components:
• A template that is the root volume for the AWS instances (example,
application server, operating system, or web application)
• Launch permissions that ensure which AWS account can use this AMI to set
up an instance
• Block device mapping specifying the root device volumes that are attached
to the AWS instance after launch.
Q4: Mention the types of AMI offered by AWS.
Answer: The two kinds of AMIs provided by AWS are:
• EBS backed
• Instance store backed
Q5: What is Amazon S3?
Answer: Amazon S3, also called Simple Storage Service, is an object storage
service that can be used to store and recover any amount of data from
anywhere and anytime on the web. It provides the same access to the
developers of highly scalable, reliable, fast, inexpensive data storage
infrastructure that are used by Amazon to run its global network of websites.
Q6: Explain Glacier.
Answer: Amazon Glacier is one of the most crucial services provided by AWS. It
is an online web storage service that offers low cost and effective storage
along with security features for archive and data backup. You can use Glacier
to store the information effectively for months, years, or even decades.
5. www.infosectrain.com sales@infosectrain.com
Q7: Define EIP.
Answer: EIP is the Elastic IP address (EIP). It is a static Ipv4 address provided by
AWS to maintain dynamic cloud computing services. If you want a static IPv4
address for your instance, you must connect your AWS account with EIP to be
correlated with the EIP, facilitating communication with the internet.
Q8: What is Redshift?
Answer: Redshift is a big data product that is used as a data warehouse in the
Cloud. It is the fast, reliable, and robust product of a big data warehouse.
Q9: How will you explain SNS?
Answer: Amazon SNS stands for Simple Notification Service that is a web
service provided by AWS. It facilitates the management and delivery of
messages or notifications to the users and clients from any cloud platform.
There are two types of clients in SNS, known as Subscribers and Publishers.
Publishers’ job is to create and send a message to the subscriber instance via
the communication channels. In contrast, the Subscribers receive the
publisher’s notification over one of the supported protocols such as Amazon
SQS, HTTP, and Lambda.
Q10: How will you define CloudFront?
Answer: CloudFront is a content delivery network provided by AWS. It is a fast
content delivery network (CDN) service that safely transmits data, applications,
and APIs to customers worldwide with low latency, high transfer speeds, all
within a developer-friendly environment. AWS offers CDN for less price, and it
is best suitable for startups.
6. www.infosectrain.com sales@infosectrain.com
Q11: How will you differentiate between DynamoDB and SimpleDB?
Answer: DynamoDB is a flexible and efficient database model available in
Amazon web services for you to have a flexible and faster NoSQL database.
While SimpleDB is one of AWS’s Amazon services, it is a distributed database
and a highly available NoSQL data store that offloads database administrators’
work.
Q12: Explain VPC and VPC peering connection.
Answer: VPC, also known as Virtual Private Cloud (VPC), enables you to launch
AWS resources into the virtual network. It allows users to design and
customize network configurations as per their business requirements.
VPC peering connection is a networking connection that creates connections
among the VPCs with one another. It allows the route traffic between two
VPCs using IPv6 and Ipv4 addresses. Instances within the VPCs act as they are
in the same network.
Q13: What is Amazon EC2 Root Device Volume?
Answer: The root device volume is used to boot the instance that contains the
image when the developer launches an instance. When a developer introduces
the Amazon EC2, all AMIs are propped up by an Amazon EC2 instance store.
Q14: Explain the procedure to send a request to Amazon S3?
Answer: S3 in Amazon is a REST service, and you can send requests by using
the AWS SDK or REST API wrapper libraries.
7. www.infosectrain.com sales@infosectrain.com
Q15: What is a T2 instance?
Answer: T2 instance is one of the low-cost Amazon instances that provide a
baseline CPU performance level.
Q16: What is Amazon SQS? Name the types of queues in SQS?
Answer: Amazon SQS is a Simple Queue Service whose job is to manage the
message queue. You can use this service to move the data or message from
one application to another even though it is not in the active or running state.
SQS can send messages among multiple services, including S3, DynamoDB, EC2
Instance, and it also uses the Java message queue service to deliver the
information. A message can be visible in the SQS queue for up to 12 hours.
The two types of queues in SQS are:
Standard Queues: Standard queues are the default queue type. It offers an
unlimited number of transactions per second and the option of delivering a
message once.
FIFO Queues: FIFO queues are designed to ensure that the order of messages
is received and sent strictly preserved as in the exact order they were sent.
Q17: What are the regions and availability zones in Amazon EC2?
Answer: The Amazon web service has a comprehensive infrastructure that is
spread worldwide and split into availability zones and regions. Each region is
fractionated into a geographic area, and it has many isolated locations called
availability zones.
8. www.infosectrain.com sales@infosectrain.com
Q18: Mention the types of instances available.
Answer: There are five types of instances:
• General-purpose
• Storage optimized
• Accelerated computing
• Computer-optimized
• Memory-optimized
Q19: What are the best security practices for Amazon EC2?
Answer: The best security practices for Amazon EC2 that must be followed are:
• Security and network
• Storage
• Resource Management
• Recovery and Backup
Q20: Mention the possible connection issues one might face while
connecting to your instance.
Answer: One can face the following connection issues while connecting to an
instance:
• Error: User key not recognized by the server
• Error: Permission denied, or Authentication failed
• Error: Connection timed out
• Error: Unprotected private key
9. www.infosectrain.com sales@infosectrain.com
Q21: Define key-pairs in AWS.
Answer: Amazon EC2 uses both public and private keys to encrypt and decrypt
the login information referred to as key-pairs. The sender avails a public key to
encrypt the data, and the receiver uses a private key to decrypt the data. The
public key allows you to securely ingress the instance, while a private key can
be used as a substitute for a password.
Q22: Explain Elastic Beanstalk and its benefits.
Answer: Elastic Beanstalk, also called EBS, is one of the best services offered by
AWS for deploying and managing applications that compose various AWS
services, including EC2, S3, Simple Notification Service, CloudWatch,
autoscaling, and Elastic Load Balancers. It supports the applications developed
in various languages such as Java, .Net, Node.js, PHP, Ruby, and Python.
Elastic Beanstalk has many benefits, such as:
• Easy and simple: Elastic Beanstalk allows you to manage and implement
the application quickly and efficiently.
• Autoscaling: Beanstalk scales up or down when the application traffic
increases and decreases.
• Developer productivity: Developers can deploy the application without any
prior knowledge. The application must be maintained in a safe and user-
friendly way.
• Cost-effective: There are no charges for using Beanstalk. The only Charges
you have to pay is for the AWS service resources used by your application.
• Customization: Elastic Beanstalk allows users to select or make changes in
the AWS service configurations that users want to use for the development
of applications.
• Management and updates: Elastic Beanstalk updates the application when
it changes the platform. AWS professionals manage the infrastructure and
platform update.
10. www.infosectrain.com sales@infosectrain.com
Q23: Define NAT gateways.
Answer: NAT, also referred to as Network Address Translation, enables
instances to connect with the internet and other services of AWS in a private
subnet. NAT averts the internet from having an initial connection with the
instances.
Q24: How will you define ELB?
Answer: ELB, an abbreviation of Elastic Load Balancer, is a load balancing
service provided by AWS. It distributes incoming resources and controls the
application traffic to meet traffic demands.
Q25: Explain the types of load balancers in EC2.
Answer: The three types of load balancers in EC2 are:
Application Load Balancer: The application load balancer is designed in such a
way that it makes routing decisions at the application layer. It also supports
dynamic host port mapping and path-based routings.
Network Load Balancer: Network load balancer is designed in such a way that
it makes routing decisions at the transport layer. It handles millions of requests
per second. NLC uses the flow hash routing algorithm to select the target from
the groups after receiving a connection from the load balancer.
Classic Load Balancer: Classic load balancer is designed in such a way that it
makes routing decisions either at the application layer or transport layer. It
requires a fixed relationship between the container instance port and the load
balancer port.
11. www.infosectrain.com sales@infosectrain.com
Q26: Explain Application Load Balancer.
Answer: An Application Load Balancer functions at the seventh layer of the
Open Systems Interconnection (OSI) model that is the application layer. After
the load balancer gets a solicitation, it assesses the listener rules in need
request to figure out which rule to apply. Afterward, it chooses a target from
the target group for the rule action.
Q27: Explain the working and benefits of a Server Load Balancer.
Answer: The server load balancer works on the following two approaches:
• Transport level load balancing: It is a DNS-based approach that acts
independently of the application payload.
• Application-level load balancing: It uses a traffic load to make balancing
decisions, such as with windows server load balancing.
The benefits of server load balancer are:
• Increases scalability
• Redundancy
• Maintenance and performance
Q28: Describe the process to secure the data for carrying in the cloud.
Answer: The things that must be considered while carrying the data are:
• No one must resize data while it is moving from one point to another.
• There must not be any leakage with the security key from the multiple
storerooms in the cloud.
• To secure the data in the cloud, one must divide the information into
different types and encrypt it into valid methods.
12. www.infosectrain.com sales@infosectrain.com
Q29: Mention the services models in Cloud computing.
Answer: The three service models in cloud computing is as follows:
SaaS: Software as a Service
PaaS: Platform as a Service
IaaS: Infrastructure as a Service
Q30: What are the layers available in Cloud Architecture?
Answer: We have five different types of layers available, which are:
• SC- Storage controller
• CC- cluster controller
• NC- Node controller
• Walrus
• CLC- cloud controller
Q31: Define Reserved Instances.
Answer: Reserved instances are a discount billing notion in which businesses
can receive massive discounts compared to the standard “On Demand” cloud
computing prices in an account for committing to a specified level of usage.
However, the conditions under which a Reserved Instances discount is granted
differ from provider to provider.
Q32: How will you define Cloud Watch and mention its types?
Answer: Cloud Watch is a tool in Amazon Web services that helps you monitor
your organization’s different resources. You can take a look at various things
like health, applications, network, etc.
There are two types of cloud watches:
• Essential Monitoring
• Detailed Monitoring.
13. www.infosectrain.com sales@infosectrain.com
Q33: Mention the Cloud Watch metrics available for EC2 Instance.
Answer: These are the metrics available for EC2 instance:
• Disk reads
• CPU utilization
• Network PacketsOut
• Network PacketsIn
• CPUCreditUsage
• Disk writes
• NetworkOut
Q34: What are the minimum and maximum sizes of the individual objects
you can store in S3?
Answer: The minimum size of the object you can store in S3 is 0 bytes, and the
maximum length of an object that you can save is 5TB.
Q35: Introduce the various storage classes available in S3.
• The storage classes available in S3 are as follows:
• Standard frequency accessed
• One-zone infrequency accessed
• RRS – reduced redundancy storage
• Standard infrequency accessed
• Glacier
• Glacier Deep Archive
Q36: State the methods to encrypt the data in S3.
Answer: The available methods for encrypting the data in S3 are mentioned
below:
• Client-Side Encryption
• Server-Side Encryption – S3
• Server-Side Encryption – KMS
14. www.infosectrain.com sales@infosectrain.com
Q37: How is the pricing of S3 decided?
Answer: The pricing for S3 is decided based on:
• Data transfer
• Storage used
• Number of requests
• Transfer acceleration
• Storage management
Q38: Does Amazon VPC support the property of broadcast or multicast?
Answer: No, Amazon VPC does not support the property of broadcast or
multicast.
Q39: How many IP addresses does the AWS account allow?
Answer: Each AWS account can have 5 elastic addresses by default
Q40: How will you define Edge Location?
Answer: An edge location is where end-users access services located at AWS. It
is the place where the actual content is cached for use with CloudFront CDN. A
user can find the content being searched at the Edge Location.
Q41: Define Snowball.
Answer: Snowball is used to transfer data in AWS. The data can be transferred
into AWS and out of it with the help of snowball. It helps us in transporting a
massive amount of data from the source to the destination. It also lowers the
networking expense.
15. www.infosectrain.com sales@infosectrain.com
Q42: Mention the advantages of auto-scaling.
Answer: The advantages of autoscaling are:
• Better availability
• Better cost management
• High fault-tolerant
Q43: Explain the subnet and mention the number of subnets we can have per
VPC.
Answer: Subnets are the small chunks created by splitting a considerable
amount of IP addresses. You can have 200 subnets per VPC.
Q44: Define AWS CloudTrail.
Answer: An AWS service that helps you enable logging, governance, risk
auditing, and compliance of your AWS account can be referred to as AWS
CloudTrail. It records events when actions are taken by the role, user, or an
AWS service. Events include when measures are taken by AWS command-line
interface, AWS management console, APIs, and AWS SDKs.
Q45: How will you explain Elasticache?
Answer: Elasticache can be defined as a web service that proffers the path
more effortlessly to deploy and save the data in the cloud quickly.
Q46: How much boot time does an instance stored-backend AMI take?
Answer: The boot-time for the instance stored-backend AMI is less than 5
minutes.
16. www.infosectrain.com sales@infosectrain.com
Q47: Introduce the key features of Amazon Cloud Search.
Answer: The key features of Amazon cloud search are as follows:
• Prefixes Searches
• Enter text search
• Boolean searche
• Range searches
• Autocomplete Advice
Q48: What is AWS Lambda?
Answer: AWS Lambda is a serverless computational service that permits you to
run code without keeping up any servers. It naturally executes the code
whenever required. You are needed to pay for the time that you have utilized
it for. Lambda empowers you to run the code virtually for any application
without managing any servers.
Q49: Define Amazon EMR.
Answer: Amazon EMR is a trained cluster platform that explains running big
data frameworks with the tools, such as Apache Hadoop and Apache Spark, on
AWS to process and identify the massive amounts of data. One can use the
data for making analytical goals through apache hive and other relevant open
source technologies.
17. www.infosectrain.com sales@infosectrain.com
Q50: Explain Security Group.
Answer: Security Groups are the virtual firewalls that control the in and out
traffic to instances. They enable you to manage traffic based on several
perspectives, such as protocol, port, and source destination.