AWS interview questions and answers
AWS interview questions and answers
Get ready to be hired – Latest AWS interview questions and answer for fresher and experienced that will help you to prepare for your interview in 2022.
Comprehensive AWS interview questions, preparation with these top AWS interview questions and answers and clear your interview.
Question 1 – What is AWS?
Answer – AWS stands for Amazon Web Services, Its a public cloud platform, it provides secure cloud solutions, a huge range of computing solutions, database storage, content delivery, etc. to help business. It also provides Iaas, PaaS, and SaaS. AWS provides Pay what you used, you don’t worry about any upfront cost to provide any physical server in your premise to host application.
Question 2 –What all the major services you have worked on.?
Answer – you can take the name you have worked on like Ec2, RDS, Route56, S3, CloudWatch, CloudFront, ECS, EKS, IAM, etc.
Question 3 – What is the major key components of AWS.
Answer – AWS key components are – Ec2(Elastic Cloud Computing), RDS(Relational Database Services), Route 53, IAM(Identity and Access Management), S3(Simple Storage Services), EBS(Elastic Block Storage), CloudWatch.
Ec2 Instance Questions
Question 4 – What is Ec2?
Answer – Ec2 stands for Elastic cloud computing, it provides secure, resizable computing resources for hosting applications in AWS Cloud. Ec2 Allow users to rent the virtual computing on Pay as you use model. You can launch any application whenever you needed without any upfront commitment.
Question 5 – On what basis you select your Architecture type 64-bit(x86) or 64-bit(ARM)?
Answer – 64-bit(x86) processor are standers desktop/server processor architecture. 64-bit(ARM) is a different processor it’s basically used in Mobile CPU. Processor Build on 64-bit(ARM) are basically Used in IoT devices (Raspberry Pi ) based application.
Question 6 – What all instances family in EC2?
Answer – AWS has a huge selection of Instances, it can be fitted with different uses cases based on uses.
- General Purpose – Balanced of computing service memory and network resources.
- Compute Optimized – high-performance processors.
- Memory-Optimized – its design to delivering fast performance
- Accelerated Computing – this includes graphics processing and hardware accelerators, co-processors.
- Storage Optimized – designed for high sequential read and write operation on a very large dataset on local storage.
Question 7 – How many instances we can launch in a region?
Answer – 20 instances.
Question 8 – What is FPGA and GPU instance?
Answer – GPU-based instances provide access to NVIDIA GPUs with thousands of compute cores. You can use GPU-based accelerated computing instances to accelerate scientific, engineering, and rendering applications. FPGA-based instances are very capable to provide parallel computing its suitable for genomics, financial analysis, real-time video processing, big data analysis, and security workloads by leveraging custom hardware accelerations.
Question 9 – Can 1 subnet have more than 1 AZ(Availability Zone).
Answer – No, one subnet means the chunk of IP address the pool of IP addresses that cannot expand across availability zone. multiple subnets can be in a single subnet, for example, there are two subnets 10.0.1.0 and 10.0.2.0. So these two subnets can be in EU West one B. But if there is a subnet which is 10.0.1.0, so that cannot expand across a single availability zone. It means that cannot be available within one within us East us West one B and one A both.
Question 10 – Can we launch an instance in public subnet without having public IP?
Answer – Yes.
Question 11 – Is it possible to have an Instance in public subnet without public IP.
Answer – Yes.
Question 12 – Can we launch an instance on a dedicated instance?
Answer – Yes
Question13 – What is Tenancy in the Ec2 launch option?
Answer – It means where your instance is going to host whether that will be a dedicated instance or shared hardware.
Question 14 – Can we attache EFS volume when we launch an instance.
Answer – Yes
Question 15 – How do you specify a tag in Ec2 instance?
Answer – we can specify like name, owner, environment type, OS-type, application, etc.
Question 16 – What is the cost-saving plan?
Answer – Its new service launched by AWS in this it regularly observes our uses pattern and based on that it will provide his optimization, it’s not free service it’s chargeable
Question 17 – How many kinds of AWS Ec2 instance pricing model?
Answer – AWS Ec2 pricing model are – On-demand Instance, Reserved Instances, Spot Instances, Saving Plans, Dedicated Host.
Question 18- How many kinds of Reserve instance payment plan?
Answer – 3 Type of payment plan for Reserve Instance – All upfront, Partial Upfront, No upfront
Question 19 – What is the Placement Group?
Answer – placement group is a logical group or cluster in single Availability Zone
Question 20 – What is the difference between system status check and instance status check?
Answer – System status check means that the particular server variable instance is being created. So, this particular check will denote or will notify that your physical server where this virtual machine is going to get created and what is the status of that similarly when we talk about instance status check data to the virtual machine or this machine where it is being going to get created.
Question 21 – Can we monitor RAM and Disk uses using a cloud watch?
Answer – No
Question 22 – What is the difference between default monitoring vs Details Monitoring?
Answer – In default monitoring it monitors on the 5-minute span and it’s free, when we enable detailed monitoring it will start monitoring in every 1-minute span for detailed monitoring we have to pay for this monitoring.
Question 23 – If its high load on my machine and I want to stop my instance, reboot or recover how can I achieve that.
Answer – In Cloud Watch we can set an alarm matrix based on our requirement and when it matches that alarm we can perform the action which is defined in the CloudWatch matrix.
Question 24 – What the default monitoring matrix?
Answer – CPU matrix, Disk IO/read-write operation matrix, Network speed/in-out matrix, CPU credit, and CPU credit balance.
Question 25 – What is an elastic IP?
Answer – Elastic IP is a static IP address(IPv4), we can associate this with any instance.
Storage/S3 Bucket Interview Questions and Answers-
Question 26 – What is the S3 bucket?
Answer – S3 stands for Simple Storage Service, it’s public cloud storage it supports object storage type.
Question 27 – S3 is a regional or global service.?
Answer – Yes
Question 28 – if S3 is global service ten why we need to select region when we create bucket.?
Answer – S3 data need to be closest to our server for best performance(for lowest latency) if we keep the file in a different region in that we may face issue CROSS region replication issue.
Question 29 – What is versioning in the S3 bucket?
Answer – When we need to keep all chnage log of same file similar to git, s3 provide same feature to keep versioning of objects.
Question 30 – How can we transfer buckets to a different region?
Answer – aws s3 cp s3://my-bucket/ s3://new-bucket/ –recursive
Question 31 – How many types of storage service in AWS.
Answer – Standard, Intelligent-Tiering, Standard-IA, One Zone-IA, Glacier, Glacier Deep Archive, Reduced Redundancy
Question 32 – What is the Bucket limit in the S3 bucket.?
Answer – 100 Bucket
Question 32 – What is the maximum size we can upload into a bucket?
Answer – 256TB
Question 33 – Can we rename bucket.?
Answer – No
Question 36 – What is the difference between S3 vs EFS vs EBS?
Answer – S3 is object storage and latency is higher than EBS and EFS we can host/install OS or application on it, EBS is block storage and it the default storage with Ec2 instance we can attach 1 EBS with 1 instance. EFS is Elastic File Storage its a shared storage provided by AWS we can attach 1 EFS with multiple Ec2 instances.
Question 37 – Can we attach 1 EBS with multiple Instances?
Answer – No
Question 38 – What is a glacier?
Answer – S3 is Object storage it’s used to archive the data which not required frequently because Glacier latency is hight and the cost is cheaper than S3
Question 40 – What is S3 durability?
Answer – S3 provide 99.999999999 durability.
Database/RDS Interview Questions and Answers
Question 41 – What is AWS RDS? and what all databases supported by AWS RDS?
Answer – Amazon RDS stands for Relational Database Services, its Amazon DAAS(Database as a Service) it supports various database like MSSql(Mysql Server), Mysql, Oracle, Postgress, Aurora(serlerless and provisioned).
Question 42 – What is the point in time backup in AWS RDS?
Answer – RDS provides a very useful feature that is backtracking so using that we can revert our database changes at any point in time to recover the changes.
Question 43 -Difference between SQL vs No-SQL database.
Answer – SQL database also called a relational database and also represent as Table based structure, No-SQL database is a non-relational database it can be document-based or key-value pair based
Question 44 – List of No-SQL databases provided by AWS.
Answer – DynanoDB, MongoDb, Cassandra, Redis.
Question 45 -What is Aurora Serverless? and how it’s different from managed Aurora Database.
Answer – Aurora Serverless is similar to Aurora Database(MySQL and Postgres compatible), its on-demand database. in this database, we don’t have to manage/control database instance and we need not pay the higher compute cost it assign compute power as it required. In serverless compute capacity denote as ACU(Aurora Capacity unite) we can use mn 1 ACU(2BG RAM) to 256ACU(488GB RAM)
AWS CloudFront Interview Questions Answers
Questions 46 – What is AWS CloudFront?Answer – AWS Cloudfront is a CDN(content delivery network) it delivers the content securely access network with the lowest latency.
AWS VPC Questions
Question 47 – What is AWS VPC?
Answer – VPC stands for Virtual private Cloud, it enables you to launch AWS resources in your defined closed Virtual Network.
Question 48 – What is the Security group?
Answer – Its act as a virtual firewall it controls inbound and outbound traffic on instances
Question 49 – What is the component of VPC?
Answer – VPC networking components are Route tables, Internet Gateways, Egress-Only Internet Gateways, DHCP Options Sets, DNS, NAT, VPC peering.
Question 50 – What is a subnet?
Answer – Subnets are separate and isolated data centers like one subnet is equal to one data center in AWS.
Question 51 – What is Private and Public Subnet?
Answer – A private subnet sets that route to a NAT instance. Private subnet instances only need a private ip and internet traffic is routed through the NAT in the public subnet. You could also have no route to 0.0.0.0/0 to make it a truly private subnet with no internet access in or out.
A public subnet routes 0.0.0.0/0 through an Internet Gateway (igw). Instances in a public subnet require public IPs to talk to the internet.
Question 52 –What is CIDR?
Answer – CIDR stands for Classless Inter-Domain Routing it is a set of IP to create a unique network identifier.
Question 53 –What is NAT Gateways?
Answer – NAT stands for Network Address Translation Gateway, it helps to create a connect an instance under the private gateway
Question 54 –What is Internet Gateways?
Answer – Internet Gateways allow the instance to communicate/connect with public internet.
Question 55 –Difference between NAT and Internet Gateways?
Answer – Internet gateway allow AWS resources/instances to connect public internet on a public subnet, it provides inbound and outbound traffic on AWS resources.
Nat Gateway providess a connection under private gateway only inbound traffic is allowed on NAt gateway.
Question 55 –What is Route Tables?
Answer – A route table contains a set of rules, called routes, that are used to determine where network traffic from your subnet or gateway is directed.
Question 56 –What is VPC Peering?
Answer – VPC peering provide a connection between 2 different VPC to route traffic from private IPv4 or IPv6 addresses.
Question 57 –What is Network ACL?
Answer – NACL stands for Network Access Control Lists, it is a security layer that works on VPC it controls inbound and outbound internet on one or more subnet.
Question 58 – Difference between Network ACL vs Security Group?
Answer – Network ACL work on subnet level and Security Group works on Instance/machine level
Question 59 –What is Customer Gateways?
Answer – It is a resource which needs to be installed on both side Customer side as well as service provider side. It could be either physical or software-based
AWS CloudFormation Interview Questions
Question 60 –What is AWS Clouformation?
Answer – AWS Clouformation is a resource provisioning tool provided by AWS. It allows us to create a collection of AWS resources.
- Format Version (optional)
- Description (optional)
- Metadata (optional)
- Parameters (optional)
- Mappings (optional)
- Conditions (optional)
- Transform (optional)
- Resources (required)
- Outputs (optional)
Question 62 – How CloudFormation different from Terraform?
Answer – Teffaform si opensource it is compatible with all public cloud(AWS, Azure, GCP, Openstack, digital Ocen)as well as on-premise(Barematel) infrastructure.
AWS Route53 Interview Questions and Answer
Question 63 -What is DNS?
Answer – DNS is a distribution service it provides easy identification of a numeric IP address into a human readable name like example.com
Question 64 –What is AWS Route53?
Answer – AWS Route53 is a DNS service provided by AWS, its highly scalable and highly available DNS management system, it also provides health-check web service.
Question 65 –What is the component of Route53?
Answer – AWS route53 components are –
- DNS management
- Traffic management
- Availability monitoring
- Domain registration
Question 66 –What are the Route53 key features?
Answers – Route53 key features are –
- Traffic flow
- Latency based routing
- Geo DNS
- Private DNS for Amazon VPC
- NS Failover
- Health Checks and Monitoring
- Domain Registration
- CloudFront Zone Apex Support
- S3 Zone Apex Support
- Amazon ELB Integration
- Management Console
- Weighted Round Robin
AWS IAM Interview Questions and Answers
Question 67 – What is the component of IAM
Answers – The main components of IAM are – Groups, Users, Roles, Policies.
Question 70 – What is AWS Identity and Access Management (IAM)?
Answer – Its access management system will provide secure access to users and groups to your AWS resources. we can create and manage users/groups for AWS resource Access.
Question 71 – What is an IAM role?
Answer – Its a very important IAM identity that defines a set of permission for Accessing AWS resources. it is not associated with any specific users or groups.
Question 72 – What is the difference between an IAM role and an IAM user?
Answers – IAM roles have no such login credential IAM roles you can not directly access AWS resources, where IAM Users have permanent long term credential support and we can directly access the AWS resources.
Question 73 – When should I use an IAM user, IAM group, or IAM role?
Answers – IAM Users have a permanent long term credential support and we can directly access the AWS resources. IAM users have no such login details but it has a set of permission which can we applies with multiple IAM users. IAM roles have permission to make AWS service requests not direct access.
Question 74 – What is AWS Autoscaling.
Answer – It Monitors your applications and based on our matrix/rules it helps to scale/adjust server performance at the lowest possible cost.
Question 75 -What is AWS CloudWatch?
Answer – AWS CloudWatch is a monitoring tool it provides monitoring data and insights of AWS resources.
Other AWS Interview Questions and Answers
Question 76 –What is AWS ElasticBeanstalk?
Answer – AWS Elastic Beanstalk is a self orchestration/managed tool it will offer to host various applications without having prior knowledge of infrastructure. It supports most programming platforms like Dotnet, Java Php, ROR, Nginx, etc. We can also use our custom configuration
Question 77 –What is AWS Lambda?
Answer – AWS Lambda is a serverless computing platform it is based on events. It runs the code when it receives a response to an event it will automatically manage the compute resource for that.
Question 78 –What is AWS EMR?
Answer – AWS EMR is a BigData processing and analytics tools. it provides BigData Hadoop cluster on a virtual server on AWS Ec2 and S3, its a very cost-effective BigData solution provided by AWS.
Question 79 –What is AWS WorkSpace?
Answer – It is a Cloud-Based Virtual desktop it can be a replacement or substitute on the traditional desktop. AWS WorkSpace available with bundles of OS, compute resource, storage, and other application which help a person to perform daily task like a traditional desktop.
Question 80 –What is AWS Cloudtrail?
Answer – AWS Cloudtrail is basically an operational auditing tool on AWS. It provides event history for AWS account activity done on AWS management console, AWS SDK, etc.
Question 81 – What is AWS Certificate Manager?
Answer – AWS Certificate Manager provides a free Certificates for your DNS, it allow you to provision manage and deploy public as well as private SSL/TLS certificate to use AWS resource.
Question 82 – What is AWS Direct Connect?
Answer – AWS Direct Connect basically provide local connectivity from your on-premise data center to AWS. It will help to reduce network transfer cost and can increase bandwidth and consistent performance its idle for a very large Database
Question 83 – What is Amazon MQ?
Answer – Amazon MQ is a cloud-based Massage Queuing service, it is easy to manage and reduce your operational load by provisioning Active MQ.
Question 84 – What is AWS Simple Notification Service(SNS)?
Answer – AWS Simple Notification Service(SNS) is a pub/sub (publisher/subscriber) messaging service, it is a very highly available, scalable, durable, fully managed service. it is a serverless distributed system.
Question 85 – What is AWS Simple Queue Service (SQS)
Answer – AWS Simple Queue Service (SQS) is managed to queue service,
Question 86 – How many types of AWS Simple Queue Service (SQS).
Answer – AWS Simple Queue Service (SQS) is basically 2 types 1- Standard Queue(default) 2- FIFO Queue
Question 87 – Can we use SNS with SQS FIFO queue?
Answer – No, it did not support, SNS only support wit SQS standard queue.
AWS Interview Questions on container orchestration –
Question 88 –What is AWS ECS?
Answer – Amazon Elastic Container Service (ECS) is a container orchestration/management service that supports Docker containers and allows you to run your application on a managed cluster hosted on Amazon Ec2. its very hight scalable and hight performance container orchestration/management service.
Question 89 – What is AWS EKS?
Answer – Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service it allows users to run/use Kubernetes on AWS. In EKS you do not have to manage the Control plane AWS manage its own.
Question 90 – What is AWS ECR?
Answer – Amazon Elastic Container Registry (ECR) is a managed Docker container registry to store Docker container images.
Question 91 – What is AWS Fargate?
Answer – AWS Fargate is a serverless compute engine or hosted zone which works with both ECS and EKS. AWS Fargate self manages to compute resource as per demand, we do not have to manage the Ec2 Cluster.
Question 92 – What is AWS CodePipeline?
Answer – CodePipeline is a DevOps tool provided by AWS using this we can automate the software development process. We can deploy codes on-premise, EC2 instance, and ECS cluster.
Question 93 – What is AWS CodeCommit?
Answer – AWS CodeCommit is code storage and version-control service similar to Git/BitBucket, we can use this with AWS DevOps tools to build/setup CI(Continuous integration).
Question 94 – What is aws Amazon DocumentDB ?
Answer – Amazon DocumentDB is AMazon’s own no-SQL database it is compatible to MongoDB, it fast scalable highly available fully managed. AWS DocumentDB design for 99.99% availability and have 6 copy of backup across 3 AZ.
Question 95 – What is Amazon DynamoDB?
Answer – Amazon DynamoDB is a key-value paired based DocumentDB, it is fully managed. it has built-in security, backup, restore, and in-memory cache, it is fully managed, multiregion, multimaster durable database.