Get ready for your AWS VPC interview with these top 10 interview questions and answers. Learn about VPCs, subnets, security groups, network ACLs, and more. Understand the differences between public and private subnets, and how to connect your on-premises data center to a VPC. Use these questions and answers to demonstrate your knowledge and skills in AWS networking.
What is a VPC?
What is a subnet?
A subnet is a range of IP addresses in your VPC. You can select its IP address range from your VPC’s IP address range, and associate security groups and network ACLs with your subnet.
How do I create a VPC?
To create a VPC, go to the Amazon VPC console and choose “Create VPC.” Then, specify the CIDR block for the VPC and choose “Create VPC.
How do I delete a VPC?
To delete a VPC, go to the Amazon VPC console and select the VPC that you want to delete. Choose “Actions,” then “Delete VPC.”
What is a CIDR block?
A CIDR block is a range of IP addresses that is expressed using CIDR notation. It is used to define the range of IP addresses for a VPC or subnet.
What is a security group?
A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. You can specify the protocols, ports, and source IP ranges that are allowed to reach your instances.
What is a network ACL?
A network ACL is a stateless firewall that controls inbound and outbound traffic at the subnet level. It operates at the network layer and can allow or deny traffic based on IP addresses, protocols, and port numbers.
What is a public subnet?
A public subnet is a subnet that has a direct route to the Internet via an Internet gateway. Instances in a public subnet can communicate with the Internet, but traffic from the Internet cannot reach instances in a public subnet unless it is explicitly allowed.
What is a private subnet?
A private subnet is a subnet that does not have a direct route to the Internet. Instances in a private subnet can communicate with the Internet, but only through a network address translation (NAT) gateway or NAT instance.
What is a NAT gateway?
A NAT gateway is a AWS managed NAT service that allows instances in a private subnet to connect to the Internet or other resources over the Internet, but it prevents the Internet from initiating connections with those instances.
What is a VPC endpoint?
A VPC endpoint is a VPC component that allows communication between instances in a VPC and certain AWS services without requiring an Internet gateway, VPN connection, or AWS Direct Connect connection.
What is a VPC peering connection?
A VPC peering connection is a networking connection between two VPCs that enables the routing of traffic between them using private IP addresses.
What is a VPC flow log?
A VPC flow log is a feature that enables the capture of IP traffic flow data for a VPC, subnet, or network interface. It can be used to monitor, troubleshoot, and diagnose VPC traffic.
Can I connect my on-premises data center to a VPC?
Yes, you can connect your on-premises data center to a VPC using AWS Direct Connect. This allows you to create a dedicated network connection between your data center and VPC.
Can I create multiple VPCs in the same AWS account?
Yes, you can create multiple VPCs within the same AWS account. You can also connect VPCs together using VPC peering or AWS PrivateLink.