Students also Learn Related Courses
AWS Interview Questions & Answers
Here are the list of most frequently asked AWS Interview Questions and Answers in technical interviews. These AWS questions and answers are suitable for both fresher’s and experienced professionals at any level. The questions are for intermediate to somewhat advanced AWS professionals, but even if you are just a beginner or fresher you should be able to understand the answers and explanations here we give. These AWS Interview Questions and Answers will guide you to clear.
- AWS Certified Cloud Practitioner
- AWS Certified Developer – Associate
- AWS Certified SysOps Administrator – Associate
- AWS Certified Solutions Architect – Associate
- AWS Certified DevOps Engineer – Professional
- AWS Certified Solutions Architect – Professional
- AWS Certified Big Data – Specialty
Best AWS Interview Questions and Answers
Cloud computing offers plenty of opportunities and you can start your successful business as an AWS architect with a successful job interview. If you find AWS Architectural Interviews, some of the answers to the following questions are answered from the AWS Interviews.
AWS Interview Questions and Answers for beginners and experts. List of frequently asked AWS Interview Questions with answers by Besant Technologies. We hope these AWS interview questions and answers are useful and will help you to get the best job in the networking industry. This AWS interview questions and answers are prepared by AWS Professionals based on MNC Companies expectation. Stay tune we will update New AWS Interview questions with Answers Frequently. If you want to learn Practical AWS Training then please go through this AWS Training in Chennai , AWS Training in Bangalore & AWS Training in Pune.
Best AWS Interview Questions & Answers for Job Placements
Besant Technologies supports the students by providing AWS interview questions and answers for the job placements and job purposes. AWS is the leading important course in the present situation because more job openings and the high salary pay for this Amazon Web Services and more related jobs. We provide the AWS online training also for all students around the world through the Gangboard medium. These are top AWS interview questions and answers, prepared by our institute experienced trainers.
Here are the list of most frequently asked Amazon Web Services Interview Questions and Answers in technical interviews. These questions and answers are suitable for both freshers and experienced professionals at any level. The questions are for intermediate to somewhat advanced AWS professionals, but even if you are just a beginner or fresher you should be able to understand the answers and explanations here we give.
Q1: List the components required to build Amazon VPC?
Ans: Subnet, Internet Gateway, NAT Gateway, HW VPN Connection, Virtual Private Gateway, Customer Gateway, Router, Peering Connection, VPC Endpoint for S3, Egress-only Internet Gateway.
Q2: How do you safeguard your EC2 instances running in a VPC?
Ans: Security Groups can be used to protect your EC2 instances in a VPC. We can configure both INBOUND and OUTBOUND traffic in a Security Group which enables secured access to your EC2 instances. Security Group automatically denies any unauthorized access to your EC2 instances.
Q3: In a VPC how many EC2 instances can you use?
Ans: Initially you are limited to launch 20 EC2 Instances at one time. Maximum VPC size is 65,536 instances.
Q4: Can you establish a peering connection to a VPC in a different REGION?
Ans: Not possible. Peering Connection are available only between VPC in the same region.
Q5: Can you connect your VPC with a VPC owned by another AWS account?
Ans: Yes, Possible. Provided the owner of other VPCs accepts your connection.
Q6: What are all the different connectivity options available for your VPC?
Ans: Internet Gateway, Virtual Private Gateway, NAT, EndPoints, Peering Connections.
Q7: Can a EC2 instance inside your VPC connect with the EC2 instance belonging to other VPCs?
Ans: Yes, Possible. Provided an Internet Gateway is configured in such a way that traffic bounded for EC2 instances running in other VPCs.
Q8: How can you monitor network traffic in your VPC?
Ans: It is possible using Amazon VPC Flow-Logs feature.
Q9: Difference between Security Groups and ACLs in a VPC?
Ans: A Security Group defines which traffic is allowed TO or FROM EC2 instance. Whereas ACL, controls at the SUBNET level, scrutinize the traffic TO or FROM a Subnet.
Q10: Hon an EC2 instance in a VPC establish the connection with the internet?
Ans: Using either a Public IP or an Elastic IP.
Q11: Different types of Cloud Computing as per services?
Ans: PAAS (Platform As A Service), IAAS (Infrastructure As A Service), SAAS (Software As A Service)
Q12: What is Auto Scaling?
Ans: Creating duplicate instances during heavy business hours. Scale-IN and Scale-OUT are two different statues of Scaling. Scale-IN: Reducing the instances. Scale-OUT: Increasing the instances by duplicating.
Q13: What is AMI?
Ans: AMI is defined as Amazon Machine Image. Basically it’s a template comprising software configuration part. For example, Operating System, DB Server, Application Server, etc.,
Q14: Difference between Stopping and Terminating the Instances?
Ans: When you STOP an instance it is a normal shutdown. The corresponding EBS volume attached to that instance remains attached and you can restart the instance later. When you TERMINATE an instance it gets deleted and you cannot restart that instance again later. And any EBS volume attached with that instance also deleted.
Q15: When you launch a standby Relational Database Service instance will it be available in the same Available Zone?
Ans: Not advisable. Because the purpose of having standby RDS instance is to avoid an infrastructure failure. So you have to keep your standby RDS service in a different Availability Zone, which may have different infrastructure.
Q16: Difference between Amazon RDS, DynamoDB and Redshift?
Ans: RDS is meant for structured data only. DynamoDB is meant for unstructured data which is a NoSQL service. Redshift is a data warehouse product used for data analysis.
Q17: What are Lifecycle Hooks?
Ans: Lifecycle Hooks are used in Auto Scaling. Lifecycle hooks enable you to perform custom actions by pausing instances as an Auto Scaling group launches or terminates them. Each Auto Scaling group can have multiple lifecycle hooks.
Q18: What is S3?
Ans: S3 stands for Simple Storage Service, with a simple web service interface to store and retrieve any amount of data from anywhere on the web.
Q19: What is AWS Lambada?
Ans: Lambda is an event-driven platform. It is a compute service that runs code in response to events and automatically manages the compute resources required by that code.
Q20: In S3 how many buckets can be created?
Ans: By default 100 buckets can be created in a region.
Q21: What is CloudFront?
Ans: Amazon CloudFront is a service that speeds up transfer of your static and dynamic web content such as HTML files, IMAGE files., etc., CloudFront delivers your particulars thru worldwide data centers named Edge Locations.
Q22: Brief about S3 service in AWS?
Ans: S3, a Simple Storage Service from Amazon. You can move your files TO and FROM S3. Its like a FTP storage. You can keep your SNAPSHOTS in S3. You can also ENCRYPT your sensitive data in S3.
Q23: Explain Regions and Available Zones in EC2?
Ans: Amazon has hosted EC2 in various locations around the world. These locations are called REGIONS. For example in Asia, Mumbai is one region and Singapore is another region. Each region is composed of isolated locations which are known as AVAILABLE ZONES. Region is independent. But the Available Zones are linked thru low-latency links.
Q24: What are the two types of Load Balancer?
Ans: Classic LB and Application LB. ALB is the Content Based Routing.
Q25: Can a AMI be shared?
Ans: Yes. A developer can create an AMI and share it with other developers for their use. A shared AMI is packed with the components you need and you can customize the same as per your needs. As you are not an owner of a shared AMI there is a risk always involved.
Q26: What is a Hypervisor?
Ans: A Hypervisor is a kind of software that enables Virtualization. It combines physical hardware resources into a platform which is delivered virtually to one or more users. XEN is the Hypervisor for EC2.
Q27: Key Pair and its uses?
Ans: You use Key Pair to login to your Instance in a secured way. You can create a key pair using EC2 console. When your instances are spread across regions you need to create key pair in each region.
Q28: What is the feature of ClassicLink?
Ans: ClassicLink allows instances in EC2 classic platform to communicate with instances in VPC using Private IP address. EC2 classic platform instances cannot not be linked to more than one VPC at a time.
Q29: Can you edit a Route Table in VPC?
Ans: Yes. You can always modify route rules to specify which subnets are routed to the Internet gateway, the virtual private gateway, or other instances.
Q30: How many Elastic IPs can you create?
Ans: 5 VPC Elastic IP addresses per AWS account per region
Q31: Can you ping the router or default gateway that connects your subnets?
Ans: NO, you cannot. It is not supported. However you can ping EC2 instances within a VPC, provided your firewall, Security Groups and network ACLs allows such traffic.
Q32: How will you monitor the network traffic in a VPC?
Ans: Using Amazon VPC Flow Logs feature.
Q33: Can you make a VPC available in multiple Available Zones?
Q34: How do you ensure an EC2 instance is launched in a particular Available Zone?
Ans: After selecting your AMI Template and Instance Type, in the third step while configuring the instance you must select the SUBNET in which you wish to launch your instance. It will be launched in the AZ associated with that SUBNET.
Q35: For Internet Gateways do you find any Bandwidth constraints?
Ans: NO. Normally an IG is HORIZONTALLY SCALLED, Redundant and Highly Available. It is not having nay Bandwidth constraints usually.
Q36: What is the significance of a Default VPC?
Ans: When you launch your instances in a Default VPC in a Region, you would be getting the benefit of advanced Network Functionalities. You can also make use of Security Groups, multiple IP addresses, and multiple Network interfaces.
Q37: Can you make use of default EBS Snapshots?
Ans: You can use, provided if it is located in the same region where your VPC is presented.
Q38: What will happen when you delete a PEERING CONNECTION in your side?
Ans: The PEERING CONNECTION available in the other side would also get terminated. There will no more traffic flow.
Q39: Can you establish a Peering connection to a VPC in a different region?
Ans: NO. Its possible between VPCs in the same region.
Q40: Can you connect your VPC with a VPC created by another AWS account?
Ans: Yes. Only when that owner accepts your peering connection request.
Q41: When you delete your DB instance what will happen to your backups and DB snapshots?
Ans: When a DB instance is deleted, RDS retains the user-created DB snapshot along with all other manually created DB snapshots. Also automated backups are deleted and only manually created DB Snapshots are retained.
Q42: What is the significance of an Elastic IP?
Ans: The Public IP is associated with the instance until it is stopped or terminated Only. A Public IP is not static. Every time your instance is stopped or terminated the associated Public IP gets vanished and a new Public IP gets assigned with that instance. To over come this issue a public IP can be replaced by an Elastic IP address, which stays with the instance as long as the user doesn’t manually detach it. Similarly when if you are hosting multiple websites on your EC2 server, in that case you may require more than one Elastic IP address.
Q43: How will you use S3 with your EC2 instances?
Ans: Websites hosted on your EC2 instances can load their static contents directly from S3. It provides highly scalable, reliable, fast, inexpensive data storage infrastructure.
Q44: Is this possible to connect your company datacenter to Amazon Cloud?
Ans: Yes, you can very well do this by establishing a VPN connection between your company’s network and Amazon VPC.
Q45: Can you change the Private IP of an EC2 instance while it is running or stopped?
Ans: A Private IP is STATIC. And it is attached with an instance throughout is lifetime and cannot be changed.
Q46: What is the use of Subnets?
Ans: When a network has more number of HOSTS, managing these hosts can be tedious under a single large network. Therefore we divide this large network into easily manageable sub-networks (subnets) so that managing hosts under each subnet becomes easier.
Q47: What is the use of Route Table?
Ans: Route Table is used to route the network pockets. Generally one route table would be available in each subnet. Route table can have any no. of records or information, hence attaching multiple subnets to a route table is also possible.
Q48: Can you use the Standby DB instance for read and write along with your Primary DB instance?
Ans: Standby server cannot be used in parallel with primary server unless your Primary instance goes down.
Q49: What is the use of Connection Draining?
Ans: Connection Draining is a service under Elastic Load Balancing. It keeps monitoring the healthiness of the instances. If any instance fails Connection Draining pulls all the traffic from that particular failed instance and re-route the traffic to other healthy instances.
Q50: What is the role of AWS CloudTrail?
Ans: CloudTrail is designed for logging and tracking API calls. Also used to audit all S3 bucket accesses.
Q51: What is the use of Amazon Transfer Acceleration Service?
Ans: ATA service speeds up your data transfer with the use of optimized network paths. Also, speed up your CDN up to 300% compared to normal data transfer speed
Q52: What is the name of AWS CEO or Chief?
Ans: Jeff Bezos
Q53: EC2 officially launch in …..
Q54: S3 Launched officially lunched in …..
Q55: You cannot store unlimited data in Amazon Web Services…..
Ans: B. False
Q56: Rapid provisioning allows you to very quickly spin up a new virtual machine with minimal effort. True or false ?
Q57: A hybrid setup is one in which part of your resources are AWS and the rest are with another cloud provider. True or False ?
Q58: As an added layer of security for AWS management, which of the following should be you do ?
Create multiple Admin accounts
Generate a new security key each time you log in
Create IAM users
Ans: Create IAM users
EC2, Elastic Computing & Instances Types
Q59: Is AMI template ?
Q60: EC2 Instances are Virtual Server in AWS
Ans: A. True
Q61: What does “elastic” refer to in Elastic Compute Cloud(EC2)? Select all that apply...
A.Increasing and decreasing capacity as needed
B.Monitoring services on multiple devices
C. Operating on Mac, Windows and Linux
D. Paying only for running virtual machines
E. Stretching applications across virtual machines
Ans: A. Increasing and decreasing capacity as needed & D. Paying only for running virtual machines
Q62: You can upload a custom configuration virtual image and sell it on the AWS Marketplace. True or false?
Ans: A. True
Q63: EC2 Machine types define which of the following ?
A. AWS Region
B. Core Count
C. User Location
Ans: B. Core Count
Q64: Which is default instance type
C. Spot instance
Ans: A. On-demand
Q65: What is Elastic Computing ?
A. Data will be replicate to different AZs
B. You can spin up and spin down VMs
C. Automatically VMs will be add and remove
Ans: B. You can spin up and spin down VMs
Q66: You can upload a custom configuration virtual image and sell it on the AWS Marketplace. True or false ?
Ans: A. True
Q67: EC2 Machine types define which of the following?
A. AWS Region
B. Core Count
C. User Location
Ans: B. Core Count
Q68: Which is default instance type
C. Spot instance
Ans: A. On-demand
Q69: What is Elastic Computing?
A. Data will be replicate to different AZs
B. You can spin up and spin down VMs
C. Automatically VMs will be add and remove
Ans: B. You can spin up and spin down VMs
Q70: Can We launch multiple instances with the same AMI?
Ans: A. True
Q71: PEM file is one time physical password…
Ans: A. True
Q72: Windows user required PPK file to connect Linux instance hosted on AWS.
Q73: You can purchase time on EC2 directly from other users and specify the price you want to pay. True or false?
Q74: Which of the following might prevent your EC2 instance from appearing in the list of instances?
A. EC2 is not selected
B. Correct region is not selected
C. AWS marketplace is not selected
Ans: B. Correct region is not selected
Q75: Which of the following main reason to terminate an unused EC2 instance?
A. Security Concerns
B. Additional fees
C. Data Loss
Ans: B. Additional fees
Q76: Which AWS service exists only to redundantly cache data and images?
A. AWS Availability Zones
B. AWS Edge Locations
C. AWS Regions
Ans: B. AWS Edge Locations
Q77: Regions, AZs and Edge Locations all terms are the same…
Ans: B. False
Q78: AWS every service is available at every regions….
Ans: B. False
Q79: Premium support is Available in AWS for Developer, Business & Enterprise level?
Ans: A. True
Q80: Can you add new Debit/Credit card in your AWS Account?
Ans: A. True
Q81: Can you increase micro to large of instance?
Ans: A. True
Q82: On-demand instances is based on a bid mechanism.
Ans: B. False
Q83: RI can be sold on the AWS marketplace?
Ans: A. True
Q84: Which is default types options in AWS?
C. Spot instance
Ans: A. On-demand
Q85: What are On-demand, RI and Spot instances ? Which instance is best on Production?
C. Depends on Application or Website
Ans: C. Depends on Application or Website
Q86: Which is most expensive options in instance?
C. Spot instance
Q87: Amazon S3 is internet accessible storage via HTTP /HTTPS
Ans: A. True
Q88: Amazon S3 is not a object level of storage
Q89: Amazon S3 is storage for the Internet
Ans: A. True
Q90: Temporary storage access speed is not guaranteed.
Ans: A. True
Q91: There is 99.99% SLA(Service Level Agreement) for temporary storage.
Ans: B. False
Q92: Ephemeral storage is block-level storage?
Ans: A. True
Q93: Single object size is up to 5 TB in Amazon S3.
Ans: A. True
Q94: You can create unlimited bucket size in Amazon S3.
Ans: A. True
Q95: By default, Instance-Backed and EBS-Backed root volumes delete all data. However, when using EBS-Backed storage, you can configure it to save the data on the root volume. True or false?
Ans: A. True
Q96: You can switch from an Instance-Backed to an EBS-Backed root volume at any time. True or False?
Ans: B. False
Q97: When using an EBS-Backed machine, you can override the terminate option and save the root volume. True or False?
Ans: A. True
Q98: Which of the following is a service of AWS Simple Storage Service(S3)? Select all that apply.
A. Database Indexing
B. File searching
C. Secure Hosting
D. Storage Scaling
Ans: C. Secure Hosting & D. Storage Scaling
Q99: What’s the difference between instance store and EBS?
I’m not sure whether to store the data associated with my Amazon EC2 instance in instance store or in an attached Amazon Elastic Block Store (Amazon EBS) volume. Which option is best for me?
Some Amazon EC2 instance types come with a form of directly attached, block-device storage known as the instance store. The instance store is ideal for temporary storage, because the data stored in instance store volumes is not persistent through instance stops, terminations, or hardware failures. You can find more detailed information about the instance store at Amazon EC2 Instance Store.
For data you want to retain longer-term, or if you need to encrypt the data, we recommend using EBS volumes instead. EBS volumes preserve their data through instance stops and terminations, can be easily backed up with EBS snapshots, can be removed from instances and reattached to another, and support full-volume encryption. For more detailed information about EBS volumes, see Features of Amazon EBS.
Q100: BS can be attached to any running instance that is in the same Availability Zone?
Q101: EBS is internet accessible
Q102: EBS has persistent file system for EC2
Q103: EBS supports incremental snapshots
Q104: Amazon Glacier enables customers to offload the administrative burdens of operating and scaling storage to AWS.
Q105: Amazon Glacier is a great storage choice when low storage cost is paramount.
Q106: Data is rarely retrieved, and retrieval latency of several hours is acceptable in Glacier
Q107: Glacier is basically for data archival
Q108: It is very cheap storage
Q109: Glacier has very, very slow retrieval times
Q110: By Default, Instance-Backed and EBS-Backed root volumes delete all data. However, when using EBS-Backed storage, you can configure it to save the data on the root volume.
Q111: You can switch from an Instance-Backed to an EBS-Backed root volume at any time.
Q112: When using an EBS-Backed machine, you can override the terminate option and save the root volume.
Q113: VPC is Private, Isolated, Virtual Network
Q114: VPC would be logically isolated network in AWS cloud
Q115: VPC is also give control of network architecture
Q116: VPC is also going to enhanced security
Q117: VPC has ability to interwork with other organizations
Q118: VPC does not enable hybrid cloud(site-to-site VPN)
Q119: Route Table is a set of Rules tells the direction of network
Q120: Security Group is a subnet level of security
Q121: NACLs(Network Access Lists) is a resource level of security
Q122: Any default stack is available in Cloud Formation?
Ans: You can not create default stack but you can choose the type of stack to create e.g :
A sample stack
A Linux-based chef 12 stack
A Windows-based Chef 12.2 stack
A Linux-based Chef 11.10 stack
Q123: What is the difference between Stack and Template in Cloud Formation?
Ans: Stack : Cloud-based applications usually require a group of related resources—application servers, database servers, and so on—that must be created and managed collectively. This collection of instances is called a stack
Q124: We can create multiple server for same stack?
Ans: you can select one “instance type” e.g: t2.micro at a time but you can set more then one “Webserver Capacity” which is “The initial number of Webserver instances“ means automatically same kind of instances will launch.
Q125: Can you explain the term SQS is pull based, not pushed base.
Ans: It means that you have to actively poll the queue in order to receive a messages.
The messages are pushed into the queue by the producers but pulled out of the queue by the consumers.You have to call the Receive Message action from the consumer in order to get the messages, they are not pushed to you automatically when they arrive.
Q126: How many Elastic IP addresses can be associated with a single account?
D. None the above
Ans: C. 5
Q127: What is the name to the additional network interfaces that can be created and attached to any Amazon EC2 instance in your VPC?
A. Elastic IP
B. Elastic Network Interface
C. AWS Elastic Interface
D. AWS Network ACL
Ans: B. Elastic Network Interface
Q128: You have configured ELB with three instances connected to that. If your instances are unhealthy or terminated, the traffic should be automatically replaced to another instance, what type of service can be used to achieve this requirement?
A. Sticky session
B. Fault Tolerance
C. Connection drainage
Ans: B. Fault Tolerance
Q129: After configuring ELB, you need to ensure that the user requests are always attached to a single instance. What setting can you use?
A. Session cookie
B. Cross one load balancing
C. Connection drainage
D. Sticky session
Ans: D. Sticky session
Q130: Which of the following metrics cannot have a cloud watch alarm?
A. EC2 instance status check failed
B. EC2 CPU utilization
C. RRS lost object
D. Auto scaling group CPU utilization
Ans: C. RRS lost object
Q131: Which of the below mentioned service is provided by Cloud watch?
A. Monitor estimated AWS usage
B. Monitor EC2 log files
C. Monitor S3 storage
D. Monitor AWS calls using Cloud trail
Ans: A. Monitor estimated AWS usage
Q132: A user has Launched an EC2 instance which of the below mentioned statements is not true respect to instance addressing?
A. The private IP addresses are not reachable from the internet
B. The user can communicate using the private IP across regions
C. The private IP address and pubic IP address for an instance are directly mapped to each other using NAT
D. The private IP address for the instance is assigned using DHCP
Ans: B. The user can communicate using the private IP across regions
Q133: Which of the following service provides the edge – storage or content delivery system that caches data at different locations?
A. Amazon RDS
B. Simple DB
C. Amazon Cloud Front
D. Amazon associates web services
Ans: C. Amazon Cloud Front
Q134: A user is launching an instance under the free usage tier from the AMI with a snapshot size of 50 GB. How can the user launch the instance under the free usage tier?
A. Launch a micro instance
B. Launch a micro instance, but in the EBS configuration modify the size of EBS to 50 GB.
C. Launch a micro instance, but do not store the data of more than 30 GB on the EBS storage.
D. It is not possible to have this instance under the free usage tier
Ans: D. It is not possible to have this instance under the free usage tier
Q135: What are the possible connection issues you can face while connecting to your instance?
A. Connection timed out
B. Server refused our key
C. No supported authentication methods available
D. All of the above
Ans: D. All of the above
Q136: You are enabled sticky session with ELB. What does it do with your instance?
A. Routes all the requests to a single DNS
B. Binds the user session with a specific instance
C. Binds the user IP with a specific session
D. Provides a single ELB DNS for each IP address
Ans: B. Binds the user session with a specific instance
Q137: Which is a main email platform that provides an easy, cost effective way for you to send compliance and receive a response using your own email address and domains?
Ans: A. SES
Q138: Which type of load balancer makes routing decisions at either the transport layer or the application layer and supports either EC2 or VPC.
A. Application Load Balancer
B. Classic Load Balancer
C. Primary Load Balancer
D. Secondary Load Balancer
Ans: B. Classic Load Balancer
Q139: AWS Cloud Front has been configured to handle the customer requests to the web server launched in Linux machine. How many requests per second can Amazon Cloud Front handle?
D. There is no such limit
Ans: D. There is no such limit
Q140: You are going to launched one instance with security group. While configuring security group, what are the things you have to select?
A. Protocol and type
D. All of the above
Ans: C. Source
Q141: Which is virtual network interface that you can attach to an instance in a VPC?
A. Elastic IP
B. AWS Elastic Interface
C. Elastic Network Interface
D. AWS Network ACL
Ans: C. Elastic Network Interface
Q142: You have launched a Linux instance in AWS EC2. While configuring security group, you have selected SSH, HTTP, HTTPS protocol. Why do we need to select SSH?
A. To verity that there is a rule that allows traffic from your computer to port 22
B. To verify that there is a rule that allows traffic from EC2 Instance to your computer
C. Allows web traffic from instance to your computer
D. Allows web traffic from your computer to EC2 instance
Ans: B. To verify that there is a rule that allows traffic from EC2 Instance to your computer
Q143: You need to quickly set up an email service because a client needs to start using it in the next hour. Amazon service seems to be the logical choice but there are several options available to set it up. Which of the following options to set up AWS service would best meet the needs of the client?
A. Amazon SES console
B. AWS Cloud Formation
C. SMTP interface
D. AWS Elastic Beanstalk
Ans: A. Amazon SES console
Q144: You have chosen a windows instance with Classic and you want to make some change to the security group. How will these changes be effective?
A. Security group rules cannot be changed
B. Changes are automatically applied to windows instances
C. Changes will be effective after rebooting the instance in that security group
D. Changes will be effective after 24-hours
Ans: B. Changes are automatically applied to windows instances
Q145: Load Balancer and DNS service comes under which type of cloud service?
D. None of the above
Ans: C. IAAS-Storage
Q146: You have an EC2 instance that has an unencrypted volume. You want to create another encrypted volume from this unencrypted volume. Which of the following steps can achieve this?
A. Just simply create a copy of the unencrypted volume, you will have the option to encrypt the volume.
B. Create a snapshot of the unencrypted volume and then while creating a volume from the snapshot you can encrypt it
C. Create a snapshot of the unencrypted volume (applying encryption parameters), copy the snapshot and create a volume from the copied snapshot
D. This is not possible, once a volume is unencrypted, there is no way to create an encrypted volume from this
Ans: C. Create a snapshot of the unencrypted volume (applying encryption parameters), copy the snapshot and create a volume from the copied snapshot
Q147: Where does the user specify the maximum number of instances with the auto scaling commands?
A. Auto scaling Launch Config
B. Auto scaling group
C. Auto scaling policy
D. Auto scaling size
Ans: A. Auto scaling Launch Config
Q148: A user is identify that a huge data download is occurring on his instance he has already set the auto scaling policy to increase the instance count when the network Input Output increase beyond a threshold limits how can the user ensure that this temporary event does not result in scaling The network I/O are not affecting during data download
A. The policy cannot be set on the network I/O
B. There is no way the can stop scaling as it already configured
C. Suspend scaling
Q149: Which are the types of AMI provided by AWS? EBS Backed
A. Instance Store backed
B. None its volume type and not AMI types
C. Both A and B
Ans: C. Both A and B
AWS Interview Questions and Answers for Freshers
Q150: What is the significance of forming Subnets?
A. Because, not enough hosts
B. To manage small number of hosts
C. To utilize the Volume available across different subnets
D. Smartly utilize network that have large number of hosts
Q151: If you want to launch your instance on a single-tenancy platform, which option you would select against Instance Tenancy Attribute parameter?
A. One to one
B. Sole Owner
Q152 _____________ is a fully managed Data Warehouse service from AWS?
A. Amazon Redshift
B. Amazon Neptune
C. Amazon Aurora
D. Amazon DynamoDB
Q153: Which of the following statements are applicable to AWS Elastic File System(EFS)?
A. EFS provides simple, scalable file storage for use with Amazon EC2
B. EFS with MS-Windows based EC2 instances is not supported
C. EFS supports the Network File System version 4 protocol
D. All of the above
Q154: What is the role of Connection Draining?
A. Helps to launch an EC2 instance
B. Automatically terminates instances which are not in use
C. Establishes connection between EC2 and RDS instances
D. Auto Scaling wait for outstanding requests to complete before terminating instances when CD is enabled
Q155: What is the use of Lambda?
A. Lambda is used for running server-less applications
B. It is a testing tool from AWS
C. It is a database service from AWS
D. It is an Anti Virus software from AWS
Q156: What is Application Load Balancing?
A. It is a feature of Elastic Load Balancing
B. Use to distribute traffic to different Target Groups
C. It is a service generating Elastic IPs for AWS customers
D. It is a kind of Firewall
Q157: What are the uses of Elastic Beanstalk?
A. Quickly deploy and manage applications in the AWS Cloud
B. Supports Java, .NET, Node.js, PHP, Python applications
C. It is an Application Server from AWS
D. Use to deploy only Java-Beans applications
Q158: Can you connect your company’s datacenter to the Amazon Cloud network?
A. Not possible
B. You can connect thru a Dedicated N/W line
C. By establishing a Virtual Private Network (VPN) between your datacenter and VPC
D. Connect with a hotline
Q159: You have commissioned PRIVATE servers in your premises. You also distributed some of your workloads with the PUBLIC cloud. What type of architecture is this?
A. Virtual Private Cloud
B. Community Cloud
C. Public Cloud
D. Hybrid Cloud
Q160: DynamoDB _______________________. Which one of the following is true regarding DynamoDB?
A. Manages Notification Service
B. Stores Metadata
C. Manages Queue Service
D. None of the above
Q161: What are the significances of AWS CloudTrail?
A. Takes care of Message Queuing Service
B. It enables governance, compliance, operational auditing and risk auditing of your AWS account.
C. Used as a database service
D. It provides an event history of your AWS account activities
Q162: Which one is a global Content Delivery Network service that securely delivers data, videos, applications, and APIs to your viewers with low latency and high transfer speeds?
A. Amazon CloudWatch
B. Amazon CloudFront
C. Amazon CloudTrail
D. Amazon VPC
Q163: Is AWS offering Reserved Instances facility for Multiple-Subnet deployments? A. Yes, available for all kind of instances
B. No, available only for Dedicated Tenancy
C. Offering only for LINUX based instances
D. None of the above
Q164: Select the correct statement from the below:
A. You can have multiple ACLs for a subnet
B. Security Group is not necessary for an EC2 instance
C. You can attach multiple Zones/Subnets to a Route Table
D. You can create S3 bucket using AWS AMI templates
Q165: Name the AWS DB Service which is Server-Less and NoSQL DB which delivers consistent single-digit millisecond latency at any scale?
A. Amazon Redshift
B. Amazon Neptune
C. Amazon Aurora
D. Amazon DynamoDB
Q166: Is this advisable to keep your Standby-Database instance in the same zone where your primary instance is running?
A. Yes, you can keep
B. Possible only for MySQL instance
C. No, not recommended for any kind of DB instance
D. Recommended only for MS-SQL instance
Q167: Can objects in S3 be delivered by Amazon CloudFront?
A. Yes, you can place any objects in S3 which CloudFront quickly delivers
B. CloudFront delivers only movie type objects
C. No, S3 cannot be integrated with CloudFront
D. Amazon VPC will deliver the objects
Q168: What you should do if you want to launch an EC2 instance with a pre-allocated private IP address?
A. Launch it in a Subnet Group
B. Launch the instance from a Private AMI
C. Assign EIP address to that instance
D. Launch that instance in AWS VPC cloud
Q169: Can you edit a Security Group (SG) rules when it is used by multiple EC2 instances? Will new rules apply to all previously running EC2 instances?
A. No, you cannot edit a SG when used by a EC2 instance
B. Yes, you can edit. Immediately apply to all instances.
C. You can edit only the Outbound rules
D. Only Outbound rules apply to all EC2 instances
Q170: Which of the following statements are true with Route 53?
A. Amazon Route 53 is a scalable and highly available Domain Name System (DNS)
B. Amazon Route 53 is fully compliant with IPv6 as well
C. Will automatically configure DNS settings for your domains
D. Route 53 provides low latency database service
Q171: What is a Virtual Private Cloud (VPC)?
A. VPC enables you to launch AWS resources into a virtual network
B. VPC is a virtual network dedicated to your AWS account
C. VPC is used to create domain name for your organization
D. VPC can also be connected to your own office data center
Q172: What is an Elastic IP?
A. There is no such IP. Only public & private IPs are valid.
B. Used in Elastic Load Balancing
C. An Elastic IP address is a static IPv4 address
D. An Elastic IP address is for use in a specific region only
Q173. _____________ is a fully managed in-memory data store service offered by Amazon Web Services (AWS)? A. Amazon Neptune
B. Amazon Redshift
C. Amazon ElastiCache
D. Amazon Aurora
Q174: In AWS which service is used to create Domain Name for their customers?
A. Amazon CloudWatch
B. Amazon Route53
C. Amazon CloudDomain
D. Amazon VPC
Q175: Which one is a valid statement regarding EBS-Volumes?
A. You can attach maximum of 5 volumes to an instance
B. You can attach multiple instances to one volume
C. You can attach multiple volumes to a single EC2 instance
D. You cannot attach a additional volume to an instan
Q176: Which one is a valid statement regarding EBS-Snapshots?
A. You can access Snapshots thru S3 APIs
B. You can store your Snapshots in a S3 BUCKET
C. Snapshots are available only thru EC2 instances
D. You can access your Snapshots thru VPC APIs
Q177: Which AWS Service you would use to transfer objects from your data center, when you are using Amazon CloudFront?
A. AWS CloudWatch
B. AWS SNS Service
C. AWS SMS Service
D. AWS Direct Connect
Q178: Which one is the valid scenario?
A. Creating PEERING connection to a VPC in a Different Region
B. Creating PEERING connection between VPCs in Same Region
C. Attaching VOLUME in one subnet/zone with EC2 instance in another subnet/zone
D. Keeping your primary db and secondary db in the same zone
Q179: How do you connect a VPC to your Office Datacenter?
A. By keeping AWS VPC and Office Datacenter in same IP range
B. Establishing VPN connection between VPC and Datacenter
C. Establishing a dedicated hotlink between VPC and Datacenter
D. You cannot connect VPC and your Datacenter
Q180: Choose the valid scenarios regarding VPC?
A. You can delete the Default VPC available in your region
B. VPC can span across multiple Availability Zones
C. Trying to launch an instance without having VPC in a region
D. Launching an instance onto a VPC created by you
Q181: How the EC2 instances inside a VPC directly access the internet?
A. With the help of instance’s Public IP
B. By attaching a Elastic IP to that instance
C. Internet Gateway enables the access to the internet
D. With the help of Route Table
Q182: Which one is the highly secured design?
A. Keeping both EC2 and Database instances in a public subnet
B. Keep EC2 in public subnet and Database in private subnet
C. Keep EC2 in public subnet and Database in a S3 bucket
D. Defining ANYWHERE in the DB security group INBOUND rule
Q183: Keeping your instance in a public subnet and database in a private subnet. What type of cloud deployment model is this?
A. Community Cloud
B. Private Cloud
C. Public Cloud
D. Hybrid Cloud
Q184: Which service distribute the contents from Edge Locations to the end users to reduce the latency?
A. Amazon CloudWatch
B. Amazon CloudTrail
C. Amazon CloudFront
D. Amazon PushData
Q185: I am a cloud web service used for hosting your application. Who am I?
A. AWS Route 53
B. AWS VPC
C. AWS S3
D. AWS EC2
Q186: You can add ________________ to your Auto Scaling group so that you can perform custom
C. Load Balancer
D. Lifecycle Hooks” open=”no” style=”default” icon=”plus” anchor=”” class=””] The answer is: D
Q187: What is Auto Scaling?
A. Accelerating VPC Speed
B. Creating/Terminating duplicate instances using Scale IN/OUT
C. Automating backup/restore service
D. None of the above
Q188:; You want complex querying capabilities but don’t want data warehouse. Which database service you would choose?
A. Amazon DynamoDB
B. Amazon Redshift
C. Amazon RDS
D. Amazon ElastiCache
Q189: What is an Availability Zone?
A. A Container where all your S3 buckets are stored
B. Denotes an Entire Region
C. A location inside a Region which is protected from failures
D. Collection of Regions
Q190: The cloud infrastructure is shared by several organizations and supports specific group that has shared concerns. Government departments, universities, central banks etc. often find this type of cloud useful. What kind of cloud deployment model is this?
A. Private Cloud
B. Hybrid Cloud
C. Community Cloud
D. Public Cloud
Q191: How many Buckets you can create in S3?
Q192: What is the maximum size of a S3 Bucket?
A. 3 Terabytes
B. 10 Terabytes
C. 5 Terabytes
D. 7 Terabytes
Q193: Which service of Amazon AWS is used to host a static website?
A. Amazon Simple Storage Service(S3)
B. Amazon CloudFront
C. Amazon Route53
D. Amazon CloudWatch
Q194: Which of the following is not a Part of Security groups?
A. List of Protocols
B. List of Users
D. IP Address
Q195: A data transport solution that accelerates moving terabytes to petabytes of data into and out of AWS using storage devices designed to be secure for physical transport. Name this solution.
A. Amazon EFS
B. Amazon S3
C. Amazon Glacier
D. Amazon Snowball
Q196: What type of IP address do you use for your CGW (Customer Gateway) address?
A. You will use PRIVATE IP address of your NAT device
B. You will use PUBLIC IP address of your NAT device
C. You will use ELASTIC IP address of your NAT device
D. You will use VPN
Q197: How many subnets you can have per VPC?
Q198: I have a REST API interface and uses secure HMAC-SHA1 authentication keys. I am also a data storage system. Who am I?
B. Elastic Block Store
Q199: I am a structured data store. I support indexing and data queries to both EC2 and S3. Who am I?
Q200: How many Elastic IP address can be associated with a single account?
D) None the above
Q201: After configuring ELB, you need to ensure that the user requests are always attached to a single instance. What setting can you use?
A) Session cookie
B) Cross one load balancing
C) Connection drainage
D) Sticky session
Q202: Which of the following metrics cannot have a cloud watch alarm?
A) EC2 instance status check failed
B) EC2 CPU utilization
C) RRS lost object
D) Auto scaling group CPU utilization
Q203: Which of the below mentioned service is provided by Cloud watch?
A) Monitor estimated AWS usage
B) Monitor EC2 log files
C) Monitor S3 storage
D) Monitor AWS calls using Cloud trail
Q204: Which of the following service provides the edge – storage or content delivery system that caches data at different locations?
A) Amazon RDS
B) Simple DB
C) Amazon Cloud Front
D) Amazon associates web services
Q205: What are the possible connection issues you can face while connecting to your instance?
A) Connection timed out
B) Server refused our key
C) No supported authentication methods available
D) All of the above
Q206: You are enabled sticky session with ELB. What does it do with your instance?
A) Routes all the requests to a single DNS
B) Binds the user session with a specific instance
C) Binds the user IP with a specific session
D) Provides a single ELB DNS for each IP address
Q207: Which is an email platform that provides an easy, cost effective way for you to send and receive email using your own email address and domains?
Q208: AWS Cloud Front has been configured to handle the customer requests to the web server launched in Linux machine. How many requests per second can Amazon Cloud Front handle?
D) There is no such limit
Q209: Which is virtual network interface that you can attach to an instance in a VPC?
A) Elastic IP
B) AWS Elastic Interface
C) Elastic Network Interface
D) AWS Network ACL
Q210: You have launched an instance in EC2-Classic and you want to make some change to the security group rule. How will these changes be effective?
A) Security group rules cannot be changed
B) Changes are automatically applied to all instances that are associated with the security group
C) Changes will be effective after rebooting the instance in that security group
D) Changes will be effective after 24-hours
Q211: Load Balancer and DNS service comes under which type of cloud service?
D) None of the above
Q212: You have an EC2 instance that has an unencrypted volume. You want to create another encrypted volume from this unencrypted volume. Which of the following steps can achieve this?
A) Just simply create a copy of the unencrypted volume, you will have the option to encrypt the volume.
B) Create a snapshot of the unencrypted volume and then while creating a volume from the snapshot you can encrypt it
C) Create a snapshot of the unencrypted volume (applying encryption parameters), copy the snapshot and create a volume from the copied snapshot
D) This is not possible, once a volume is unencrypted, there is no way to create an encrypted volume from this
Q213: Where does the user specify the maximum number of instances with the auto scaling commands?
A) Auto scaling Launch Config
B) Auto scaling group
C) Auto scaling policy
D) Auto scaling size
Q214: A user is aware that a huge download is occurring on his instance he has already set the auto scaling policy to increase the instance count when the network I/O increase beyond a certain limits how can the user ensure that this temporary event does not result in scaling
A) The network I/O are not affecting during data download
B) The policy cannot be set on the network I/O
C) There is no way the can stop scaling as it already configured
D) Suspend scaling
Q215: Which are the types of AMI provided by AWS?
A) EBS Backed
B) Instance Store backed
C) None its volume type and not AMI types
D) Both A and B
Q216: Name some cloud service providers for public & private cloud?
Public: Amazon web services, Microsoft Azure, Google Cloud, Oracle Cloud, Alibaba Cloud.
Private: Redhat-Openstack, Rackspace, VMware, IBM Private Cloud.
Q 217: What are all the different Instance categories based on pricing and explain them briefly?
On-demand Instances: On-demand instances are the virtual servers that are provisioned by AWS EC2 service at an hourly price basis.
Reserved Instances: Instances which are reserved for a time, 1 year or 3 years , is called reserved Instances. Hourly prices are reduced significantly compared to on-demand Instances with reservation.
Spot Instances: Spot Instances are the special instance category where you request the unused resources of EC2 from the datacenter for steep discounts. Spot prices are fixed by AWS EC2 and you need to bid the spot price more than the pricing of AWS EC2.
Q 218: I have some private servers on my premises, also I have distributed some of my workload on the public cloud, what is this architecture called?
Q219: What is the difference between S3 and Glacier storage?
S3 is a simple storage service, which is used to store and retrieve data. We can store any amount of data and any type of data. Data that we are storing here are referred as objects. Whereas the Glacier storage is an archival store which is used to store infrequently accessed data or cold data. Major use case of glacier is data archiving and backup.
Q 220: Name some Database engines available natively in RDS services?
Q 221: How can you automate resource provisioning in AWS?
We can use the native service tool called AWS Cloud Formation for automation. It is also a good option to consider the third-party tools like Ansible, Chef, Puppet etc. to automate the services.
Q 222: What is autoscaling & mentions some of its benefits?
Autoscaling is a service that automatically scales EC2 instance capacity out and in based on the criteria’s that we are going to set. Autoscaling benefits its use for dynamic workloads like web spikes, retail shop flash sales, ticket booking system on the vacations etc.,
Q 223: What is the difference between S3 availability & durability?
Availability and durability are closely related to each other, but they are not the same. Availability refers to the uptime of the service i.e.., S3 storage system’s uptime and can able to deliver the requests and data. Durability on the other hand, refers to the data that is stored should not suffer from degradation and corruption.
Q 224: Mention some important features of S3 buckets?
Static web hosting
Object lifecycle management
Q 225: What are all the measures that you take to protect the data in S3?
lists and pre-signed Encrypt the data using Server-Side Encryption or Client-Side Encryption.
Enable MFA delete to protect data against accidental deletion.
Usage of access control URL’s.
Q 226: What is Elastic IP address?
Elastic IP address(EIP) is a static, internet routable address that is managed by the AWS platform. Each Elastic IP address are assigned to the Instances from a Pool of IP address in each region. Charges are applied once you allocate the EIP address no matter whether you associate the IP to an Instance or not. When you release the allocated IP Address, EIP will to returned to the pool.
Q 227: You have a webserver running on an Amazon EC2 instances that is approaching 100% CPU utilization. Which option will reduce load on the Amazon EC2 instance and describe why?
We should create an Elastic load balancer with Autoscaling , and associate it with the EC2 instances. Layer 7 or Application layer Load balancers are used for this use case. ELB should be used because ELB can balance the incoming load across the EC2 resources.
Q 228: what is CloudWatch and mention what can we do with it?
CloudWatch is native service used to monitor our resources and applications in the AWS cloud. CloudWatch does this by collecting information in the form of logs, metrics and events from the resources that we provisioned in the AWS environment. We can define alarms, troubleshoot issues using logs to optimize our infrastructure using CloudWatch.
Q 229: How will you classify the cloud, based on the services?
We can classify the cloud computing platform into three types based on the services.
Infrastructure As A Service.
Platform As A Service.
Software As A Service.
Q 230: Name the messaging service available in AWS and point out a use case of it?
Simple Notification Services is a complete messaging service to deliver the messages end to end. It is shortly referred to as SNS. A real time use case would be a banking system where SNS will be sending a real time message (Email, SMS etc.,) to the end users who debits his account by withdrawing some amount of money.
Q 231: Your company wants to use AWS for their newly designed analytics platform. They have got around 20 TB of data In the on-premises. They want to construct an analytics platform in AWS with this 20 TB of data for analysis. Once analysis is done they want to archive this data for best backup and recovery. What are the services that best matches this use case and say why?
Redshift would be the proper analytics platform which AWS provides. For data storage S3 is the ideal option and once data analytics is done, data must get moved to glacier for backup & Archival system. To do this data migration from s3 to glacier wee need to setup a lifecycle management policy in S3 to get moved to glacier.
Q232: Your Relational database engine in AWS got crashes often when the traffic to your RDS instance is high. The Replica of the RDS instance is not promoted as master instance. What would you do to handle this situation ??
Under these circumstances, we need to choose a bigger RDS instance type for handling the huge amount of traffic. Creation of manual or automated snapshots is a must to recover from the disaster cases.
Q 233: There is a production DB server running in a EC2 Linux instance which has a ext4 formatted EBS volumes/disks attached. The database is about to run out of storage space. How can you address this problem?
First, we need to increase the EBS volumes level to a consistent amount in the AWS management console. Next step we should use resize2fs command to use the provisioned space in the Operating system level because an increase in the EBS volumes doesn’t guarantee the increase in the OS level. For this to happen we should consider increasing the provisioned space in the operating system level.
Q234: A company wants to migrate the on-premises servers to the AWS cloud platform. The company wants to estimate the cost of the machines that is going to get provisioned in the cloud. How would you proceed to determine the cost?
Perform a mapping of the on-premises server’s cores and RAM to the nearest machine types in the AWS Cloud. Then use the online AWS pricing calculator to estimate the cost of the machines in the AWS Cloud.
Q235: An XYZ company is using AWS services for the past one month for its production servers. They have established a VPN connectivity from on-premises to AWS with a single IPSEC tunnel. During peak production hours, servers are not reachable in the AWS Cloud due to network problem. How would you mitigate this problem with minimal cost?
Considering the cost factor, we should first consider increasing the number if IPSEC tunnels that are used for the secure connectivity to AWS. If the problem persists even after increasing the tunnels, consider the other options for better a network.
Q236: What is the Cloud Computing?
Practice of using a network of the remote servers, hosted on the Internet to store, manage, and process data,
Rather more than a local server or a personal computer is called Cloud Computing.
Companies offering the computing services are called “cloud providers” and typically charge for cloud.
Computing services based on the usage, similar to how you are billed for water or electricity at home.
E.g.: AWS, AZURE, IBM BLUEMIX, GOOGLE CLOUD
This cloud model is composed of the five essential characteristics, three service models and four deployment models.
The primary reasons for the moving to the cloud are: –
- It will never run out of the capacity, since it is a virtually infinite.
- You can access your cloud-based on applications from anywhere, you just need a device which can Connect to the Internet.
Q237: What is the merits of Cloud Computing?
- Totally free from Maintenance i.e., You do not have to maintain or administer any infrastructurefor the same.
- Lower Computing Cost.
- Improved Performance.
- Reduced Software Cost.
- Instant Software Updates.
- Unlimited Storage Capacity i.e., It will never run out of the capacity, since it is virtually infinite.
- Increased Data Reliability.
- Device Independence and the “always on! Anywhere and any of place” i.e., You can access your Cloud – based on applications from anywhere, you just need a device which can connect to the Internet.Cloud Computing is the fastest growing part of the network-based computing. It provides to tremendous.Benefits to customers of the all sizes: simple users, developers, enterprises and all types of organizations.
Q238: What are the Cloud Computing?
- Lower TCO.
- Reliability, Scalability & Sustainability.
- Secure Store Management.
- Low Capital Expenditure.
- Frees from Internal Resources.
- Utility Based.
- Easy & Agile Deployment.
- Device & Location Independent.
- 24 * 7 Support.
- Pay As You Use.
Q239: What are the top 10 advantages of Cloud Computing?
- Pay as you Go Model.” open=”no” style=”default” icon=”plus” anchor=”” class=””]
- Increased Mobility.
- Less or No CAPEX.
- High Availability.
- Easy to Manage.
- High Productivity.
- Environment Friendly.
- Less Deployment Time.
- Dynamic Scaling.
- Shared Resources.
Q240: What are the different layers (Service Models) of cloud computing?
Cloud computing consists of the 3 layers in the hierarchy and these are as follows:
- Infrastructure as a Service (IAAS) provides cloud infrastructure in terms of the hardware like memory, processor speed etc.
- Platform as a Service (PAAS) provides cloud applications platform for the developers.
- Software as a Service (SAAS) provides cloud applications which is used by the user directly without Installing anything on the system.
Q241: How do disable Password-Based Logins for the Root in Amazon EC2 Instance?
Using a fixed for the root password for a public AMI is a security risk that can be quickly become known. Even Relying on users to change the password after to the first login opens a small window of the opportunity for potential abuses.
Following are the steps to disable password-based on remote logins for the root users.
1.Open the /etc/ssh/sshd config file with an text editor and locate to the following line:
2.Change to the line to:
PermitRoot Login without-password.
Q242: How can I take an Snapshot of a RAID Array?
Problem – Take an snapshot excludes data held in the cache by the applications and the OS. This tends not to matter on a single volume, however using a multiple volumes in the RAID Array, this can be a problem due to inter dependencies of arrays.
Q243: What is the difference between Volume and Snapshot in the Amazon Web Services?
In Amazon Web Services, a Volume is durables, block level storage can device that can be attached to a singles EC2 instance. In plain words it is like an hard disk on which we can be write or read from.A Snapshot is created by copying the data of volume to the another location at a specific time. We can even replicate samen of Snapshot to multiple availability zones. So, Snapshot is the single point in time view of a volume. We can create an Snapshot only when we have a Volumes. Also, from a Snapshot we can create an Volumes. In AWS, we have to pay for the storage that is used by Volume as well as the one used by a Snapshots.
Q244: What happens if my application to stops responding to requests in beanstalk?
AWS Beanstalk applications have an system in place for avoiding to failures in the underlying infrastructures.
Q245: How to update AMI tools at the Boot Time?
AWS is recommends that your AMIs downloads and upgrade to the Amazon EC2 AMI creation tools during the startup. This ensures that a new AMIs based on your shared AMIs have to the
latest AMI tools.
Q246: How to update AMI tools at the Boot Time on linux?
# Update to Amazon EC2 AMI tools
echo ” + Updating EC2 AMI tools”
yum update -y aws-amitools-ec2
echo ” + Updated EC2 AMI tools”
Q247: How does AWS Lambda to handle failure during event processing?
In AWS Lambda we can run a function of synchronous or asynchronous modes. In synchronous mode, if AWS Lambda function is fails, then it will just give on the exception to the calling application. In asynchronous modes, if AWS Lambda function is fails then it will retry to the same function at least 3 times. If AWS Lambda is running in response to an event in the Amazon DynamoDB or Amazon Kinesis, then event will be retried till that Lambda function succeeds or the data expires. In DynamoDB or Kinesis, AWS maintains datas for at least 24 hours.
Q248: What are the Storage of classes of Amazon?
- Amazon S3
- Scalable Storage in Cloud
- Amazon EBS
- Block Storage for EC2
- AWS Elastic File System
- Managed File Storage for EC2
- Amazon Glacier
- Low-cost Achieve Storage in the
- AWS Storage Gateway
- Hybrid Storage Integration
- Amazon Snowball
- Petabyte-Scale Data Transport
- AWS Snowball Edge
- Petabyte-scale Data to Transport with
- On-Demand Compute
- AWS Snowmobile
- Exabyte-scale Data to Transport
Q249: How do Encryption is done in S3?
- In Transit: SSL/TLS
- At Rest
- Server-Side in Encryption
- S3 Managed Keys – SSE-S3
- AWS Key Management Service, Managed of Keys – SSE-KMS
- 6.Server-Side Encryption with Customer Provided Keys – SSE-C
- Client-Side Encryptions
Q250: How will do upload a file greater than 100 megabytes in Amazon S3?
Amazon S3 supports of storing objects or files up to 5 terabytes. To upload an file greater than 100 megabytes, we have to use of Multipart upload utility from AWS. By using Multipart upload we can upload an large file in multiple parts. Each part will be independently to be uploaded. It doesn’t matter in what order to each part is uploaded. It even to supports uploading these parts of parallel to decrease overall time. Once of all the parts are uploaded, this utility makes a these as one single objects or file from which the parts were do created.
Q251: What type of performance can you expect from Elastic Block Storage??
Performance of an elastic block storage varies i.e. it can go above the SLA performance level and after that drop below it. SLA provides an average disk I/O rate which can at times frustrate performance experts who yearn for reliable and consistent disk throughput on a server.
Q252: How to vertically scale on an Amazon Instance?
- Spin up a larger Amazon instance than the existing one.
- Pause the existing instances to remove the root EBS volume from the server and discard.
- stop the live running instance and detach its root volume.
- Make a note of the unique device ID and attach that root volume to the new server.
- Start the instance again.
Q253: What is the difference between Vertical & Horizontal Scaling?
The main difference between vertical and horizontal scaling is the way in which you add compute resources to your infrastructure. In vertical scaling more power is added to the existing machine while in horizontal scaling resources are added into system with the addition of more machines into the network so that the workload and processing is shared among multiple devices.
Q254: What are the states available in Processor State Control?
P-State- It has different levels starting from P0 to P15.
C-State- Its levels are from C0 to C6 where CG is the Strongest for the Processor.
Q255: How to transfer an existing domain name registration to Amazon Route53 without disrupting existing web traffic?
You will to get a list of the DNS record data for your domain name first, it is generally available in the form of a “zone file” that you can get from your existing DNS provider. Once you receive the DNS record data. You can use Route 53’s management console or simple web-services interfaces to create a hosted zone that will store your DNS records for your domain name and follow its transfer process. It also includes steps such as updating the name servers for your domain name to the ones associated with your hosted zone.
Q256: How is AWS Elastic Beanstalk different than AWS OpsWorks?
AWS Elastic Beanstalk is an application management platform while OpsWorks is configuration management platform Beanstalk is an easy to use service which Is used for deploying and scaling web applications developed with Java, .Net, PHP ,Node js.,Python, Ruby, Go and Dockers.
Q257: How can you safeguard EC2 instances running on a vpc?
AWS Security groups associated with EC2 instances can help you safeguard EC2 instances running in a vpc by providing security at the protocol and port access level. You can configure both INBOUND and OUTBOUND traffic to enables secured access for the EC2 instance. AWS security groups are much similar to a fire-wall-they contain set of rules which filter the traffic coming into and out of an EC2 instance.
Q258: How can S3 be cast-off with EC2 Instances?
It is possible to cast off with EC2 instances by using root approaches which have the backup of native occurrence storage. When a developer or a client is using Amazon S3 services, they have the capability to use extremely scalable and additionally fast. Dependable low priced data storage structures that are used by Amazon itself to track the worldwide network of its own websites.
Q250: Which platforms support CloudWatch logs Agent?
- Amazon Linux
- Red Hat Enterprise Linux
Q250: List out the retention period of all metrics?
- Any data points or high-resolution custom metrics with a spam of fewer than 60seconds are available for 3hours.
- Data Points with a Period of 60 seconds are available for 15days.
- Data points with a period with a period of 5minutes are available for 63days.
- Data points with a period of 1hour are available for 455 days or 15months.
Q250: What are the Different networking modes available in ECS?
There are four modes:
- 1st Mode Bridge
- 2nd mode Aws vpc
- 3rd mode host
- 4th mode none
Q259: What are the connectivity options for my vpc?
- The Internet (via an Internet gateway)
- Your corporate data center using a Hardware VPN connection (via the virtual private gateway)
- Both the Internet and your corporate data center
- Other AWS services (via Internet gateway, NAT, Virtual private gateway, or VPC endpoints)
- Other VPCs (via VPC peering connections)
Q260: Why can’t you ping the Router, Or My Default Gateway, That’s Connects My Subnets?
ping requests to the router in your VPC is not supported .Ping between Amazon EC2 instances within VPC is supported as long as your operating system’s firewalls, VPC security groups, and network ACL’s permit such traffic.
Q261: Can you Monitor The Network Traffic in your Vpc?
Yes, you can use the Amazon VPC Flow logs feature to monitor the network traffic in your VPC.
Q262: With in Which Amazon EC2 Regions is Amazon VPC Available?
Amazon VPC is currently available in multiple Availability Zones in all Amazon EC2 Regions.
Q262: When you call Describe volumes(),Do you see all of my Amazon Ebs volumes, Including Those in Ec2 classic And Ec2-vpc?
Yes, Describe Volumes() will return all your EBS volumes.
Q264: Difference between NAT Instances Gateway?
|NAT Gateway||NAT Instance|
|Highly available, NAT gateways in each Availability Zone are implemented with redundancy.||Use a script to manage failover between instances.|
|Can scale up to 45Gbps||Depends on the bandwidth of the instance type.|
|Managed by AWS, You do not need to perform any maintenance.||Managed by you, for example by installing software updates or operating system, patches on the instances.|
|Software is optimized for handling NAT traffic.||A generic Amazon Linux AMI thats configured to perform NAT.|
You will need to disable NAT-T on your device. If you don’t plan on using NAT-T and it is not disabled on your device, we will attempt to establish a tunnel over UDP port 4500, If that port is not open the tunnel will not establish.
Q265: How do I disable NAT-T on my connection?
Q266: Are there any bandwidth limitations for internet gateway?
Do you need to be concerned about its availability? Can it be a single point of failure?
No, An internet gateway is horizontally-scaled, redundant, and highly available .it imposes no bandwidth constraints.
Q267: if you peer vpc A to vpc B and I peer vpc B to vpc C, does that mean VPC’s A and C peer?
No, Transitive peering relationships are not supported.
Q268: What are the Amazon Route 53 Benefits?
- Highly Available and Reliable
- Designed to integrate with Other AWS Services
Q269: What are the AWS Route 53 Policies?
There are several types of routing policies. The below list provides the routing policies which are used by AWS Route53.
- Simple Routing
- Latency-based Routing
- Geolocation Routing
Q270: What is Amazon workspace Devices?
The basic idea behind Amazon Workspace’s is to access your desktop from anywhere, at any time from any device.
Q271: What are the Features Amazon Work Spaces Features?
- Amazon Workspace’s Bundles
- Allowing to bring your own licenses.
- Easy provisioning
- Persistent Storage
Q272: What are the Advantages of Amazon CloudWatch?
- One dashboard, Access all data
- Visibility on the complete infrastructure
- Improve total cost of ownership
- Insights from logs
- Optimize Applications and Resources
Q273: What is Database Engines in RDS?
There are six database engines which RDS provides, and they are:
- Amazon Aurora
- Postgre SQL
- Maria DB
- Oracle Database
- Microsoft SQL Server
Q274: What are the types of queues in SQS?
There are two types of queues in SQS, They are Follows;
Standard Queues: it is default queue type. It provides an unlimited number of transactions per second and at least once message delivery option.
FIFO Queues: FIFO queues are designed to ensure that the order of messages is received and sent is strictly preserved as in the exact order that they sent.
Q275: Explain the layers of cloud architecture?
We have five different types of layers available ,which are:
- SC-Storage controller
- CC-cluster controller
- NC –Node Controller
- CLC- Cloud Controller
Q276: How many AWS services are there in 2021?
The AWS server less Application repository is available in the AWS GovCloud (US-East) region. With this service, the availability of services is increases to a total of 18 AWS regions across North America, South America, the EU, and the Asia Pacific.
Q277: What are the most popular services in AWS?
- Amazon s3
- AWS Lambda
- Amazon Glacier
- Amazon EC2
- Amazon Cloud Front
- Amazon SNS
- Amazon EBS
- Amazon kinesis
- Amazon VPC
- Amazon SQ
Q278: Default number of roles you can assign for an IAM user?
Q279: How to implement security on a VPC setup?
Ans: A. Security groups
- Access Control List
- Subnet level restriction thru CIDR
Q280: Can you add multiple types of instances in the same target group?
Ans: Yes, manually adding them is possible
Q281: Can we associate multiple target groups under launch configuration of auto scaling groups?
Ans: No, instance type is defined in Launch configuration.
Q282: What is the maximum size of EBS that can be launched in AWS?
Q283: Can you monitor resources with Cloud Watch for multiple regions?
Ans: Yes, Cloud watch is not region-specific
Q284: Can you assign 2 IPs for a single EC2 instance?
Ans: Yes, primary and secondary IP is possible. Only when it is private IP.
Q285: What tools have you used for reporting bugs in the infra?
Ans: Cloud watch, SCOM, Nagios
Q286: Can you change the CPU of an instance which is already launched?
Ans: Yes, Vertical scaling method. Stop the instance, edit the instance type and relaunch again.
Q287: What happens when ELB goes down?What is the workaround for users to reach your servers?
Ans: The application server becomes unreachable to the end user thru Website.
Routing the traffic directly to the biggest EC2 instance will resume the operation. But load will increase on the instance, which will give us only a few hours until the server crashes. (Depends on the application and traffic too)
Q288: Have you worked on RDS?How to check permissions assigned/who can access the RDS?
Ans:- Thru IAM roles mostly.
Q289: How do you know if the AMI you use in EC2 is secure enough?
Ans: Organisations generally have golden standard AMIs with all the security applications available. Default once we need to configure the security
Q290: You lost your EC2 instance’s key pair. How will you connect it now?
Ans: Reset the key using EC2Rescue application or using AWS systems manager
Q291: What is the use of VPC flow logs?
Ans: More visibility on the Activities happening across the VPC network. Helps in troubleshooting
Q292: When will you use a D type instance?
Ans: Whenever a High-performance system requirement is present.
Q293: How can you switch between master and child accounts in AWS?
Ans: Thru AWS IAMs used alongside with AWS Organisation.
Q294: What will you do when an EC2 instance from your auto-scaling group fails /not responding to the end-user?
Ans: If the server is reachable and in good health, manually remove it from the autoscaling target group and troubleshoot it, while autoscaling spawns a new instance as a replacement.
Q295: How are EFS mounted in an autoscaled EC2 instance group?
Ans: Using the launch configuration, mentioning the file system.
Q296: What is Peer to Peer Gateway (Connection)?
Ans: Peer to Peer connection is used to establish a connection from One VPC to another VPC. It may be the same AWS account or a different AWS account.
Q297: By default AWS will reserve 5 IPs, what are those?
- 168.0.0 – Network IP
- 168.0.1 – AWS VPC Router IP
- 168.0.2 – a reserve for Amazon DNS
- 168.0.3 – reserved for AWS Future use
- 168.0.255 – Broadcast Address
Q298: How many VPC can be created under a single AWS account?
Ans: 5 VPC’s per account.
Q299: What is the difference between the RDS database and Dynamo DB?
Ans: RDS is SQL-based and Dynamo is non-SQL Based.
Q300: What is the difference between CANME and Alias in Route 53?
CNAME: it used map URL to URL. ( ex : myapp.mydomain.com –> another URL )
Alias: IT used to map AWS resources (ex: CDN, Load Balancer, S3 Website
Q301: What are instance types?
Ans: On-Demand instances, Reserve instances, Spot instances, Dedicated instances, Dedicated Hosts.
Q302: What are inbound and outbound?
Inbound –> it allows external users to access EC2.
Outbound –> it allows EC2 instances to access the Internet.
Q303: What are A and AAAA records stands for in Route 53?
Ans: A- is used for IPv4 address Record. AAAA – is used for IPv6 Record.
Q304: When you created in Domain some 3rd party, how do you map your AWS route 53 to 3rd party Domain?
Ans: we have to create a new public domain for our 3rd party in Route 53 and then have to map the new domain Name Servers to 3rd party.
Q305: What is Elastic IP Limit for an AWS Account?
Q306: Which region we have to choose for CDN Certificate?
Ans: US-EAST (N.Virginia)
Q307: What is the maximum object limit in S3?
Q308: What are AWS services which are not region specified?
Ans: IAM, S3, CDN
Q309: What is the storage type used for EC2?
Q310: How are EFS mounted in an autoscaled EC2 instance group?
Q311: Types of reserve instances?
Ans: Convertible and schedule-based.
Q3012: What are the placement groups?
Ans: cluster, partition, and spread
Q313: What is the instances limit for the spread placement group ?
Q314: What is ENI?
Ans: It is an additional network interface which can be attached to exiting Ec2.
Q315: What is the difference between Internet Gateway and NAT gateway?
Ans: Internet gateway: will transfer the packets bi-directionally (both end-user, as well EC2 can communicate to external)
NAT Gateway: will allow the only EC2 to communicate externally.
Q316: What are Route 53 policies?
Ans: Simple, weighted, Failover, latency, Geo , Multiple.
Q317: What is VPN?
Ans: VPN is used to connect private networks via VPN Connection
Q318: what is TTL stands in Route 53?
Ans: TTL: Time To Live is used to stick the DNS records for a specific time Frame ( It may be seconds or Minutes or days ).
Q319: Difference between Application and Network Load Balancer?
Ans: Application load balancer is using layer 7 protocols ( https, https ). The network Load balancer is using layer 4 Protocols ( TCP, UDP, TLS ) and it will use elastic Ip’s for each subnet.
Q320: What are Vertical scalability and Horizontal scalability?
Ans: Vertical scalability means we can increase compute family from one type to another type ( ex: t2.micro to t3.large)
Horizontal scalability means we can increase instances. ( we will specify minimum and maximum instances )
Q321: What is stickiness in Load Balancer?
Ans: it will route the traffic and hold the user for some specific time Frame. ( ex: stickiness: 10 Seconds, then it will hold for 10 seconds, then will route the traffic to next instance).
Q322: Types of Load Balancer?
Ans: Classic , Application, and Network.
Q323: What is Egress Internet gateway?
Ans: it is used for IPv6.
Q324: What is Network ACLS?
Ans: Network ACLs are like firewalls which used to control the traffic from Subnet Level
Q325: What are route Tables?
Ans: Route tables are used to establish a connection to a VPC or Subnet.
Q326: What are the edge areas?
Ans: The edge area is the region where the substance will be reserved. Thus, when a client is attempting to getting to any substance, the substance will consequently be looked in the edge area.
Q327: What is VPC?
Ans: VPC represents Virtual Private Cloud. It permits you to redo your systems administration arrangement. It is an organization that is consistently detached from another organization in the cloud. It permits you to have your IP address range, web doors, subnet, and security gatherings
Q328: Clarify snowball
Ans: Snowball is an information transport choice. It utilized source apparatuses to a lot of information into and out of AWS. With the assistance of snowball, you can move a monstrous measure of information starting with one spot then onto the next. It assists you with diminishing systems administration costs.
Q329: Discuss the estimating models for the Amazon EC2 case
Ans: This is one of the significant AWS inquiries for experienced posts. Peruse on to know more AWS inquiries questions and responds in due order regarding experienced/senior posts.
There are four sorts of evaluating models for Amazon EC2 occasions that are as per the following:
• On-request occasion – On-request evaluating or pay-more only as costs arise model permits you to pay just for the assets utilized till now. You should pay by second/hour for the assets utilized, contingent upon the cases. The on-request evaluating model is acceptable if the work hours are short and capricious as they don’t need any forthright installment.
• Reserved case – It is the best model to utilize in the event that you have an essential for your forthcoming prerequisites. Firms figure their future EC2 necessities and pay forthright to get a rebate of up to 75%. Saved cases will save figuring limit with respect to you, and you can utilize them any place required.
• Spot Instance – If some additional measure of processing limit is required quickly, one can decide on spot occurrences at up to a 90% markdown. The unused registering limit is sold at an intensely limited rate by means of the spot case evaluating model.
• Dedicated hosts – A client can save an actual EC2 worker by settling on the devoted hosts valuing model.
Q330: What is Amazon S3? Elaborate.
Ans: S3 (Simple Storage Service) gives adaptable article extra room to firms and IT experts. It is perhaps the soonest administration presented by AWS. The simple to-utilize web administrations interface of S3 permits clients to store and recover information from distant areas. S3 contains pails to store documents/information.
Clients make a pail in the S3 and name it as it is a general namespace. A HTTP 200 code is gotten on effective transferring of a document to the alloted S3 pail. A special name is given to each container to produce the DNS address (interesting).
You can likewise download the information from a pail in S3 and grant different clients to download it. The validation instrument of S3 helps in getting the information from any potential breaks.
Q331: Your association has chosen to move its business cycles to the public cloud. In any case, they need a portion of their data/information to be gotten to exclusively by the supervisory crew. The remainder of the assets will be divided between the representatives of the firm. You need to propose an appropriate cloud design for your firm alongside the explanation of decision.
Ans: I will recommend cross breed cloud design for my association. Crossover cloud design has the ideal mix of private and public mists. One can utilize the public cloud in the half and half engineering for the common assets in my firm. The classified assets must be imparted to the supervisory group utilizing a private cloud.
We can partake in the administrations of both private and public mists by introducing a half and half cloud design in our firm. Contingent upon the information security prerequisites, a cross breed cloud permits information to be gotten to at various levels in an association/firm. It will help our firm in reducing expenses over the long haul.
Q332: Clarify different sorts of cloud administration models to sum things up.
Ans: There are three sorts of cloud administrations models that are:
• IaaS – Infrastructure as a Service (IaaS) permits clients to get to virtual figuring assets with the assistance of the web. A specialist co-op has worker, stockpiling, equipment, and so on for the benefit of the clients by means of IaaS. IaaS stages offer high adaptability and can adjust as per the responsibility. IaaS suppliers likewise oversee undertakings of their clients like framework upkeep, reinforcement, strength, and so on
• PaaS – Platform as a Service (PaaS) helps specialist organizations to convey programming and equipment instruments to their clients. It is particularly utilized for the application advancement interaction, and one can get applications from the specialist organization through the web utilizing PaaS. Clients don’t need to possess in-house programming/equipment for application improvement/testing as they can do it with the assistance of PaaS.
• SaaS – Software as a Service (SaaS) is a generally sold model by specialist organizations for programming conveyance. On-request processing programming can be conveyed utilizing SaaS to the clients/clients. The SaaS model is liked as it is not difficult to regulate and oversee patches.
Q333: Depict RTO and RPO according to AWS's point of view?
Ans: RTO (Recovery Time Objective) alludes to the most extreme hanging tight an ideal opportunity for resumption of AWS administrations/tasks during a blackout/catastrophe. Because of unforeseen disappointment, firms need to hang tight for the recuperation cycle, and the greatest sitting tight an ideal opportunity for an association is characterized as the RTO. At the point when an association begins utilizing AWS, they need to set their RTO, which can likewise be known as a measurement. It characterizes the time firms can stand by during calamity recuperation of uses and business measures on AWS. Associations compute their RTO as a component of their BIA (Business Impact Analysis).
Like RTO, RPO (Recovery Point Objective) is additionally a business metric determined by a business as a component of its BIA. RPO characterizes the measure of information a firm can bear to lose during a blackout or fiasco. It is estimated in a specific time period inside the recuperation time frame. RPO additionally characterizes the recurrence of information reinforcement in a firm/association. For instance, assuming a firm uses AWS administrations and its RPO is 3 hours, it suggests that all its information/plate volumes will be upheld up like clockwork.
Q334: Clarify the auto-scaling highlight of EC2 alongside its advantages.
Ans: The auto-scaling highlight in AWS EC2 consequently increases the figuring limit as indicated by the need. It helps in keeping a consistent exhibition of business measures. Auto Scaling can assist with scaling different assets in AWS inside a couple of moments. Other than EC2, one can likewise decide to naturally scale other AWS assets and devices as and when required. The advantages of the EC2 auto-scaling highlight are as per the following:
• The auto-scaling highlight of AWS EC2 is not difficult to set up. The use levels of different assets can be found under a similar interface. You don’t need to move to various control center to check the usage level of different assets.
• The auto-scaling highlight is imaginative and robotizes the scaling measures. It additionally screens the reaction of different assets to changes and scales them consequently. Other than adding processing limit, the auto-scaling highlight likewise eliminates/diminishes the registering limit if necessary.
• Even if the responsibility is eccentric, the auto-scaling highlight streamlines the application execution. The ideal presentation level of an application is kept up with the assistance of auto-scaling.
Q335: What are S3 stockpiling classes, and clarify different sorts of S3 stockpiling classes?
Ans: S3 stockpiling classes are utilized for information uprightness and helping simultaneous information misfortune. Whatever object you store in S3 will be related with a particular stockpiling class. It is likewise engaged with keeping up with the article lifecycle that aides in programmed movement and along these lines saves cost. The four kinds of S3 stockpiling classes are as per the following:
• S3 Standard – The information is copied and put away across different gadgets in different offices through the S3 standard stockpiling class. A deficiency of a limit of 2 offices all the while can be adapted up through the S3 standard. With its low dormancy and high throughput, it gives expanded solidness and accessibility.
• S3 Standard IA – ‘S3 Standard Infrequently Accessed’ is utilized for conditions when information isn’t gotten to routinely, however it ought to be quick when there is a need to get to information. Like S3 Standard, it can likewise support the deficiency of information at a limit of 2 offices simultaneously.
• S3 One Zone Infrequent Access – Many of its highlights are like that of S3 Standard IA. The essential distinction between S3 one zone rare access and the remainder of the capacity class is that its accessibility is low, i.e., 99.5%. The accessibility of S3 standard and standard IA is 99.99%.
• S3 Glacier – S3 glacial mass gives the least expensive stockpiling class when contrasted with other capacity classes. One can utilize the information put away in the S3 ice sheet for the file as it were.
Q336: Assume your firm is facilitating an application on AWS that assists clients with delivering pictures and perform general calculation undertakings. Your company's supervisory crew has proposed utilizing an application load balancer for directing the approaching traffic on the facilitated application. Clarify how an application load balancer is a decent decision for directing the approaching traffic?
Ans: This inquiry is an illustration of situation based AWS inquiries questions. Other than having hypothetical information, an applicant ought to likewise think about the business uses and working of different AWS administrations.
The client’s solicitations with respect to picture delivering can be coordinated to the picture delivering workers just, while the overall figuring clients can be coordinated to the registering workers. This will help in adjusting the heap on different workers and getting to them when required.
Q337: What is an arrangement in AWS? Clarify different sorts of AWS approaches in a word.
Ans: A strategy is an item in AWS that is related with a separate asset and characterizes if the client demand is to be allowed. The six distinct kinds of approaches in AWS are as per the following:
• Identity-based arrangements – These strategies are worried about a personality client, various clients, or a specific job. Character based approaches store consents in the JSON design. They are likewise additionally partitioned into overseen and inline approaches.
• Resource-based approaches – The arrangements that are worried about assets in AWS are called asset-based strategies. An illustration of an asset in AWS is the S3 pail.
• Permissions limits – Permissions limits characterize the most extreme number of authorizations that can be allowed to an article
Q338: Clarify exhaustively about AWS VPC.
Ans: Amazon VPC (Virtual Private Cloud) allows a client to dispatch AWS assets into a virtual organization characterized by the client as it were. Since the client characterizes the virtual organization, different parts of the virtual organization can be constrained by the client, as subnet creation, IP address, and so on
Firms can introduce a virtual organization inside their association and utilize all the AWS benefits for that organization. Clients can likewise make a directing table for their virtual organization utilizing VPC. A steering table is a bunch of decides that characterizes the bearing of the approaching traffic.
The correspondence between your virtual organization and the web can likewise be set up utilizing the web door offered by AWS VPC. One can get to the VPC offered by Amazon by means of different interfaces that are AWS the board console, AWS CLI (Command Line Interface), AWS SDKs, and Query API. Clients can pay for extra VPC segments whenever required like NAT door, traffic reflecting, private connection, and so on
Q339: You have as of late relegated different EC2 cases for your business site across various accessibility zones. Since your site plays out an enormous number of perusing/compose activities each moment, you have likewise utilized a Multi-AZ RDS DB occasion (extra-huge). It was going easily according to your arrangements until you found read conflict on RDS MySQL. How are you going to address this issue for upgrading the exhibition of your site?
Ans: This inquiry is one of the conspicuous specialized AWS inquiries questions inquired. Other than thinking about the cloud organization administrations of AWS, competitors ought to likewise zero in on information base administrations offered by Amazon.
I will introduce/send ElastiCache in the different accessibility zones of EC2 examples. Sending ElastiCache in the memory reserve of various accessibility zones will make a stored adaptation of my site in different zones. RDS MySQL read copy will then, at that point be added to every accessibility zone for quicker execution of the site. Since the ‘RDS MySQL read imitation’ is added to every accessibility zone, it won’t further load on the RDS MySQL case, hence tackling the read dispute issue. Clients can likewise get to my site rapidly in different accessibility zones as a reserved adaptation is made in each zone.
Q340: Your firm needs to interface the server farm of its association to the Amazon cloud climate for quicker availability and execution. What strategy will you recommend for the expressed situation?
Ans: AWS information engineer inquiries can be posed if an up-and-comer is applying for information researcher/engineer. The server farm of my firm can be associated with the Amazon cloud climate with the assistance of VPC (Virtual Private Cloud). I would recommend my firm set up a virtual private organize and afterward interface VPC and the server farm. My firm would then be able to dispatch AWS assets in the virtual private organization utilizing VPC. A virtual private organization will build up a protected association between the association’s server farm and the AWS worldwide organization. Adding cloud administrations to our association will assist us with doing less time while effectively cutting expenses over the long haul.
I would likewise recommend making numerous reinforcements of the organization information prior to moving it effectively to the cloud. AWS offers moderate reinforcement plans, and one can likewise computerize reinforcements after a fixed stretch.
Q341: Clarify different kinds of versatile burden balancers in AWS.
Ans: Flexible burden adjusting in AWS upholds three distinct kinds of burden balancers. The heap balancers are utilized to course the approaching traffic in AWS. The three kinds of burden balancers in AWS are as per the following:
• Application load balancer – The application load balancer is worried about the directing choices made at the application layer. It does way based directing at the HTTP/HTTPS (layer 7). It additionally helps in steering solicitations to different holder occasions. You can highway a solicitation to more than one port in the compartment occasions utilizing the application load balancer.
• Network load balancer – The organization load balancer is worried about steering choices made at the vehicle layer (SSL/TCP). It utilizes a stream hash directing calculation to decide the objective on the port from the gathering of targets. When the objective is chosen, a TCP association is set up with the picked target dependent on the audience setup that is known.
• Classic burden balancer – An exemplary burden balancer can settle on either the application layer or the vehicle layer. One can plan a heap balancer port to just a single holder case (fixed planning) through the exemplary burden balancer.
Q342: What do you think about NAT doors in AWS?
Ans: NAT (Network Address Translation) is an AWS administration that aides in interfacing an EC2 occurrence to the web. The EC2 occasion utilized by means of NAT ought to be in a private subnet. The web as well as help in associating an EC2 case to other AWS administrations.
Since we are utilizing the EC2 occasion in a private subnet, associating with the web through some other means would disclose it. NAT helps in holding the private subnet while setting up an association between the EC2 example and the web. Clients can make NAT entryways or NAT occasions for setting up an association between EC2 examples and web/AWS administrations.
NAT cases are single EC2 occasions, while NAT entryways can be utilized across different accessibility zones. In the event that you are making a NAT occurrence, it’s anything but a fixed measure of traffic chose by the example’s size.
Q343: What is AMI?
Ans: AMI represents Amazon Machine Image. It’s a layout that gives the data (a working framework, an application worker, and applications) needed to dispatch an occasion, which is a duplicate of the AMI running as a virtual worker in the cloud. You can dispatch occurrences from as a wide range of AMIs as you need.
Q344: Notice what the connection between an occasion and AMI is?
Ans: From a solitary AMI, you can dispatch various kinds of occasions. A case type characterizes the equipment of the host PC utilized for your occasion. Each occasion type gives diverse PC and memory capacities. When you dispatch an example, it’s anything but a customary host, and we can collaborate with it as we would with any PC.
Q345: What does an AMI incorporate?
Ans: An AMI incorporates the accompanying things
• A format for the root volume for the example
• Launch authorizations choose which AWS records can benefit the AMI to dispatch occasions
• A block gadget planning that decides the volumes to join to the occasion when it is dispatched
Q346: How might you send a solicitation to Amazon S3?
Ans: Amazon S3 is a REST administration, and you can send a solicitation by utilizing the REST API or the AWS SDK covering libraries that wrap the basic Amazon S3 REST API.
Q347: What number of containers would you be able to make in AWS as a matter of course?
Ans: Of course, you can make up to 100 cans in every one of your AWS accounts.
Q348: Clarify can you in an upward direction scale an Amazon case? How?
Ans: Indeed, you can upward scale on the Amazon occurrence. For that
• Spin up another bigger case than the one you are right now running
• Pause that occasion and disconnect the root networks volume from the worker and dispose of
• Then stop your live example and segregate its root volume
• Note the novel gadget ID and append that root volume to your new worker
• And start it once more
Q349: Clarify what T2 cases is?
Ans: T2 examples are intended to give moderate pattern execution and the capacity to blast to better as needed by the responsibility.
Q350: In VPC with private and public subnets, data set workers ought to preferably be dispatched into which subnet?
Ans: With private and public subnets in VPC, information base workers ought to in a perfect world dispatch into private subnets.
Q351: Notice what the security best practices for Amazon EC2 are?
Ans: For secure Amazon EC2 best practices, follow the accompanying advances
• Use AWS character and access the board to control admittance to your AWS assets
• Restrict access by permitting just confided in hosts or organizations to get to ports on your example
• Review the standards in your security bunches consistently
• Only open up consents that you require
• Disable secret word based login, for instance, dispatched from your AMI
Q352: Clarify how the cushion is utilized in Amazon web administrations?
Ans: The cushion is utilized to make the framework more strong to oversee traffic or burden by synchronizing various parts. Typically, segments get and measure the solicitations in an uneven manner. With the assistance of a support, the parts will be adjusted and will work at similar speed to offer quicker types of assistance.
Q353: While interfacing with your case what are the conceivable association issues one may confront?
Ans: The conceivable association blunders one may experience while interfacing occurrences are
• Connection planned out
• User key not perceived by the worker
• Host key not discovered, consent denied
• An unprotected private key document
• The worker rejected our key or No upheld validation strategy accessible
• Error utilizing MindTerm on Safari Browser
• Error utilizing Mac OS X RDP Client
Q354: What are the critical matches in AWS?
Ans: Key sets are secure login data for your virtual machines. To associate with the occasions, you can utilize key matches that contain a public-key and private-key.
Q355: What are the various kinds of occasions?
Ans: Following are the sorts of occurrences:
What NOT to do
• Computer Optimized
• Storage Optimized
• Accelerated Computing
Q356: Is the property of transmission or multicast upheld by Amazon VPC?
Ans: No, right now Amazon VPI doesn’t offer help for broadcast or multicast.
Q357: What number of Elastic IPs permit you to make by AWS?
Ans: 5 VPC Elastic IP addresses are considered each AWS account.
Q358: Clarify default stockpiling class in S3
Ans: The default stockpiling class is a Standard oftentimes got to.
Q359: What are the Roles?
Ans: Jobs are accustomed to giving consents to elements that you can trust inside your AWS account. Jobs are basically the same as clients. Nonetheless, with jobs, you don’t need to make any username and secret key to work with the assets.
Q360: What is a redshift?
Ans: Redshift is a major information stockroom item. It is a quick and incredible, completely oversaw information stockroom administration in the cloud.
Q361: What are the benefits of auto-scaling?
Ans: Following are the benefits of autoscaling
• Offers adaptation to internal failure
• Better accessibility
• Better cost the board
Q362: What is implied by subnet?
Ans: A huge part of IP Addresses partitioned into pieces is known as subnets.
Q363: Would you be able to set up a Peering association with a VPC in an alternate district?
Ans: Indeed, we can build up a peering association with a VPC in an alternate area. It is called between district VPC peering association.
Q364: What is SQS?
Ans: Basic Queue Service is otherwise called SQS. It is appropriated lining administration which goes about as a middle person for two regulators.
Q365: What number of subnets would you be able to have per VPC?
Ans: You can have 200 subnets per VPC.
Hope the above 300+ AWS Interview Questions with Answers will help you in Cracking AWS Interviews. We will keep updating the Latest AWS interview questions on this Page.