AWS Interview Questions and Answers
AWS Interview Questions and Answers
Q5). What are the basic structures of the Amazon EC2 service?
As the Amazon EC2 service is a cloud facility, so it has entirely all the cloud features. Amazon EC2 delivers the
subsequent features:
Virtual computing atmosphere (popular as instances)
Pre-configured patterns
Amazon Machine Images
Q12). How would you safeguard your EC2 instances while running it in a VPC?
Security Groups can be utilized to safeguard your EC2 instances in a VPC. We can arrange both INBOUND and
OUTBOUND movement in a Security Group which empowers anchored access to your EC2 occurrences.
Q14). How will you monitor the network traffic in your AWS VPC?
We can do it by using Amazon VPC Flow-Logs feature that is available in your VPC itself.
Q15). What is the total number of buckets that can be created in AWS by default?
100 buckets can be made in every one of the AWS accounts. If extra buckets are required then you can
increment the bucket limit by presenting a service limit increase.
Q16). What would you suggest should be the instance’s tenancy attribute for running it on single-tenant
hardware in AWS environment?
The instance tenancy attribute must be set to a devoted case and different types of values probably won’t be
fitting for this activity.
Q17). What parameters will you take into consideration when choosing the availability zone?
Execution, valuing, idleness, and reaction time are some of the variables to think about while choosing the
accessibility zone in AWS.
Q18). If I’m using Amazon CloudFront, can I use Direct Connect to transfer objects from my own data-
center?
Yes. Amazon CloudFront bolsters custom inceptions including starting points from outside of AWS. With AWS
Direct Connect, you will be accused of the separate information exchange rates.
Q19). Imagine that you are launching an instance under the free usage tier from AMI having a snapshot size
of 50GB. How are you going to launch the instance under the free usage tier?
It is not possible to launch this particular instance under the free usage tier.
3
Q20). Name the AWS service exists only to superfluously cache data and images?
AWS Edge locations are the AWS services which superfluously cache data and images.
Q26). Explain How You Would Simulate Perimeter Security Using The Amazon Web Services Model?
Traditional perimeter security that we’re now acquainted with utilizing firewalls etc. isn’t upheld in the
Amazon EC2 world. AWS underpins security gatherings. One can make a security bunch for a hop box with ssh
gets to – just port 22 open. From that point, a web server gathering and database bunch are made. The web
server bunch permits 80 and 443 from the world, yet port 22 *only* from the hop box gathering.
Further, the database bunch permits port 3306 from the web server gathering and port 22 from the hop box
gathering. Add any machines to the web server gathering, and they would all be able to hit the database.
Nobody from the world can, and nobody can straightforwardly ssh to any of your cases.
Q32). Describe Amazon Machine Image, and what is the connection between Instance and AMI?
Amazon Web Services offers numerous ways to contact Amazon EC2, like the web-based border, AWS
Command Line Interface CLI as well as Amazon Tools for Windows Power Shell. Initially, you are required to
sign up for an AWS version, and you can contact Amazon EC2. Amazon EC2 offers a Query API. These
requirements are HTTP or HTTPS requirements that practice the HTTP verbs GET or POST and a Query
constraint called Action.
Q34). Are you aware of the Security Group in Amazon EC2? Explain a little bit about it.
Security groups in Amazon EC2 are one of the routes through which the security of the cloud organize is
ensured. They go about as a firewall and are utilized for controlling both the inbound just as outbound traffic
at the dimension of the instance.
Q37). Which virtual network interface would you use to attach to an instance in a VPC?
Elastic Network Interface
Q42). Which instance will you use for deploying a 4-node Hadoop cluster in AWS?
We can utilize a c4.8x large instance or i2. large for this, yet utilizing a c4.8x will require a superior
configuration on PC.
Q43). How can you bind a user session with the specific instance in ELB (Elastic Load Balancer)?
This can be easily achieved by permitting Sticky Session.
Q44). What will happen if you erase a peering connection in your side?
The peering connection accessible in the opposite side would likewise get erased. There will be no more
activity streaming.
Q52). What is the pre-requisite to work with Cross region replication in S3?
You have to empower forming on both source container and goal to work with cross-district replication.
Additionally, both the source and destination bucket ought to be in a different region.
6
Q53). Can S3 be cast-off with EC2 instances, in case of “Yes” please specify How?
Yes, it can be cast-off for instances with root approaches backed by native occurrence storage. By using
Amazon S3, developers have access to the similar extremely scalable, dependable, fast, low-priced data
storage substructure that Amazon uses to track its own worldwide network of websites. To perform systems in
the Amazon EC2 atmosphere, developers use the tools providing to load their Amazon Machine Images (AMIs)
into Amazon S3 and to transfer them between Amazon S3 and Amazon EC2. An additional use case might be
for websites hosted on EC2 to load their stationary content from S3.
Q54). Where do you think an AMI fits, when you are designing an architecture for a solution?
AMIs(Amazon Machine Images) resemble formats of virtual machines, and an instance is derived from an AMI.
AWS offers pre-built AMIs which you can pick while you are propelling a case, some AMIs are not free,like this
can be purchased from the AWS Marketplace. You can likewise make your own custom AMI which would
enable you to spare space on AWS. For instance, on the off chance that you needn’t bother with a lot of
programming on your establishment, you can modify your AMI to do that. This makes it cost effective since
you are evacuating the undesirable things.
Q60). Suggest the possible connection issues that you may encounter when connecting to an EC2 instance?
Unprotected private key file
Server refused key
Connection timed out
No supported authentication method available
Host key not found, permission denied.
User key not recognized by the server, permission denied.
Q61). Are you allowed to run multiple websites on an EC2 server while using a single IP address?
Yes, but to do that more than one elastic IP is required.
Q62). Explain what happens when you reboot a running EC2 instance?
Rebooting a running EC2 instance is just similar to rebooting a PC. You will not return to the image’s original
state, but, the contents of your hard disk are going to remain the same.
7
Q66). Mention the process in which a hardware VPN connection turns work with Amazon VPC?
The virtual private cloud is associated with the server farm with the assistance of an equipment VPN
association. Web convention security VPN associations are upheld by Amazon. To assistant the uprightness
and privacy of any information which is in travel, this information is exchanged between the VPN and the
server farms are directed over a scrambled VPN association. To set up an equipment VPN association, you
needn’t bother with the accessibility of an Internet passage.
Q70). How to Disable Password-based Logins for Root in Amazon Ec2 Instance?
Utilizing a fixed root secret key for an open AMI is a security chance that can rapidly become known. Not with
standing depending on clients to change the password after the first login opens a lucky little opening for
potential maltreatment.