1

AWS Interview questions and answers

For any AWS professionals who are looking to attend an interview based on AWS anytime soon, here are some
of the most popular interview questions and answers that might come your way in your interview.
Q1). What is Cloud Computing?
Cloud is like a third-party server where we can store data big data, no hardware software needed, if you have
internet you can work from anywhere just like Gmail. E.g.- Gmail, you go to the browser type Gmail and enters
credentials and can access it from anywhere.

Q2). What are the attributes of Cloud Computing?

Here are a few attributes of Cloud Computing-
 Multi-tenant
 Subscription
 No large setup fee
 Fixed, predictable cost
 Scales with your business
 Automatic Upgrade

Q3). Why go, cloud-based?

Here are the reasons why you should consider cloud computing as a developer. A cloud system takes care of
your Network, storage approach, Operating System, database, etc. infrastructure related services all by itself
and you need not bother. It helps you weave up quick applications that itself takes care of Security, sharing of
the apps, integration models, etc. you get inbuilt in cloud apps.

Q4). Describe the definition of AWS?

AWS means the Amazon Web Service; it is a gathering of remote computing facilities also identified as cloud
computing stage. This new-fangled dominion of cloud computing is also recognized as IaaS, which means
Infrastructure as a Service.

Q5). What are the basic structures of the Amazon EC2 service?
As the Amazon EC2 service is a cloud facility, so it has entirely all the cloud features. Amazon EC2 delivers the
subsequent features:
 Virtual computing atmosphere (popular as instances)
 Pre-configured patterns
 Amazon Machine Images

Q6). Define regions and availability zones in Amazon EC2.

Being such a mammoth in the business, usually, information that Amazon EC2 uses is facilitated in various
areas over the world. These overall areas are ordered as far as accessibility zones as well as regions

Q7). What is Amazon EC2 Root Device Volume?

When you dispatch an instance, the root device volume has the picture that was utilized to boot up the case in
any case.
Q8). What are the main components of AWS?
Below mentioned are the key components of AWS:
 Route 53: A DNS web facility
 Easy E-mail Facility: It permits the transfer of e-mail using RESTFUL API demand or through consistent
SMTP
 Self and Access Organization: It offers improved security and uniqueness management for your AWS
account
 Simple Storage Device known as S3: It is a storing device and the greatest extensively used AWS service
 Elastic Compute Cloud is known as EC2: It offers on-demand computing properties for hosting requests.
It is very valuable in case of random workloads
 Elastic Block Store known as EBS: It delivers determined storage volumes that assign to EC2 to permit
you to continue data past the lifetime of a single EC2
 CloudWatch: To screen AWS possessions, it permits administrators to assess and gather key. Similarly,
one can set an announcement alarm in case of an issue
 2

Q9). Explain in detail the function of Amazon Machine Image (AMI)?

An Amazon Machine Image AMI is a pattern that comprises a software conformation (for instance, an
operating system, a request server, and applications). From an AMI, we present an example, which is a
duplicate of the AMI successively as a virtual server in the cloud. We can even offer plentiful examples of an
AMI.

Q10). What is the connection between Instance and AMI?

We can launch diverse types of occurrences from a lone AMI. An example type basically controls the hardware
of the host processor used for your example. Each occurrence type offers dissimilar calculate and memory
competences. After we introduce an instance, it looks like an old-style host, and we can interrelate with it as
we would do with any mainframe. We have comprehensive control of our examples; we can make usage
pseudo to run instructions that need root rights.

Q11). Describe storage for Amazon EC2 occurrence.

Amazon EC2 offers numerous data storage choices for your occurrences. Each choice has an exclusive mixture
of presentation and sturdiness. These storages can be used self-sufficiently or in grouping to suit your
necessities.
There are chiefly four types of storage offered by AWS.
 Amazon EBS
 Amazon EC2 Instance store
 Amazon S3
 Addition Storgae

Q12). How would you safeguard your EC2 instances while running it in a VPC?
Security Groups can be utilized to safeguard your EC2 instances in a VPC. We can arrange both INBOUND and
OUTBOUND movement in a Security Group which empowers anchored access to your EC2 occurrences.

Q13). How many EC2 instances can you use in a VPC?

You are limited to 20 EC2. However, the maximum VPC size is 65,536 instances.

Q14). How will you monitor the network traffic in your AWS VPC?
We can do it by using Amazon VPC Flow-Logs feature that is available in your VPC itself.

Q15). What is the total number of buckets that can be created in AWS by default?
100 buckets can be made in every one of the AWS accounts. If extra buckets are required then you can
increment the bucket limit by presenting a service limit increase.

Q16). What would you suggest should be the instance’s tenancy attribute for running it on single-tenant
hardware in AWS environment?
The instance tenancy attribute must be set to a devoted case and different types of values probably won’t be
fitting for this activity.

Q17). What parameters will you take into consideration when choosing the availability zone?
Execution, valuing, idleness, and reaction time are some of the variables to think about while choosing the
accessibility zone in AWS.

Q18). If I’m using Amazon CloudFront, can I use Direct Connect to transfer objects from my own data-
center?
Yes. Amazon CloudFront bolsters custom inceptions including starting points from outside of AWS. With AWS
Direct Connect, you will be accused of the separate information exchange rates.

Q19). Imagine that you are launching an instance under the free usage tier from AMI having a snapshot size
of 50GB. How are you going to launch the instance under the free usage tier?
It is not possible to launch this particular instance under the free usage tier.
 3

Q20). Name the AWS service exists only to superfluously cache data and images?
AWS Edge locations are the AWS services which superfluously cache data and images.

Q21). What is Geo Restriction in CloudFront?

A Geo-restriction feature causes you to keep clients of explicit geographic areas from getting to content which
you’re conveying through a CloudFront web circulation.

Q22). What is Amazon EMR?

EMR is a survived cluster stage that encourages you to translate the working of information structures before
the implication. Apache Hadoop and Apache Spark on the Amazon Web Services causes you to research a lot
of information. You can get ready information for the exam objectives and showcasing insightfulness
outstanding tasks at hand utilizing Apache Hive and utilizing other applicable open source plans.

Q23). What is multi-AZ RDS?

Multi-AZ (Availability Zone) RDS enables you to have a copy of your generation database in another
accessibility zone. Multi-AZ (Availability Zone) database is utilized for calamity recuperation. You will have a
precise of your database. So when your essential database goes down, your application will consequently
failover to the backup database.

Q24). What are security groups?

Security groups go about as a firewall that contains the traffic for at least one examples. You can relate at least
one security gatherings to your occasions when you dispatch at that point. You can add guidelines to every
security bunch that enables traffic to and from its related examples. You can alter the guidelines of a security
bunch whenever the new standards are naturally and promptly connected to every one of the occasions that
are related to the security group.

Q25). What Is Configuration Management?

Configuration management has been around for quite a while in web tasks and frameworks organization.
However, its social ubiquity has been constrained. Most frameworks head design machines as programming
were created before adaptation control – that is physically making changes on servers. Every server can look at
that point and for the most part, is somewhat extraordinary. Investigating, however, is clear as you log in to
the crate and work on it legitimately. Setup the executives brings a huge robotization instrument in the image,
overseeing servers like strings of a manikin. This powers institutionalization, best practices, and reproducibility
as all configs are formed and oversaw. It likewise presents another method for working, which is the greatest
obstacle to its reception.

Q26). Explain How You Would Simulate Perimeter Security Using The Amazon Web Services Model?
Traditional perimeter security that we’re now acquainted with utilizing firewalls etc. isn’t upheld in the
Amazon EC2 world. AWS underpins security gatherings. One can make a security bunch for a hop box with ssh
gets to – just port 22 open. From that point, a web server gathering and database bunch are made. The web
server bunch permits 80 and 443 from the world, yet port 22 *only* from the hop box gathering.
Further, the database bunch permits port 3306 from the web server gathering and port 22 from the hop box
gathering. Add any machines to the web server gathering, and they would all be able to hit the database.
Nobody from the world can, and nobody can straightforwardly ssh to any of your cases.

Q27). How to Use Amazon Sqs?

Amazon SQS (Simple Queue Service) is a message passing system that is utilized for correspondence between
various connectors that are associated with one another. It likewise goes about as a communicator between
different segments of Amazon. It keeps all the distinctive utilitarian segments together. This usefulness causes
various parts to be inexactly coupled, and give engineering that is more failure resilient system.

Q28). What do you mean by classic link?

The Amazon virtual private cloud classic link will allow EC2 examples in the EC2 great stage. This happens so it can speak with the
occasions that are available in the virtual private cloud. The correspondence happens with the assistance of private IP addresses. To utilize
a great connection, it is significant that you empower it to for virtual private cloud in your record. At that point, you should relate a
security bunch with a case in the EC2 great. This security bunch is from the VPC for which you empowered the great connection in your
record. Every single principle that is there for the VPC security bunch is relevant for the correspondences between the examples in EC2
exemplary and those cases in the VPC.
 4

Q29). What is AWS Lambada?

Lambda is an event-driven stage. It is a process benefit that runs code in light of occasions and consequently
deals with the computer assets required by that code

Q30). If my AWS Direct Connect flops, will I lose my connection?

If a gridlock AWS Direct connects has been arranged, in the occasion of a let-down it will change over to the
second one. It is optional to permit Bidirectional Forwarding Detection (BFD) when arranging your influences
to safeguard faster recognition and failover. On the other hand, if you have organized a backup IPsec VPN
joining as an alternative, all VPC traffic will failover to the backup VPN connection routinely.

Q31). Can I connect my corporate data center to the Amazon Cloud?

Yes, you can do this by setting up a VPN(Virtual Private Network) association between your organization’s
system and your VPC (Virtual Private Cloud), this will enable you to collaborate with your EC2 occasions as
though they were inside your current system.

Q32). Describe Amazon Machine Image, and what is the connection between Instance and AMI?
Amazon Web Services offers numerous ways to contact Amazon EC2, like the web-based border, AWS
Command Line Interface CLI as well as Amazon Tools for Windows Power Shell. Initially, you are required to
sign up for an AWS version, and you can contact Amazon EC2. Amazon EC2 offers a Query API. These
requirements are HTTP or HTTPS requirements that practice the HTTP verbs GET or POST and a Query
constraint called Action.

Q33). What are two types of AMIs or Amazon Machine Images?

There are two kinds of AMIs or Amazon Machine Images that are accessible:
 EBS based storage
 Instance store-backed AMI

Q34). Are you aware of the Security Group in Amazon EC2? Explain a little bit about it.
Security groups in Amazon EC2 are one of the routes through which the security of the cloud organize is
ensured. They go about as a firewall and are utilized for controlling both the inbound just as outbound traffic
at the dimension of the instance.

Q35). What are Amazon EBS-Optimized instances?

Amazon EBS streamlined occasions to guarantee that the Amazon EC2 case is set up to exploit the I/O of the
Amazon EBS Volume. An Amazon EBS-improved occasion utilizes a streamlined setup stack and gives the extra
devoted ability to Amazon EBS I/When you select Amazon EBS-upgraded for a case you pay an extra hourly
charge for that instance.

Q36). What Is Lambda@edge In Aws?

In AWS, we can utilize Lambda@Edge utility to take care of the issue of low system idleness for end clients.
In Lambda@Edge, there is no compelling reason to the arrangement or oversee servers. We can simply
transfer our Node.js code to AWS Lambda and make works that will be activated on CloudFront demands. At
the point when a solicitation for substance is gotten by CloudFront edge area, the Lambda code is prepared to
execute. This is a generally excellent choice for scaling up the activities in CloudFront without overseeing
servers.

Q37). Which virtual network interface would you use to attach to an instance in a VPC?
Elastic Network Interface

Q38). Explain what T2 instances is?

T2 instances are intended to give moderate gauge execution and the capacity to blast to higher execution as
required by the outstanding task at hand.

Q39). What is the role of a Route Table in AWS?

Route Table is utilized to network the system pockets. By and a large one-course table would be accessible in
each subnet. Course table can have any no. of records or data, subsequently appending different subnets to a
course table is additionally conceivable.
 5

Q40). What is the use of AWS CloudTrail?

CloudTrail is intended for logging and following API calls. It is also used to review all the S3 bucket accesses.

Q41). Are there any Bandwidth constraints for internet gateways?

Ordinarily, an IG is horizontally called, and it is Redundant and Highly Available. It isn’t having any type of
Bandwidth constraints as a rule.

Q42). Which instance will you use for deploying a 4-node Hadoop cluster in AWS?
We can utilize a c4.8x large instance or i2. large for this, yet utilizing a c4.8x will require a superior
configuration on PC.

Q43). How can you bind a user session with the specific instance in ELB (Elastic Load Balancer)?
This can be easily achieved by permitting Sticky Session.

Q44). What will happen if you erase a peering connection in your side?
The peering connection accessible in the opposite side would likewise get erased. There will be no more
activity streaming.

Q45). What is a redshift?

Redshift is a major information distribution center item. It is quick and incredible, completely overseen
information distribution center administration in the cloud.

Q46). What are the edge locations?

An edge location is where the substance will be stored. Along these lines, when a client is attempting to
getting to any substance, the substance will consequently be looked in the edge location.

Q47). What is a key pair, and what are its uses?

You utilize Key Pair to log in to your Instance in an anchored way. You can make a key pair utilizing EC2
support. At the point when your occurrences are spread crosswise over locales, you have to make the key pair
in every region.

Q48). Describe what S3 is?

S3 is known for Simple Storage Service. You can custom the S3 interface to supply and recover any quantity of
data, at any time and from any place on the web. For S3, the expense model is “pay as you go.”

Q49). Will you use encryption for S3?

It is smarter to consider encryption for delicate information on S3 as it is a restrictive innovation.

Q50). How can you send a request to Amazon S3?

We can do that by utilizing the REST API or the AWS SDK wrapper libraries which wrap the basic Amazon S3
REST API.

Q51). What are the parameters for S3 pricing?

The pricing model for S3 is as below-
 Storage used
 Number of requests you make
 Storage management
 Data transfer
 Transfer acceleration

Q52). What is the pre-requisite to work with Cross region replication in S3?
You have to empower forming on both source container and goal to work with cross-district replication.
Additionally, both the source and destination bucket ought to be in a different region.
 6

Q53). Can S3 be cast-off with EC2 instances, in case of “Yes” please specify How?
Yes, it can be cast-off for instances with root approaches backed by native occurrence storage. By using
Amazon S3, developers have access to the similar extremely scalable, dependable, fast, low-priced data
storage substructure that Amazon uses to track its own worldwide network of websites. To perform systems in
the Amazon EC2 atmosphere, developers use the tools providing to load their Amazon Machine Images (AMIs)
into Amazon S3 and to transfer them between Amazon S3 and Amazon EC2. An additional use case might be
for websites hosted on EC2 to load their stationary content from S3.

Q54). Where do you think an AMI fits, when you are designing an architecture for a solution?
AMIs(Amazon Machine Images) resemble formats of virtual machines, and an instance is derived from an AMI.
AWS offers pre-built AMIs which you can pick while you are propelling a case, some AMIs are not free,like this
can be purchased from the AWS Marketplace. You can likewise make your own custom AMI which would
enable you to spare space on AWS. For instance, on the off chance that you needn’t bother with a lot of
programming on your establishment, you can modify your AMI to do that. This makes it cost effective since
you are evacuating the undesirable things.

Q55). What is the purpose of Subnets?

When a system has a greater number of hosts, dealing with these hosts can be very tasking under an extensive
solitary system. Subsequently, we partition this huge system into effortless small sub-systems (subnets) with
the goal that the tasks of management under each subnet winds up being less demanding.

Q56). What are the roles?

Roles are utilized to give authorizations to elements that you trust inside your AWS account. Roles are clients
in another record. Roles are like clients; however, with Roles you don’t have to make any username and
password to work with the assets.

Q57). Which instance has an hourly rate with no long-term commitment?

On-Demand Instance has an hourly rate with no long-term responsibility because the estimating of this
element fluctuates with the valuing model, for example just as a zone.

Q58). Which operation retrieves the newest version of the object?

GET operation helps you to retrieve the newest version of the object.

Q59). Does Clustering need to be turned on to use GSLB?

Yes, you should turn on grouping and furthermore design it to utilize Global Server Load Balancing. Every single
intermediary that goes in close vicinity to the site or group must gain a similar design. In this way, every bit of
hardware can go about as a DNS server if that turns into the master for the site. Every one of the destinations
will have a special SLB/GSLB/Cluster design, and you should utilize the GSLB site flood order with the goal that
the remote GSLB site can be added to the nearby machine.

Q60). Suggest the possible connection issues that you may encounter when connecting to an EC2 instance?
 Unprotected private key file
 Server refused key
 Connection timed out
 No supported authentication method available
 Host key not found, permission denied.
 User key not recognized by the server, permission denied.

Q61). Are you allowed to run multiple websites on an EC2 server while using a single IP address?
Yes, but to do that more than one elastic IP is required.

Q62). Explain what happens when you reboot a running EC2 instance?
Rebooting a running EC2 instance is just similar to rebooting a PC. You will not return to the image’s original
state, but, the contents of your hard disk are going to remain the same.
 7

Q63). What is a snowball?

Snowball is an information transport arrangement that utilized source machines to exchange a lot of
information into and out of AWS. Utilizing snowball, you can move colossal measure of information starting
with one spot then onto the next, which lessens your system costs, long exchange times and furthermore gives
better security.

Q64). What is the process to speed up data transfer in Snowball?

The data transfer can speed up in the following way:
 By playing out numerous duplicate tasks at one time, for example, on the off chance that the workstation
is sufficiently incredible, you can start various cp directions each from various terminals, on a similar
Snowball gadget.
 Copying from different workstations to a similar snowball.
 Transferring enormous records or by making a bunch of little document, this will decrease the encryption
overhead.
 Eliminating pointless snaps, for example, make a setup where the source machine(s) and the snowball are
the main machines dynamic on the switch being utilized, this can enormously improve execution.

Q65). Mention the work of an Amazon VPC router?

Empowering of Amazon EC2 cases that is inside the subnet so it can speak with Amazon EC2occurrences on
different subnets that are in the equivalent VPC is finished by an Amazon VPC switch. It likewise helps in
empowering Internet portals, subnets, and virtual private passages so it can speak with one another. You
won’t get between utilization information from the switch. Be that as it may, you are qualified to get arrange
utilization measurements from the cases which are utilizing Amazon cloud watch.

Q66). Mention the process in which a hardware VPN connection turns work with Amazon VPC?
The virtual private cloud is associated with the server farm with the assistance of an equipment VPN
association. Web convention security VPN associations are upheld by Amazon. To assistant the uprightness
and privacy of any information which is in travel, this information is exchanged between the VPN and the
server farms are directed over a scrambled VPN association. To set up an equipment VPN association, you
needn’t bother with the accessibility of an Internet passage.

Q67). Explain the AWS Certificate Manager?

AWS Certificate Manager, which can be abbreviated as ACM deals with the unpredictability of broadening,
giving and controlling the endorsements, which are conceded over ACM to the client’s AWS based forms and
websites.
Individuals deal with ACM to keep up and appeal the endorsements and practice other Amazon web
administrations for the site’s motivation. ACM authentications can’t be dealt with outside of AWS.

Q68). What are the important features of Amazon cloud search?

Important features of the Amazon cloud are:
 Boolean searches
 Prefix Searches
 Range searches
 Entire text search
 AutoComplete advice

Q69). What are key-pairs in AWS?

Key – pairs are secure login data for your virtual machines. To associate with the occurrences, you can utilize
key-sets which contain a public-key and private-key.

Q70). How to Disable Password-based Logins for Root in Amazon Ec2 Instance?
Utilizing a fixed root secret key for an open AMI is a security chance that can rapidly become known. Not with
standing depending on clients to change the password after the first login opens a lucky little opening for
potential maltreatment.