AWS Interview Questions and Answers

Launched back in 2006, AWS has succeeded in becoming the leading provider of on-demand cloud computing services. The cloud computing services provider secures a staggering 32% of the cloud computing market share up until the last quarter of 2018.

Every aspiring developer looking to make it big in the cloud computing ecosphere must have a stronghold on AWS. If you’re eyeing for the role of an AWS Developer, then these most important 20 AWS interview questions will help you take a step further towards your desired job avenue.

Now here we are sharing a list of AWS Architect interview Questions with Answers which are asked in the interview.

1.What are the various AWS products built for offering cloud services?

Ans:

There are mainly three kinds of cloud service types for which AWS products are made. These are stated as under.

• Computing: The AWS products for computing are Auto-Scaling, EC2, Lightsat, Elastic BeAnstalk, and Lambda.
• Storage: The AWS products for storage include S3, Elastic File System, Elastic Block Storage, and Glacier.
• Networking: The AWS products for networking include VPC, Route53 and Amazon CloudFront.

2. Define Auto-Scaling?

Ans:

Auto-Scaling is a function that supports the provision and launch of new instances after recognizing the demand. This way it offers the users the ability to increase or decrease the resource capacity as per the changing demand levels.

3. Is there any difference between region and availability zone?

Ans:

Yes, there is a difference between region and availability zone. The regions are the different geographical locations like United States-West 1 i.e. North California and Asia South i.e. Mumbai. An availability zone is the part of the regions which are mostly the isolated zones that can replicate itself when the need arises.

4.What do you understand by geo-targeting in CloudFront?

Ans:

Geo-Targeting in the CloudFront supports the creation of customized content for the target audience as per the demand and needs of a specific geographical area. This helps the businesses to showcase their personalized content to the target audience in different geographic locations without changing its URL.

5.What are the steps involved in CloudFront?

Ans:

There are four steps involved in CloudFront. These include the following.

Step 1: Creating a CloudFormation template in YAML or JSON format.

Step 2: Saving the code in an S3 bucket so that it serves the repository for the code.

Step 3: Using the AWS CloudFormation to call the bucket and thereby creating a new stack on the template.

Step 4: CloudFormation reads the file and thus understands the services required that are called along with their order details, relationships with services and associated provisions.

6.Which are tools available in AWS that could help you recognize that you are paying more than required for AWS?

Ans:

There are four tools available in AWS that could help in recognizing that you are paying more than required for AWS. These are stated as under.

• Checking the top service table.
• AWS budgets.
• Cost allocation tags.
• Cost explorer.

7. What is S3 in AWS?

Ans:

S3 is referred to as Simple Storage Service. It is used to store and retrieve data of any amount at any time from anywhere in the world using the web. To use this service the payment model developed is “Pay As You Go”.

8. What is AMI?

Ans:

AMI is the short form of Amazon Machine Image. It is a template that offers the information required to launch an instance that acts as a copy of AMI running as a virtual server in the cloud. The information provided is about the operating system, applications and the application server itself. Many instances can be launched at one time from different AMIs as per your instructions.

9. What is the relation between AMI and Instance?

Ans:

Instances can be launched by AMIs. One AMI can launch as many instances as required. An instance type defines the hardware of the host computer for Instance including information about computers and its memory abilities. After launching an instance, it works as a traditional host and could be interacted with as with any other computer.

10.What are the inclusions in AMI?

Ans:

There are three inclusions in Ami which include the following.

• Template for the root volume for the instance.
• Block device mapping that helps in determining the volumes after attaching to the instance after launch.
• Launch permissions that help in deciding which AWS account can take the AMI for launching Instances.

11. Can we send a request to Amazon S3?

Ans:

Yes, we can send a request to Amazon S3 by using the REST API or the AWS SDK wrapper libraries which wrap the underlying Amazon S3 REST API.

12. What do you know about reserved instances?

Ans:

Reserved instances are the instances that one can use to reserve a fixed capacity of EC2 instances. In reserved instances the user will have to get into a contract of 1 year or 3 years.

13. What do the users know about auto-scaling and its components?

Ans:

Auto scaling allows the users to automatically scale-up and scale-down the number of instances depending on the CPU utilization or memory utilization. There are 2 components in Auto scaling, they are Auto-scaling groups and Launch Configuration.

14. Define EIP.

Ans:

EIP is an acronym for Elastic IP address. It is designed for dynamic cloud computing. When the user wants to have a static IP address for the various instances when he/she stops and restarts the instances, he/she will be using an EIP address.

15. What do you know about Cloudwatch?

Ans:

Cloudwatch is a monitoring tool that can be used to monitor the various AWS resources such as health check, network, Application, etc.

16. Mention the different types of Cloudwatch.

Ans:

There are 2 types in cloudwatch in AWS: Basic monitoring and detailed monitoring. Basic monitoring is free and detailed monitoring is chargeable.

17. Mention the Cloudwatch metrics that have been provided in the EC2 Instances.

Ans:

The various Cloudwatch metrics that have been provided in the EC2 instances: Diskreads, Diskwrites, CPU utilization, networkpacketsIn, networkpacketsOut, networkIn, networkOut, CPUCreditUsage, CPUCreditBalance.

18. Mention the different storage classes provided in S3.

Ans:

The different storage classes provided in S3 are:

• Standard frequently accessed
• Standard infrequently accessed
• One-zone infrequently accessed.
• Glacier
• RRS – reduced redundancy storage

19.Write about the minimum and maximum size of individual objects that can be created in S3.

Ans:

The minimum size of individual objects that can be stored in S3 by the user is 0 bytes and the maximum bytes that can be stored for individual objects is 5TB.

20.  Write about the default storage class in S3.

Ans:

The default storage class in S3 in Standard frequently accessed.

21. Compare between AWS and OpenStack.

Ans:

Criteria	AWS	OpenStack
License	Amazon proprietary	Open source
Operating system	Whatever the cloud administrator provides	Whatever AMIs provided by AWS
Performing repeatable operations	Through templates	Through text files

22. What is AWS?

Ans:

AWS (Amazon Web Services) is a platform to provide secure cloud services, database storage, offerings to compute power, content delivery, and other services to help business level and develop.

23. What is the importance of buffers in Amazon Web Services?

Ans:

An Elastic Load Balancer ensures that the incoming traffic is distributed optimally across various AWS instances.  A buffer will synchronize different components and makes the arrangement additionally elastic to a burst of load or traffic. The components are prone to work in an unstable way of receiving and processing requests. The buffer creates an equilibrium linking various apparatus and crafts them work at an identical rate to supply more rapid services.

24. How are Spot Instance, On-demand Instance, and Reserved Instance different from one another?

Ans:

Both Spot Instance and On-demand Instance are models for pricing.

Spot Instance	On-demand Instance
With Spot Instance, customers can purchase compute capacity with no upfront commitment at all.	With On-demand Instance, users can launch instances at any time based on the demand.
Spot Instances are spare Amazon instances that you can bid for.	On-demand Instances are suitable for high-availability needs of applications.
When the bidding price exceeds the spot price, the instance is automatically launched, and the spot price fluctuates based on supply and demand for instances.	On-demand Instances are launched by users only with the pay-as-you-go model.
When the bidding price is less than the spot price, the instance is immediately taken away by Amazon.	On-demand Instances will remain persistent without any automatic termination from Amazon.
Spot Instances are charged on an hourly basis.	On-demand Instances are charged on a per-second basis

25. Why do we make subnets?

Ans:

Creating subnets meAns dividing a large network into smaller ones. These subnets can be created for several reasons. For example, creating and using subnets can help reduce congestion by making sure that the traffic destined for a subnet stays in that subnet. This helps in efficiently routing the traffic coming to the network that reduces the network’s load. 

26. Is there a way to upload a file that is greater than 100 megabytes in Amazon S3?

Ans:

Yes, it is possible by using the multipart upload utility from AWS. With multipart upload utility, larger files can be uploaded in multiple parts that are uploaded independently. You can also decrease upload time by uploading these parts in parallel. After the upload is done, the parts will be merged into a single object or file to create the original file from which the parts were created.

27. What is the maximum number of S3 buckets you can create?

Ans:

• 50
• 20
• 70
• 100

28. How can you save the data on root volume on an EBS-backed machine?

Ans:

By overriding the terminate option

29.When should you use the classic load balancer and the application load balancer?

Ans:

The classic load balancer is used for simple load balancing of traffic across multiple EC2 instances.

While, the application load balancing is used for more intelligent load balancing, based on the multi-tier architecture or container-based architecture of the application. Application load balancing is mostly used when there is a need to route traffic to multiple services.

30. How many total VPCs per account/region and subnets per VPC can you have?

• 4, 100
• 7, 40
• 5, 200
• 3, 150

Ans:

5, 200

31. Your organization has decided to have all their workload on the public cloud. But, due to certain security concerns, your organization decides to distribute some of the workload on private servers. You are asked to suggest a cloud architecture for your organization. What will be your suggestion?

Ans:

A hybrid cloud. The hybrid cloud architecture is where an organization can use the public cloud for shared resources and the private cloud for its confidential workloads.

32. Which one of the storage solutions offered by AWS would you use if you need extremely low pricing and data archiving?

Ans:

Amazon Glacier. AWS Glacier is an extremely low-cost storage service offered by Amazon that is used for data archiving and backup purposes. The longer you store data in Glacier, the less it will cost you.

33. You have connected four instances to ELB. To automatically terminate your unhealthy instances and replace them with new ones, which functionality would you use?

Ans:

Auto-scaling groups

34. The data on the root volumes of store-backed and EBS-backed instances get deleted by default when they are terminated. If you want to prevent that from happening, which instance would you use?

Ans:

EBS-backed instances. EBS-backed instances use EBS volume as their root volume. EBS volume consists of virtual drives that can be easily backed up and duplicated by snapshots.

The biggest advantage of EBS-backed volumes is that the data can be configured to be stored for later retrieval even if the virtual machine or the instances are shut down.

35. How will you configure an Amazon S3 bucket to serve static assets for your public web application?

Ans:

By configuring the bucket policy to provide public read access to all objects

36. Your organization wants to send and receive compliance emails to its clients using its own email address and domain. What service would you suggest for achieving the same in an easy and cost-effective way?

Ans:

Amazon Simple Email Service (Amazon SES), which is a cloud-based email sending service, can be used for this purpose.

37. Can you launch Amazon Elastic Compute Cloud (EC2) instances with predetermined private IP addresses? If yes, then with which Amazon service it is possible?

Ans:

Yes. It is possible by using VPC (Virtual Private Cloud).

38. If you launched a standby RDS, will it be launched in the same availability zone as your primary?

Ans:

No, standby instances are automatically launched in different availability zones than the primary, making them physically independent infrastructures. This is because the whole purpose of standby instances is to prevent infrastructure failure. So, in case the primary goes down, the standby instance will help recover all of the data.

39. Which of the following is a global Content Delivery Network service that securely delivers data to users with low latency and high trAnsfer speed.

Ans:

Amazon CloudFront

40. Which Amazon solution will you use if you want to accelerate moving petabytes of data in and out of AWS, using storage devices that are designed to be secure for data trAnsfer?

Ans:

Amazon Snowball. AWS Snowball is the data trAnsport solution for large amounts of data that need to be moved into and out of AWS using physical storage devices.

41. If you are running your DB instance as Multi-AZ deployment, can you use standby DB instances along with your primary DB instance?

Ans:

No, the standby DB instance cannot be used along with the primary DB instances since the standby DB instances are supposed to be used only if the primary instance goes down.

42. Your organization is developing a new multi-tier web application in AWS. Being a fairly new and small organization, there’s limited staff. But, the organization requires high availability. This new application comprises complex queries and table joins. Which Amazon service will be the best solution for your organization’s requirements?

Ans:

DynamoDB will be the right choice here since it is designed to be highly scalable, more than RDS or any other relational database services.

43. You accidently stopped an EC2 instance in a VPC with an associated Elastic IP. If you start the instance again, what will be the result?

Ans:

The data stored on the instance will be lost. Elastic IP is disassociated from the instance only if the instance is terminated.

44. Your organization has around 50 IAM users. Now, it wants to introduce a new policy that will affect the access permissions of an IAM user. How can it implement this without having to apply the policy at the individual user level?

Ans:

It is possible using IAM groups, by adding users in the groups as per their roles and by simply applying the policy to the groups.

45. Your organization is using DynamoDB for its application. This application collects data from its users every 10 minutes and stores it in DynamoDB. Then every day, after a particular time interval, the data (respective to each user) is extracted from DynamoDB and sent to S3. Then, the application visualizes this data to the users. You are asked to propose a solution to help optimize the backend of the application for latency at lower cost. What would you recommend?

Ans:

ElastiCache. Amazon ElastiCache is a caching solution offered by Amazon.

It can be used to store a cached version of the application in a region closer to users so that when requests are made by the users the cached version of the application can respond, and hence latency will be reduced.

46. I created a web application with autoscaling. I observed that the traffic on my application is the highest on Wednesdays and Fridays between 9 AM and 7 PM. What would be the best solution for me to handle the scaling?

Ans:

Configure a policy in autoscaling to scale as per the predictable traffic patterns.

47. How would you handle a situation where the relational database engine crashes often whenever the traffic to your RDS instances increases, given that the replica of an RDS instance is not promoted as the master instance?

Ans:

A bigger RDS instance type needs to be opted for handling large amounts of traffic, creating manual or automated snapshots to recover data in case the RDS instance goes down.

48. You have an application running on your Amazon EC2 instance. You want to reduce the load on your instance as soon as the CPU utilization reaches 100 percent. How will you do that?

Ans:

It can be done by creating an auto scaling group to deploy more instances when the CPU utilization exceeds 100 percent and distributing traffic among instances by creating a load balancer and registering the Amazon EC2 instances with it.

49. What would I have to do if I want to access Amazon Simple Storage buckets and use the information for access audits?

Ans:

AWS CloudTrail can be used in this case as it is designed for logging and tracking API calls, and it has also been made available for storage solutions.

50. I created a key in the North Virginia region to encrypt my data in the Oregon region. I also added three users to the key and an external AWS account. Then, to encrypt an object in S3, when I tried to use the same key, it was not listed. Where did I go wrong?

Ans:

The data and the key should be in the same region. That is, the data that has to be encrypted should be in the same region as the one in which the key was created. In this case, the data is in the Oregon region, whereas the key is created in the North Virginia region.

51. Suppose, you hosted an application on AWS that lets the users render images and do some general computing. Which of the below listed services can you use to route the incoming user traffic?

• Classic Load Balancer
• Application Load Balancer
• Network Load balancer

Ans:

Application Load Balancer: It supports path-based routing of the traffic and hence helps in enhancing the performance of the application structured as smaller services.

Using application load balancers, the traffic can be routed based on the requests made. In this case scenario, the traffic where requests are made for rendering images can be directed to the servers only deployed for rendering images and the traffic where the requests are made for computing can be directed to the servers deployed only for general computing purposes.

52. Suppose, I created a subnet and launched an EC2 instance in the subnet with default settings. Which of the following options will be ready to use on the EC2 instance as soon as it is launched?

• Elastic IP
• Private IP
• Public IP
• Internet Gateway

Ans:

Private IP. Private IP is automatically assigned to the instance as soon as it is launched. While elastic IP has to be set manually, Public IP needs an Internet Gateway which again has to be created since it’s a new VPC.

53. Your organization has four instances for production and another four for testing. You are asked to set up a group of IAM users that can only access the four production instances and not the other four testing instances. How will you achieve this?

Ans:

We can achieve this by defining tags on the test and production instances and then adding a condition to the IAM policy that allows access to specific tags.

54. Your organization wants to monitor the read and write IOPS for its AWS MySQL RDS instance and then send real-time alerts to its internal operations team. Which service offered by Amazon can help your organization achieve this scenario?

Ans:

Amazon CloudWatch would help us achieve this. Since Amazon CloudWatch is a monitoring tool offered by Amazon, it’s the right service to use in the above-mentioned scenario.

55. Which of the following services can be used if you want to capture client connection information from your load balancer at a particular time interval?

• Enabling access logs on your load balancer
• Enabling CloudTrail for your load balancer
• Enabling CloudWatch metrics for your load balancer

Ans:

Enabling CloudTrail for your load balancer. AWS CloudTrail is an inexpensive log monitoring solution provided by Amazon. It can provide logging information for load balancer or any other AWS resources. The provided information can further be used for analysis.

56. You have created a VPC with private and public subnets. In what kind of subnet would you launch the database servers?

Ans:

Database servers should be ideally launched in private subnets. Private subnets are ideal for the backend services and databases of all applications since they are not meant to be accessed by the users of the applications, and private subnets are not routable from the Internet.

57. Is it possible to switch from an Instance-backed root volume to an EBS-backed root volume at any time?

Ans:

No, it is not possible.

58. Can you change the instance type of the instances that are running in your application tier and are also using autoscaling? If yes, then how? (Choose one of the following)

• Yes, by modifying auto scaling launch configuration
• Yes, by modifying autoscaling tags configuration
• Yes, by modifying autoscaling policy configuration
• No, it cannot be changed

Ans:

Yes, the instance type of such instances can be changed by modifying auto scaling launch configuration. The tags configuration is used to add metadata to the instances.

59. Can you name the additional network interface that can be created and attached to your Amazon EC2 instance launched in your VPC?

Ans:

Elastic Network Interface

60. Out of the following options, where does the user specify the maximum number of instances with the autoscaling commands?

• Autoscaling policy configuration
• Auto Scaling group
• Autoscaling tags configuration
• Auto Scaling launch configuration

Ans:

Auto Scaling launch configuration

61. Which service provided by AWS can you use to trAnsfer objects from your data center, when you are using Amazon CloudFront?

Ans:

Amazon Direct Connect. It is a network service that acts as an alternative to using the Internet to connect customers in on-premise sites with AWS.

62. You have deployed multiple EC2 instances across multiple availability zones to run your website. You have also deployed a Multi-AZ RDS MySQL Extra Large DB Instance. The site performs a high number of small read and write operations per second. After some time, you observed that there is read contention on RDS MySQL. What would be your approach to resolve the contention and optimize your website?

Ans:

We can deploy ElastiCache in a memory cache running in every availability zone. This will help in creating a cached version of the website for faster access in each availability zone. We can also add RDS MySQL read replicas in each availability zone that can help in efficient and better performance for read operations. So, there will not be any increased workload on RDS MySQL instances, hence resolving the contention issue.

63. Your company wants you to propose a solution so that the company’s data center can be connected to the Amazon cloud network. What would be your proposal?

Ans:

The data center can be connected to Amazon cloud network by establishing a virtual private network (VPN) between the VPC and the data center. Virtual private network lets you establish a secure pathway or tunnel from your premise or device to AWS global network.

64. Which of the following Amazon Services would you choose if you want complex querying capabilities but not a whole data warehouse?

• RDS
• Redshift
• ElastiCache
• DynamoDB

Ans:

Amazon RDS

65. Which one of the following is a structured data store that supports indexing and data queries to both EC2 and S3?

• DynamoDB
• MySQL
• Aurora
• SimpleDB

Ans:

SimpleDB

66. Which service offered by Amazon will you choose if you want to collect and process e-commerce data for near real-time analysis? (Choose any two)

• DynamoDB
• Redshift
• Aurora
• SimpleDB

Ans:

DynamoDB. DynamoDB is a fully managed NoSQL database service that can be fed any type of unstructured data. Hence, DynamoDB is the most apt choice for collecting data from e-commerce websites.

For near real-time analysis, we can use Amazon Redshift.

67. If in CloudFront the content is not present at an edge location, what will happen when a request is made for that content?

Ans:

CloudFront will deliver the content directly from the origin server. It will also store the content in the cache of the edge location where the content was missing.

68. Can you change the private IP address of an EC2 instance while it is in running or in a stopped state?

Ans:

No, it cannot be changed. When an EC2 instance is launched, a private IP address is assigned to that instance at the boot time. This private IP address is attached to the instance for its entire lifetime and can never be changed.

69. Which of the following options will you use if you have to move data over long distances using the Internet, from instances that are spread across countries to your Amazon S3 bucket?

• Amazon CloudFront
• Amazon TrAnsfer Acceleration
• Amazon Snowball
• Amazon Glacier

Ans:

Amazon TrAnsfer Acceleration. It throttles the data trAnsfer up to 300 percent using optimized network paths and Amazon Content Delivery Network. Snowball cannot be used here as this service does not support cross-region data trAnsfer.

70. Which of the following services is a data storage system that also has REST API interface and uses secure HMAC-SHA1 authentication keys?

• Amazon Elastic Block Store
• Amazon Snapshot
• Amazon S3

Ans:

Amazon S3. It gets various requests from applications, and it has to identify which requests are to be allowed and which to be denied. Amazon S3 REST API uses a custom HTTP scheme based on a keyed HMAC for authentication of requests.

71. What kind of IP address can you use for your customer gateway (CGW) address?

Ans:

We can use the Internet routable IP address, which is a public IP address of your NAT device.

72. Which of the following is not an option in security groups?

Ans:

• List of users
• Posts
• IP addresses
• List of protocols

73. What are the main differences between EC2 and S3?

Ans:

The main differences between EC2 and S3 are stated under.

EC2	S3
It is a cloud web service	It is a data storage system
It is used for hosting the web application	It is used for storing any amount of data
It works as a huge computer machine	It is a REST interface.
It can either run LINUX or Windows and could also handle PHP, Python, Apache and various other kinds of databases.	It applies secure authentication keys such as HMAC-SHA1

74. Can buckets be created in AWS accounts?

Ans:

Yes, buckets can be created in AWS accounts. By default up to 100 buckets can be created in the AWS account.

75. Define T2 Instance?

Ans:

T2 Instance is specifically designed to offer moderate baseline performance and the ability to burst into the higher performance as per the requirements of the workload.

76. Identify different kinds of Instances?

Ans:

The different kinds of Instances include the following.

• Accelerated Computing Instance.
• Memory-Optimized Instance.
• Storage Optimized Instance.
• Computer Optimized Instance.

General Purpose Instance.

77. Does Amazon VPC support the property of broadcast or multicast?

Ans:

Amazon VPC does not support the property of broadcast or multicast.

78. Can we create Elastic IPs in AWS?

Ans:

Yes, we can create Elastic IPs in AWS. About 5 VPC Elastic IP addresses are allowed under each AWS account.

79. What is a default storage class in S3?

Ans:

The default storage class in S3 is referred to as the Standard frequently accessed.

80. What are the roles in AWS?

Ans:

Roles in AWS are used to provide permission to the entities that can be trusted within the AWS account. They are similar to the users and do not require the creation of any username and password to work along with various other resources in AWS.

81.What are the edge locations in AWS?

Ans:

Edge locations in AWS are referred to as the area where the contents will be cached. When a user tries to access any content then in such case the content automatically searches for the edge location

82. What is the full form of VPC? Explain VPC?

Ans:

The full form of VPC is Virtual Private Cloud. VPC helps in customizing the network configuration process. It acts as a network that is logically isolated from various other networks in the cloud. VPC allows the users to have their IP address range, security groups, subnet and internet gateways.

83. What is a Snowball in AWS?

Ans:

A Snowball in AWS is a data trAnsport option. It uses the source appliances to a large amount of data for getting into and out of AWS. Snowball can be used for the trAnsfer of massive data from one place to another. It also helps in reducing networking costs.

84.What is Redshift in AWS?

Ans:

Redshift in AWS is a big data warehouse product that is fast and powerful enough to manage data warehouse service in the cloud.

85. Define Subnet in AWS?

Ans:

Subnet in AWS is referred to as the large section of IP Address which is divided into chunks. We can have 200 subnets per VPC.

86. What is SQL in AWS?

Ans:

SQL stands for Simple Queues Services that offers distributed queuing service that acts as a mediator for two controllers.

87. What is SimpleDB in AWS?

Ans:

SimpleDB is a name given to the data repository structure record which supports data doubts and index S3 and EC2.

88. What is Amazon ElasticCache?

Ans:

Amazon ElasticCache is a web service that helps in easy deployment, scaling and storing of data in the cloud.