We can help you learn more about AWS the most popular cloud platform from Amazon
1) What is an EC2 instance? Your web site is hosted on 5 EC2 instances in 5 regions around the globe with 1 EC2 instance per region. How could you configure your site to maintain site availability with minimum downtime if one of the 5 regions was to lose network connectivity for an extended period of time?
In plain terms it is the virtual machine environment that hosts your application in AWS cloud. To minimize downtime create a Route 53 Latency Based Routing Record Set that resolves to Elastic Load Balancers in each region and has the Evaluate Target Health flag set to true.
2) What are the many different storage options available with AWS?
Storage in S3 the standard storage, most popular archival service glacier, Reduced Redundancy Storage RRS in AWS terms, Elastic block store EBS storage, S3 IA the S3 Infrequent Access storage
3) What is use of EC2 Security Groups?
Security groups implemented at EC2 instance level provides security at both protocol and port access level working way similar to firewall. This controls incoming as well as outgoing traffic in an EC2 instance
4) How durable are the files saved in S3?
They are 99.999999999% durable
5) You want to own your own private network in AWS. How can you accomplish this?
This can be accomplished using virtual private cloud VPC
6) Your project makes use of S3 buckets as storage container. Do you need to provision this across multiple availability zones?
No need as the S3 storage is accessible across multiple availability zones
7) What is Ephemeral storage?
It is the Temporary/Non Persistent storage
8) What is the use of batch-write-item in a Dynamodb environment?
The batch-write-item is used to put or delete multiple items in one or more tables in dynamodb
9) You are involved in business continuity project. You are currently working on disaster recovery. Do you know what does RTO stand for in disaster recovery?
Recovery Time Objective the stipulates time limit within which system needs to be up and running in case of failure. In business critical financial banks it is as low as 15 minutes in some cases
10) How does an AWS on-demand instance work?
Here is the way an AWS on-demand instance work :
a) Pay as you go model. Pay only for usage thus saving cost
b) You are charged per second based on hourly rate
c) There is no upfront cost for instances and this avoids extra cost associated with unused instances
11) What is the difference between primary key and unique key?
Primary key uniquely identifies a row. Unique keys are created in columns that will the unique row values. Primary key is unique and not null however unique key can have null values
12) You are working on project where your employer has decided to migrate one of their projects onto AWS. What is the first thing to do while creating a new company account?
Set up new account using company official email address
13) Is a power user given access to users within IAM?
Power user is one who has access to all AWS services except the management of groups and users within IAM. Root user is the superuser account that finds privilege over and above the power user account
14) What is the use of cloudformation init script?
The cfn-init is the helper script that reads template metadata from the AWS::CloudFormation::Init key and acts accordingly . The AWS::Cloudformation::init key includes metadata on amazon EC2 instance. Following are the uses of a cloudformation init script :
a) Fetch and parse metadata from AWS:cloudformation::init key
b) Install packages
c) Write files to disk
d) Enable/disable services
e) Start (or) stop services
15) How will you accomplish extra capacity with additional CPU and RAM in EMR?
By adding more task nodes this can be accomplished in an EMR node
16) Which API call is internally triggered during the process of creating Amazon Machine Image AMI?
The API RegisterImage gets triggered during this process
17) What is the use of an compute optimized instance?
This is an instance that is designed to provide moderate baseline performance and the capability to burst to significantly higher performance as required by our workload
18) Where are individualized instances provisioned?
Individualized instances are provisioned at Availability Zones
19) Your project makes use of RRS. You have made a decision to expand business in multiple zones. Can RRS sustain this data requirement?
RRS is designed to sustain the loss of data at a single facility and hence can’t be used for this purpose
20) What is the total volume of data and number of objects that can be stored in Amazon S3 bucket?
1TB is the size limit
21) You want to delete multiple objects from S3. How can you accomplish that?
This can be achieved using Multi-Object Delete operation
22) What is the requirement with versioning in S3 to enable cross-regional replication?
Versioning must be enabled in both source and target S3 buckets for cross-regional replication
23) Is multifactor authentication mandatory to delete objects from a S3 bucket?
To delete objects from S3 buckets multifactor authentication is an optional feature and not mandatory
24) What is the minimum size of an S3 object?
Create a file with simple touch command and this will be 0 bytes. Such files with as small as 0 bytes can be created in S3
25) How does amazon Simple workflow SWF help users?
The simple workflow service is used for task management in AWS environment . The tasks can be synchronous as well as asynchronous tasks. Coordinate synchronous and asynchronous tasks using AWS SWF
26) If an Amazon EBS volume is an additional partition and not the root volume can we detach it without stopping the instance?
Yes, although it may take some time. An EBS volume other than root volume can be detached from live running instance. AWS CLI commands can be used for this purpose as well
27) Your project uses SQL Server RDS. What is the maximum size for a Microsoft SQL Server DB with SQL Server Express edition in AWS?
There are two different limits one that of the database 10GB in size, and that of the DB instance server storage 300GB in size. A DB server instance could quite easily host several DBs, or a DB and support files such as logs, dumps, and flat file backups. For express edition 10GB is used
28) What does EBS stand for?
Elastic Block Store EBS is the storage volume that is associated with EC2 instance in an AWS environment
29) Which is a document that provides a formal statement of one or more permissions?
It is the policy document
30) You are making use of AWs simple queue service. How many message queues can you create in SQS?
There is no limit on the number of message queues that can be created in SQS and it is unlimited
31) What are some default methods of ingesting content into Amazon S3?
Internet, VPN are some default data ingestion methods onto amazon S3
32) Can you store access keys in an AMI?
Access keys should never be stored on an AMI
33) What AWS technologies will you make use of to ease the database load?
RDS read replica, Elasticcache are some database load AWS technologies
34) What is main benefit of using AWS SWF worflow?
AWS SWF workflow ensures that actions are executed only once
35) What is used to build elastic, self-healing applications in AWS?
Autoscaling groups can be used for this purpose
36) Which service is the global content delivery network CDN from AWS?
Cloudfront is the Content Delivery Network from AWS
37) Does amazon S3 support website redirects?
Yes. It does support redirects
38) What is the minimum time interval for cloudwatch?
The minimum time interval for cloudwatch is 1 minute
39) You have to migrate amazon S3 objects to Amazon Glacier. How can you accomplish that?
S3 lifecycle transition policy can be used for this purpose
40) Can you make use of your existing microsoft windows server licenses with amazon EC2 shared tenancy instance?
This existing license can be used with dedicated host and not AWS
41) How will you implement single sign-on in an AWS environment?
In AWS we can implement single sign-on by integrating with existing active directory account
42) You are making using of AWs simple queue service. How many message queues can you create in SQS?
There is no limited on the number of message queues that can be created in SQS and it is unlimited
43) What are the different types of EMR nodes?
Core nodes, Task nodes
44) What are some of the benefits of AWS organizations?
a) Centrally manage access policies for multiple AWS accounts
b) Automation of AWS account creation and management
c) Control access to AWS services
d) Enable consolidated billing across multiple aws accounts
45) What is the reason behind Route53 naming convention?
The DNS Port is on Port 53 and Route53 is a DNS Service
46) You want to get details on TTL in a specified table. Which command will you make use of?
describe-time-to-live can be used to get details on TTL
47) Give some AWS services that have access to operating system :-
In AWS environment EC2, sysopswork are some services that have OS access
48) In a ELB implementation which component of ELB does monitor the load balancers?
In ELB controller service monitors the load balancers. This includes tasks such as adding and removing load balancers as needed. The load balancers are verified for proper functionality and removed or added on as needed basis
49) You are configuring encryption when creating the EBS volume. Does this enable encryption at rest ?
Yes. It does apply to both at rest and dynamic info
50) Can you create placement groups across 2 or more availability zones?
Nope. It is not possible to do so
51) What are all the payment options associated with reserved instances?
Following are the payment options associated with reserved instances:
a) All upfront
b) Partial upfront
c) No upfront
52) Can ELB distribute traffic across regions?
Nope, not possible. ELB can distribute traffic across EC2 instances. The EC2 instances can be in same availability zone, different availability zone within same region. ELB does nto distribute traffic across regions
53) You are looking for a robust delivery solution to transfer data from amazon lambda function onto amazon elastic search. Which service will you make use of?
AWS Kinesis firehose can be used for this purpose
54) You have been asked to build a system to analyse the customer behaviour. The data used for analysis comes from many different data sources including sales report, tweets, customer order logs from database. How will you build the basic framework for this project?
This project implementation tarts with datalake
55) What is the maximum length of the streamname string in amazon kinesis stream ?
The maximum length is 128
56) Does Elastic Map Reduce allows you to access the underlying operating systems of the EMR nodes?
Yes, it does allow OS access
57) Who is a owner in AWS permission model?
Both user identity and email address are used to create AWS account
58) Does Route53 support MX the mail Records?
Yes. IT does support MX mail records
59) What kind of data is stored in AWS glacier service?
AWS glacier is a data archival solution thatis mainly used to store Infrequently accessed data & data archives
60) You have deleted your ELB. Do you know how long cloudwatch metrics data are accessible for deleted ELB?
It becomes accessible for a period of 2 weeks
61) What are the many different types of actors in amazon simple workflow service?
Amazon SWF interacts with programmatic actors such as workflow starters, deciders, or activity workers
62) What is the use of domain in amazon simple workflow service SWF?
a) workflow components including workflow types, activity types can be specified to be part of domain scoping the amazon SWF resources within the AWS account
b) Domain is a collection of related workflows
63) Does AWS support SOAP?
SOAP support is available over https. It is not available over http also amazon s3 new features dont support SOAP
64) What makes DynamoDB a suitable choice for gaming websites?
DynamoDB is a fast, fully managed NoSQL database service that makes it simple and cost-effective to store and retrieve any amount of data, and serve any level of request traffic. Its guaranteed throughput and single-digit millisecond latency make it a great fit for gaming, advertising technology, mobile, and many other applications
65) Can we detach EBS volume that forms the root device of the EC2 instance without stopping the instance?
Nope, not possible. As in normal linux (or) unix machines root volume is the main volume that needs to be accessible for the machine to be up and running without any issues. Same does apply to EC2 instances as well
66) Do you know how long cloudwatch metrics data are accessible for terminated AWS EC2 instance?
This information becomes available for a period of 2 weeks
67) What is the VisibilityTimeout value of an SQS message in a FIFO queue?
The VisibilityTimeout is 12 hours
68) Do you know which language is made use of while creating IAM policy documents?
JSON is used for this purpose
69) You are looking for a easy way to load streaming data into AWS. Which service will you use?
Kinesis Firehose serves this purpose
70) You are connecting to AWS using AWS CLI. What do you need for this?
For this do we need to create an IAM user
71) Which operation in dynamodb lets you support atomic counters?
UpdateItem supports atomic counters
72) We are creating an amazon S3 bucket from US standard region. Can I make it mixed case?
Nope. Amazon S3 buckets should be all lower case. This is across all AWS regions and not specific to Us standard region etc
73) How can you accomplish amazon kinesis API to add tags to stream?
This can be accomplished using AddTagsToStream
74) What AWS services can you make use of to gather requirements on your payments application development project in AWS?
Amazon payments infrastructure are made use of by services amazon devpay and amazon FPS. amazon flexible payment services is a service used by developers to accept payments on websites. this includes micropayments support as well. When it comes to amazon devpay the scope is different. Say you have applications built on amazon s3 or amazon ec2. You want to resell these applications, Now, the customers pay amazon. Amazon deducts a small fee plus commission and pays rest to you. This is tightly integrated with AWS infrastructure
75) What is a EBS snapshot?
In Amazon EBS terms, EBS snapshot is state of a EBS volume captured at a point-in-time
76) What are components of Elastic Load balancer ELB?
ELastic load balancer ELB as it is popularly called is composed of two components the load balancer and the controller services
77) S3 has eventual consistency for which HTTP Methods?
AWS S3 provides eventual consistency for overwrite puts and deletes
Category: Amazon Web Services Tutorial
Amazon Web Services Tutorial
AWS interview questions and answers
1) Which AWS storage is used for long term data storage and archival? How sensitive information can be securely stored in this service?
Glacier is the long term archival storage used for data backup and archival on cost efficient basis. AWS glacier is a longterm data archival solution. Amazon Glacier is an extremely low-cost storage service that provides service as low as $0.004 per gigabyte per month also keeping it secure, durable, and flexible storage for data backup and archival. Glacier vault lock can be used to store information that are compliance sensitive and needs to be stored securely. In glacier with vault lock feature the regulatory and compliance data can be stored in immutable format as this data is write once read many called WORM format. Technically information stored in glacier is 99.99% durable. This is possible by storing data in multiple facility and multiple devices within each facility. In addition to all the advantages mentioned above this is least expensive option to store data meeting the requirements
2) Can AWS glacier be used for CDN?
Nope. AWS is long term archival and backup solution and this is not CDN from AWS
3) Is there a restriction on DNS naming convention on this amazon S3 bucket name in US regions?
All bucket names comply with DNS naming conventions. These conventions are enforced in all regions except for the US East (North Virginia) region
4) Give details on reselling reserved instances in a EC2 environment :-
Reserved instances is the term given to the discount package that comes as part of general EC2 instance saving discount option. This discount can be availed by paying all upfront, partial upfront , no upfront cost. This reserves computing capacity for an EC2 instance from 1 year or 3 years. There is an option to resell the reserved instances in case of migration of EC2 instance to different availability zone, unexpected project termination, project completion before anticipated date. This will help you save money
5) Give details on amazon S3 bucket versioning :-
We can enable S3 versioning that retained older version of missing files in AWS. In S3 bucket once we enable versioning it is like retaining many copies of same file. It is true that versioning will consume space but can be a savior in times of critical projects. In S3 versioning once enabled can’t be disabled. Only buckets can be copied and original buckets can be deleted. We need to copy the existing bucket to new bucket without versioning
6) What is the use of copy-image command?
The command copy-image is used to copy an AMI from a specified source region to the current region. During copy we need to specify the destination region by using its endpoint when making the request
7) What is the use of amazon resource name ARN’s?
Amazon Resource Names called as ARN’s uniquely identify AWS resources. An ARN is required when we need to specify a resource unambiguously across all of AWS, such as in IAM policies, Amazon Relational Database Service tags, and API calls
8) What are the relational and non-relational databases included in amazon RDS services?
AWS Relational database service RDS includes relational database services like oracle, mysql, sql server, DynamoDB is the non-relational NoSQL database
9) You have created a new security group. Does this allow all outbound traffic by default?
Yes, it does. By default, a security group includes an outbound rule that allows all outbound traffic
10) In AWS RDS environment MySQL installations default to what port number?
In a typical mysql implementation 3306 is the default port. This should be secured safe and should not be accessible by untrusted hosts
11) What is the advantage of using SWF instead of SQS in an order processing workflow in an ecommerce project?
An SWF workflow action is executed only once and hence the order processing needs to be using SWF instead of SQS to make sure the order processing does not repeat multiple times
12) Is an AWS platform certified to use PCI DSS Level 1 ?
The Payment Card Industry Data Security Standard (also known as PCI DSS) is a proprietary information security standard administered by the PCI Security Standards Council, which was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.PCI DSS applies to all entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD) including merchants, processors, acquirers, issuers, and service providers. The PCI DSS is mandated by the card brands and administered by the Payment Card Industry Security Standards Council.AWS has been PCI DSS Certified since 2010. As of July 11, 2016, an external Qualified Security Assessor Company (QSAC), Coalfire Systems Inc. has validated that Amazon Web Services (AWS) successfully completed PCI Data Security Standards 3.2 Level 1 Service Provider assessment and were found to be compliant for all the services outlined below.
Service provider levels are defined as:
Level 1: Any service provider that stores, processes and/or transmits over 300,000 transactions annually
Level 2: Any service provider that stores, processes and/or transmits less than 300,000 transactions annually
13) What kind of storage is amazon S3?
Amazon S3 is an object based storage. In simple terms an amazon S3 creates buckets and the information is stored in buckets as objects
14) You are moving data from amazon S3 to EC2 in the same region. How much do you need to pay for this?
We dont need to pay any money as there is no cost associated with moving data from S3 to EC2 in the same region
15) For denying root access to EC2 instances can you make use of IAM policies that utilizes least privilege concept to restrict access via role assignment?
Root user is the super user in the system and has access to entire system including all of its resources and services. This can’t be restricted using IAM policies
16) How will you protect a bastion host ?
A bastion host sits in a public subnet serving as secure gateway to SSH onto instance via private subnet
17) Which AWS S3 solution will you recommend to store non-critical and reproducible data that needs to be stored with cost efficiency?
S3 reduced redundancy storage RRS can be used for cost efficient purpose
18) Whish AWS service is ideal for BI tools and datawarehousing?
Redshift is datawarehouse, BI, big data solution from AWS
19) Which amazon S3 resource stores data as objects?
While we start using amazon S3 to store files the first thing to do would be to creates AWS S3 buckets. This is the resource used to store data in the form of objects. In plain terms, once you upload your simple notepad file onto S3 it is stored in AWS s3 bucket as bucket object
20) When a file of size 20GB is uploaded the error message: “Your proposed upload exceeds the maximum allowed object size.” is returned. What solution to this problem does AWS recommend?
In AWS S3 Multipart upload allows you to upload a single object as a set of parts. Each part is a contiguous portion of the object’s data. We need to design our application to use the Multipart Upload API for all objects
21) Your environment has set of terminated instances. You have issued reboot-instances command. Should you be bothered about restart of terminated instances?
No need. Requests to reboot terminated instances are ignored while making use of reboot-instances command
22) What is the strategy to control access to your Amazon EC2 instances?
This is accomplished using EC2 Security Groups
23) You have launched a data collection campaign that is to last for five days. Which AWS EC2 purchase option best suits your needs?
On-demand instances allow us to pay for compute capacity on hourly basis with an option to increase or decrease compute capacity and pay hourly rate for instance used
24) Is AWS redshift used to store bigdata by major companies?
Major industries including media, healthcare, finance, pharmaceutical, entertainment make use of S3 for scaling the systems that support big data, analytics, transcoding, and archive applications. Amazon redshift is datawarehouse solution and should not be confused with storing of big data
25) You have been asked to map amazon EBS to an amazon EC2 for AWS CloudFormation resources. What is used for reference?
Reference the logical IDs of both EC2 and EBS. While creating CloudFormation template JSON needs to be built with all required attributes. These attributes are logical Id’s of EBS storage columns and EC2 instances. AWS cloudformation template created a JSON file with Resources section that declares the AWS resources to include in stack including EC2, block store that can be amazon S3 bucket, EBS etc. Resources of same type can be declared together. All resources must be declared separately. The logical ID is alphanumeric and unique within the template
26) What is the availability percentage supported by AWS S3?
AWS S3 achieves 99.999999999% durability utilizing redundant storage of data across multiple facilities and multiple devices
27) What is the use of AWS load balancer component?
The load balancer component of ELB monitors the traffic and handle the requests that come in through the Internet. Load balancer component is for traffic monitoring, controller service component of ELB deals with monitoring and managing load balancers
28) How will you integrate AWS IAM with on-premises LDAP?
SAML can be used for on-premise LDAP integration as well as federated SSO implementation. Use SAML Security Assertion Markup Language to enable single sign-on between AWS and LDAP
29) You have been tasked with identifying an appropriate storage solution for a 500GB database that requires random I/O reads of greater than 130000 4kB IOPS. Which EC2 option will meet this requirement?
The I2 Instance Type offers High I/O Performance Via SSD the solid state devices that offers fastest access of data. Make use of I2 series with scheduled backup
30) What is the maximum number of simple workflow aka SWF domains allowed in a typical AWS account?
Amazon simple workflow service offers an option to maintain total of 100 registered domains that can be both registered and deprecated
31) IS root user same as power user?
No. They are different users with different set of privileges. root is the superuser with supreme privileges
32) What causes the error in an AWS environment – you are not subscribed to this service?
Your AWS account might have expired. Check the sale receipt and subscribe back to get access
33) As part of our hadoop project in AWS cloud you are looking for a web interface to manage the Hive metastore. Which tool can be used?
Hadoop user experience aka HUE can be used for this purpose
34) Which AWS service will you make use of to co-ordinate tasks across distributed application components?
Make use of amazon simple workflow AWS SWF to co-ordinate tasks across distributed application components
35) Is it possible to copy amazon machine image across regions?
Yes, it is possible. It is possible to copy AMI within as well as across AWS region. This is possible using AWS management console, AWS CLI or SDKs
36) How will you boot this HVM AMI?
Boot HVM amazon machine image by executing the master boot record of the root block device of the image
37) Does amazon S3 buckets in usa regions alone provide eventual consistency for overwrite PUTS and DELETES?
This is partially true. As per Amazon S3 documentation eventual consistency for overwrite PUTS and DELETES is available in all regions
38) When deploying databases on your EC2 instances what is AWS recommendation for better performance?
In general SSD the solid state devices are the fastest and are utilized in high throughput environment like SAP, highly transactional environments like OLTP. This is preferred option over magnetic storage devices
39) Give details on naked domain names :-
Domain name without www the world wide web extension is a naked domain. Naked domain is also called zone apex records
40) You are making use of amazon elastic search for your analytics project. How can you achieve high availability?
High availability can be achieved using Zone awareness
41) How will you enable multifactor authentication in an AWS environment?
For multifactor authentication make use of IAM
42) Give some facts about IAM :-
Every user you create in the IAM systems starts with No Permissions. IAM can be used to enable multifactor authentication in an AWS environment
43) What will the the permission of the users that you create in IAM systems are going to start with?
It starts with no permissions
44) What is Amazon CloudFront request handling capacity?
Amazon CloudFront can handle data transfer requests at the rate 1000 requests per second
45) What is DMS? What is its use in an AWS environment?
The data migration service is a GUI from amazon that supports migration of current databases onto AWS cloud Aurora database. Interestingly feasibility , problems that could be encountered during migration including packages, objects that could be impacted post-upgrade will be listed while making use of DMS. This tool is used for migration of databases
46) What is the maximum visibility timeout in amazon simple queue service SQS?
Maximum visibility timeout for amazon SQS message is 12 hours
47) What does ICMP protocol translate to?
ICMP translates to Internet Control Message Protocol
48) You have to enable the Virtual multi-factor authentication. Which AWS cloud service will you make use of for this purpose?
For enabling virtual multi-factor authentication in an AWS environment Identity and access management the IAM service is to be used
49) How will you monitor CPU utilization of an EC2 resource in AWS environment?
Make use of AWS cloudwatch for monitoring EC2 resource utilization including CPU, memory
50) Does RDS AWS service have access to operating system ?
Nope. Services like EC2, opsworks, EMR does have access to underlying operating system not RDS
