Choose.. X Home Exams Certifications

Amazon Web Services Interview Questions

1 . What is AWS?

  • AWS stands for Amazon Web Service; it is a collection of remote computing services also known as cloud computing platform. This new realm of cloud computing is also known as IaaS or Infrastructure as a Service.

2 . what are the key components of AWS?

  • The key components of AWS are
    • Route 53: A DNS web service
    • Simple E-mail Service: It allows sending e-mail using RESTFUL API call or via regular SMTP
    • Identity and Access Management: It provides enhanced security and identity management for your AWS account
    • Simple Storage Device or (S3): It is a storage device and the most widely used AWS service
    • Elastic Compute Cloud (EC2): It provides on-demand computing resources for hosting applications. It is very useful in case of unpredictable workloads
    • Elastic Block Store (EBS): It provides persistent storage volumes that attach to EC2 to allow you to persist data past the lifespan of a single EC2
    • CloudWatch: To monitor AWS resources, It allows administrators to view and collect key Also, one can set a notification alarm in case of trouble.

3 . Explain what is S3?

  • S3 stands for Simple Storage Service. You can use S3 interface to store and retrieve any amount of data, at any time and from anywhere on the web.

4 . Explain what is AMI?

  • AMI stands for Amazon Machine Image. It’s a template that provides the information (an operating system, an application server and applications) required to launch an instance, which is a copy of the AMI running as a virtual server in the cloud. You can launch instances from as many different AMIs as you need.

5 . Mention what is the relation between an instance and AMI?

  • From a single AMI, you can launch multiple types of instances. An instance type defines the hardware of the host computer used for your instance. Each instance type provides different compute and memory capabilities. Once you launch an instance, it looks like a traditional host, and we can interact with it as we would with any computer.

6 . What does an AMI include?

  • An AMI includes the following things
    • A template for the root volume for the instance
    • Launch permissions decide which AWS accounts can avail the AMI to launch instances
    • A block device mapping that determines the volumes to attach to the instance when it is launched

7 . How can you send request to Amazon S3?

  • Amazon S3 is a REST service, you can send request by using the REST API or the AWS SDK wrapper libraries that wrap the underlying Amazon S3 REST API.

8 . Mention what is the difference between Amazon S3 and EC2?

  • The difference between EC2 and Amazon S3 is that
    • It is a cloud web service used for hosting your application
    • It is a data storage system where any amount of data can be stored
    • It is like a huge computer machine which can run either Linux or Windows and can handle application like PHP, Python, Apache or any databases
    • It has a REST interface and uses secure HMAC-SHA1 authentication keys

9 . How many buckets can you create in AWS by default?

  • By default, you can create upto 100 buckets in each of your AWS accounts.

10 . Explain can you vertically scale an Amazon instance? How?

  • Yes, you can vertically scale on Amazon instance. For that
    • Spin up a new larger instance than the one you are currently running
    • Pause that instance and detach the root webs volume from the server and discard
    • Then stop your live instance and detach its root volume
    • Note the unique device ID and attach that root volume to your new server
    • And start it again

11 . What is T2 instances?

  • T2 instances are designed to provide moderate baseline performance and the capability to burst to higher performance as required by workload

12 . In VPC with private and public subnets, database servers should ideally be launched into which subnet?

  • With private and public subnets in VPC, database servers should ideally launch into private subnets.

13 . Mention what are the security best practices for Amazon EC2?

  • For secure Amazon EC2 best practices, follow the following steps
    • Use AWS identity and access management to control access to your AWS resources
    • Restrict access by allowing only trusted hosts or networks to access ports on your instance
    • Review the rules in your security groups regularly
    • Only open up permissions that your require
    • Disable password-based login, for instance, launched from your AMI

14 . Explain how the buffer is used in Amazon web services?

  • The buffer is used to make the system more robust to manage traffic or load by synchronizing different component. Usually, components receive and process the requests in an unbalanced way, With the help of buffer, the components will be balanced and will work at the same speed to provide faster services.
  • A buffer will synchronize different components and makes the arrangement additional elastic to a burst of load or traffic. The components are prone to work in an unstable way of receiving and processing the requests. The buffer creates the equilibrium linking various apparatus and crafts them effort at the identical rate to supply more rapid services.

15 . While connecting to your instance what are the possible connection issues one might face?

  • The possible connection errors one might encounter while connecting instances are
    • Connection timed out
    • User key not recognized by the server
    • Host key not found, permission denied
    • Unprotected private key file
    • Server refused our key or No supported authentication method available
    • Error using MindTerm on Safari Browser
    • Error using Mac OS X RDP Client

16 . What is the way to secure data for carrying in the cloud?

  • One thing must be ensured that no one should seize the information in the cloud while data is moving from point one to another and also there should not be any leakage with the security key from several storerooms in the cloud. Segregation of information from additional companies’ information and then encrypting it by means of approved methods is one of the options.

17 . Distinguish between scalability and flexibility

  • The aptitude of any scheme to enhance the tasks on hand on its present hardware resources to grip inconsistency in command is known as scalability. The capability of a scheme to augment the tasks on hand on its present and supplementary hardware property is recognized as flexibility, hence enabling the industry to convene command devoid of putting in the infrastructure at all.

18 . Explain Elastic Block Storage? What type of performance can you expect? How do you back it up? How do you improve performance?

  • EBS is a virtualized SAN or storage area network. That means it is RAID storage to start with so it's redundant and fault tolerant. If disks die in that RAID you don't lose data. Great! It is also virtualized, so you can provision and allocate storage, and attach it to your server with various API calls. No calling the storage expert and asking him or her to run specialized commands from the hardware vendor.
    Performance on EBS can exhibit variability. That is it can go above the SLA performance level, then drop below it. The SLA provides you with an average disk I/O rate you can expect. This can frustrate some folks especially performance experts who expect reliable and consistent disk throughput on a server. Traditional physically hosted servers behave that way. Virtual AWS instances do not.
    Backup EBS volumes by using the snapshot facility via API call or via a GUI interface like elasticfox.
    Improve performance by using Linux software raid and striping across four volumes.

19 . What automation tools can I use to spinup servers?

  • The most obvious way is to roll-your-own scripts, and use the AWS API tools. Such scripts could be written in bash, perl or other language or your choice. Next option is to use a configuration management and provisioning tool like puppet or better it's successor Opscode Chef. You might also look towards a tool like Scalr. Lastly you can go with a managed solution such as Rightscale.

20 . What is configuration management? Why would I want to use it with cloud provisioning of resources?

  • Configuration management has been around for a long time in web operations and systems administration. Yet the cultural popularity of it has been limited. Most systems administrators configure machines as software was developed before version control - that is manually making changes on servers. Each server can then and usually is slightly different. Troubleshooting though is straightforward as you login to the box and operate on it directly. Configuration management brings a large automation tool into the picture, managing servers like strings of a puppet. This forces standardization, best practices, and reproducibility as all configs are versioned and managed. It also introduces a new way of working which is the biggest hurdle to its adoption.
    Enter the cloud, and configuration management becomes even more critical. That's because virtual servers such as amazons EC2 instances are much less reliable than physical ones. You absolutely need a mechanism to rebuild them as-is at any moment. This pushes best practices like automation, reproducibility and disaster recovery into center stage.

21 . Explain how you would simulate perimeter security using Amazon Web Services model?

  • Traditional perimeter security that we're already familiar with using firewalls and so forth is not supported in the Amazon EC2 world. AWS supports security groups. One can create a security group for a jump box with ssh access - only port 22 open. From there a webserver group and database group are created. The webserver group allows 80 and 443 from the world, but port 22 *only* from the jump box group. Further the database group allows port 3306 from the webserver group and port 22 from the jump box group. Add any machines to the webserver group and they can all hit the database. No one from the world can, and no one can directly ssh to any of your boxes.
    Want to further lock this configuration down? Only allow ssh access from specific IP addresses on your network, or allow just your subnet.

22 . How to use Amazon SQS?

  • Amazon SQS is a message passing mechanism that is used for communication between different connectors that are connected with each other. It also acts as a communicator between various components of Amazon. It keeps all the different functional components together. This functionality helps different components to be loosely coupled, and provide an architecture that is more failure resilient system.

23 . How does cloud computing provides on-demand functionality?

  • Cloud computing is a metaphor used for internet. It provides on-demand access to virtualized IT resources that can be shared by others or subscribed by you. It provides an easy way to provide configurable resources by taking it from a shared pool. The pool consists of networks, servers, storage, applications and services.