AWS INTERVIEW QUESTIONS
1. I have some private servers on premises, also I have distributed some of workload on the public cloud, What is this architecture called?
The architecture name is Hybrid Cloud.
2. What does the command do with respect to the Amazon EC2 security groups?
Creates a security group for use your account.
3. You have a distributed application that periodically processes large volumes of data across multiple Amazon EC2 IWhich of the following will meet your requirements?. The application are designed to recover gracefully from Amazon EC2 instance can be failures. You are required to accomplish the task in most cost effective way.Which of the following will meet your requirements?
Mostly used on Spot Instances.
4. If I want the instance to run on single tenant hardware, which value do have to set the instance’s tenancy attribute to?
Attribute is Dedicated.
5. When will you incur the costs with an Elastic IP address (EIP)?
When it is allocated and associated with an stopped instance.
6. Are the Reserved Instances can available for Multi-AZ Deployments?
Available for the all instance types.
7. You need to configure an Amazon S3 bucket to the serve static assets for your public-facing of web application. Which method will ensure that all objects an uploaded to the bucket are set to the public read?
Configure to the bucket policy to set all objects to public read.
8. A customer wants to the leverage Amazon Simple Storage Service (S3) and Amazon Glacier as a part of their backup and archive infrastructure. The customer plans to the use third-party software to support this integration. Which approach will limit the access of the third party software only to the Amazon S3 an bucket named “company-backup”?
A custom IAM user policy is limited to the Amazon S3 API is in “company-backup”.
9. A customer is implemented AWS Storage Gateway with a gateway-cached volume at the main office. An event takes an link between the main and the branch office offline. Which methods will take enable the branch office to the access their data?
Launch an new AWS Storage Gateway is instance AMI in Amazon EC2, and the restore from a gateway snapshot.
10. When you need to moving the data over a long distances using the internet, for the instance across countries or continents to the Amazon S3 bucket, which is method or service will you use?
Used to Amazon Transfer Acceleration.
11. If you want to the launch Amazon Elastic Compute Cloud (EC2) instances and assign to each instance an predetermined private IP address you should?
Launch the instances an Amazon Virtual Private Cloud (VPC).
12. Why do make the subnets?
To efficiently utilize to networks that have a large no of hosts.
13. When do subnet is true working?
You can attach the multiple subnets to route table.
14. In Cloud Front to take what happens when the content is NOT present an Edge location and the request is an made to it?
CloudFront is delivers to the content is directly from the origin server and the stores it in the cache of the edge location.
15. If launch an standby RDS instance, they will it be in the same Availability Zone as my primary?
No result for RDS instance zone.
16. When do I prefer to Provisioned IOPS over the Standard RDS storage?
If you have do batch-oriented is workloads.
17. If I am running on my DB Instance a Multi-AZ deployments, can I use to the stand by the DB Instance for read or write a operation along with to primary DB instance?
Primary db instance does not working.
18. Which the AWS services will you use to the collect and the process e-commerce data for the near by real-time analysis?
Good of Amazon DynamoDB.
19. A company is deploying the new two-tier an web application in AWS. The company has to limited on staff and the requires high availability, and the application requires to complex queries and table joins. Which configuration provides to the solution for company’s requirements?
An web application provide on Amazon DynamoDB solution.
20. Which the statement use to cases are suitable for Amazon DynamoDB?
The storing metadata for the Amazon S3 objects& The Running of relational joins and complex an updates.
21. Your application has to the retrieve on data from your user’s mobile take every 5 minutes and then data is stored in the DynamoDB, later every day at the particular time the data is an extracted into S3 on a per user basis and then your application is later on used to visualize the data to user. You are the asked to the optimize the architecture of the backend system can to lower cost, what would you recommend do?
Introduce Amazon Elasticache to the cache reads from the Amazon DynamoDB table and to reduce the provisioned read throughput.
22. You are running to website on EC2 instances can deployed across multiple Availability Zones with an Multi-AZ RDS MySQL Extra Large DB Instance etc. Then site performs a high number of the small reads and the write per second and the relies on the eventual consistency model. After the comprehensive tests you discover to that there is read contention on RDS MySQL. Which is the best approaches to the meet these requirements?
The Deploy Elasti Cache in-memory cache is running in each availability zone and Then Increase the RDS MySQL Instance size and the Implement provisioned IOPS.
23. An startup is running to a pilot deployment of around 100 sensors to the measure street noise and The air quality is urban areas for the 3 months. It was noted that every month to around the 4GB of sensor data are generated. The company uses to a load balanced take auto scaled layer of the EC2 instances and a RDS database with a 500 GB standard storage. The pilot was success and now they want to the deploy take atleast 100K sensors.let which to need the supported by backend. You need to the stored data for at least 2 years to an analyze it. Which setup of following would you be prefer?
The Replace the RDS instance with an 6 node Redshift cluster with take 96TB of storage.
24. Let to Suppose you have an application where do you have to render images and also do some of general computing. which service will be best fit your need?
Used on Application Load Balancer.
25. How will change the instance give type for the instances, which are the running in your applications tier and Then using Auto Scaling. Where will you change it from areas?
Changed to Auto Scaling launch configuration areas.
26. You have an content management system running on the Amazon EC2 instance that is the approaching 100% CPU of utilization. Which option will be reduce load on the Amazon EC2 instance?
Let Create a load balancer, and Give register the Amazon EC2 instance with it.
27. What does the Connection of draining do?
The re-routes traffic from the instances which are to be updated (or) failed an health to check.
28. When the instance is an unhealthy, it is do terminated and replaced with an new ones, which of the services does that?
The survice make a fault tolerance.
29. What are the life cycle to hooks used for the AutoScaling?
They are used to the put an additional taken wait time to the scale in or scale out events.
30. An user has to setup an Auto Scaling group. Due to some issue the group has to failed for launch a single instance for the more than 24 hours. What will be happen to the Auto Scaling in the condition?
The auto Scaling will be suspend to the scaling process.
31. You have an the EC2 Security Group with a several running to EC2 instances. You changed to the Security of Group rules to allow the inbound traffic on a new port and protocol, and then the launched a several new instances in the same of Security Group.Such the new rules apply?
The Immediately to all the instances in security groups.
32. To create an mirror make a image of your environment in another region for the disaster recoverys, which of the following AWS is resources do not need to be recreated in second region?
May be the selected on Route 53 Record Sets.
33. An customers wants to the captures all client connections to get information from his load balancers at an interval of 5 minutes only, which cal select option should he choose for his application?
The condition should be Enable to AWS CloudTrail for the loadbalancers.
34. Which of the services to you would not use to deploy an app?
Lambda app not used on deploy.
35. How do the Elastic Beanstalk can apply to updates?
By a duplicate ready with a updates prepare before swapping.
36. An created a key in the oregon region to encrypt of my data in North Virginia region for security purposes. I added to two users to the key and the external AWS accounts. I wanted to encrypt an the object in S3, so when I was tried, then key that I just created is not listed.What could be reason&solution?
The Key should be working in the same region.
37. As a company needs to monitor a read and write IOPS for the AWS MySQL RDS instances and then send real-time alerts to the operations of team. Which AWS services to can accomplish this?
The monitoring on Amazon CloudWatch
38. The organization that is currently using the consolidated billing has to recently acquired to another company that already has a number of the AWS accounts. How could an Administrator to ensure that all the AWS accounts, from the both existing company and then acquired company, is billed to the single account?
All Invites take acquired the company’s AWS account to join existing the company’s of organization by using AWS Organizations.
39. The user has created an the applications, which will be hosted on the EC2. The application makes calls to the Dynamo DB to fetch on certain data. The application using the DynamoDB SDK to connect with the EC2 instance. Which of respect to best practice for the security in this scenario?
The user should be attach an IAM roles with the DynamoDB access to EC2 instance.
40. You have an application are running on EC2 Instance, which will allow users to download the files from a private S3 bucket using the pre-assigned URL. Before generating to URL the application should be verify the existence of file in S3. How do the application use the AWS credentials to access S3 bucket securely?
An Create a IAM role for the EC2 that allows list access to objects in S3 buckets. Launch to instance with this role, and retrieve an role’s credentials from EC2 Instance make metadata.
41. You use the Amazon CloudWatch as your primary monitoring system for web application. After a recent to software deployment, your users are to getting Intermittent the 500 Internal Server to the Errors, when you using web application. You want to create the CloudWatch alarm, and notify the on-call engineer let when these occur. How can you accomplish the using the AWS services?
An Create a CloudWatch get Logs to group and A define metric filters that assure capture 500 Internal Servers should be Errors. Set a CloudWatch alarm on the metric and By Use of Amazon Simple to create a Notification Service to notify an the on-call engineers when prepare CloudWatch alarm is triggered.
42. You are designing a multi-platform of web application for the AWS. The application will run on the EC2 instances and Till will be accessed from PCs, tablets and smart phones.Then Supported accessing a platforms are Windows, MACOS, IOS and Android. They Separate sticky sessions and SSL certificate took setups are required for the different platform types. Which do describes the most cost effective and Like performance efficient the architecture setup?
Assign to multiple ELBs an EC2 instance or group of EC2 take instances running to common component of the web application, one ELB change for each platform type.Take Session will be stickiness and SSL termination are done for the ELBs.
43. You are migrating to legacy client-server application for AWS. The application responds to a specific DNS visible domain (e.g. www.example.com) and server 2-tier architecture, with multiple application for the servers and the database server. Remote clients use to TCP to connect to the application of servers. The application servers need to know the IP address of clients in order to the function of properly and are currently taking of that information from TCP socket. A Multi-AZ RDS MySQL instance to will be used for database. During the migration you change the application code but you have file a change request. How do would you implement the architecture on the AWS in order to maximize scalability and high availability?
File a change request to get implement of Proxy Protocol support in the application. Use of ELB with TCP Listener and A Proxy Protocol enabled to distribute the load on two application servers in the different AZs.
44. Your application currently is leverages AWS Auto Scaling to the grow and shrink as a load Increases/decreases and has been performing as well. Your marketing a team expects and steady ramp up in traffic to follow an upcoming campaign that will result in 20x growth in the traffic over 4 weeks. Your forecast for approximate number of the Amazon EC2 instances necessary to meet peak demand is 175. What should be you do avoid potential service disruptions during the ramp up traffic?
Check the service limits in the Trusted Advisors and adjust as necessary, so that forecasted count remains within the limits.
45. You have a web application running on the six Amazon EC2 instances, consuming about 45% of resources on the each instance. You are using the auto-scaling to make sure that a six instances are running at all times. The number of requests this application processes to consistent and does not experience to spikes. Then application are critical to your business and you want to high availability for at all times. You want to the load be distributed evenly has between all instances. You also want to between use same Amazon Machine Image (AMI) for all instances. Which are architectural choices should you make?
Deploy to 3 EC2 instances in one of availability zone and 3 in another availability of zones and to use of Amazon Elastic is Load Balancer.
46. You are the designing an application that a contains protected health information. Security and Then compliance requirements for your application mandate that all protected to health information in application use to encryption at rest and in the transit module. The application to uses an three-tier architecture. where should data flows through the load balancers and is stored on the Amazon EBS volumes for the processing, and the results are stored in the Amazon S3 using a AWS SDK. Which of the options satisfy the security requirements?
Use TCP load balancing on load balancer system, SSL termination on Amazon to create EC2 instances, OS-level disk take encryption on Amazon EBS volumes, and The amazon S3 with server-side to encryption and Use the SSL termination on load balancers, an SSL listener on the Amazon to create EC2 instances, Amazon EBS encryption on the EBS volumes containing the PHI, and Amazon S3 with a server-side of encryption.
47. An startup deploys its create photo-sharing site in a VPC. An elastic load balancer distributes to web traffic across two the subnets. Then the load balancer session to stickiness is configured to use of AWS-generated session cookie, with a session TTL of the 5 minutes. The web server to change Auto Scaling group is configured as like min-size=4, max-size=4. The startup is the preparing for a public launchs, by running the load-testing software installed on the single Amazon Elastic Compute Cloud (EC2) instance to running in us-west-2a. After 60 minutes of load-testing, the web server logs of show the following:WEBSERVER LOGS | # of HTTP requests to from load-tester system | # of HTTP requests to from private on beta users || webserver #1 (subnet an us-west-2a): | 19,210 | 434 | webserver #2 (subnet an us-west-2a): | 21,790 | 490 || webserver #3 (subnet an us-west-2b): | 0 | 410 || webserver #4 (subnet an us-west-2b): | 0 | 428 |Which as recommendations can be help of ensure that load-testing HTTP requests are will evenly distributed across to four web servers?
Result of cloud is re-configure the load-testing software to the re-resolve DNS for each web request.
48. To serve the Web traffic for a popular product to your chief financial officer and IT director have purchased 10 m1.large heavy utilization of Reserved Instances (RIs) evenly put spread across two availability zones: Route 53 are used to deliver the traffic to on Elastic Load Balancer (ELB). After the several months, the product grows to even more popular and you need to additional capacity As a result, your company that purchases two c3.2xlarge medium utilization RIs You take register the two c3.2xlarge instances on with your ELB and quickly find that the ml of large instances at 100% of capacity and the c3.2xlarge instances have significant to capacity that’s can unused Which option is the most of cost effective and uses EC2 capacity most of effectively?
To use a separate ELB for the each instance type and the distribute load to ELBs with a Route 53 weighted round of robin.
49. An AWS customer are deploying an web application that is the composed of a front-end running on the Amazon EC2 and confidential data that are stored on the Amazon S3. The customer security policy is that all accessing operations to this sensitive data must authenticated and authorized by centralized access to management system that is operated by separate security team. In addition, the web application team that be owns and administers the EC2 web front-end instances are prohibited from having the any ability to access data that circumvents this centralized access to management system. Which are configurations will support these requirements?
The configure to the web application get authenticate end-users against the centralized access on the management system. Have a web application provision trusted to users STS tokens an entitling the download of the approved data directly from a Amazon S3.
50. A Enterprise customer is starting on their migration to the cloud, their main reason for the migrating is agility and they want to the make their internal Microsoft active directory available to the any applications running on AWS, this is so internal users for only have to remember one set of the credentials and as a central point of user take control for the leavers and joiners. How could they make their active the directory secures and the highly available with minimal on-premises on infrastructure changes in the most cost and the time efficient way?
By Using a VPC, they could be create an the extension to their data center and to make use of resilient hardware IPSEC on tunnels, they could then have two domain consider to controller instances that are joined to the existing domain and reside within the different subnets in the different availability zones.
51. What Amazon Machine Image is consist of.
Amazon Machine Image consist of Operating System, Software packages, other root storage type and virtualization type.
52. What are different categories of AMIs.
AMIs comes in 3 categories : My AMI (Custom AMIs created by us) , AWS Marketplace AMIs, Community AMI.
53. What is Elastic Block Storage (EBS)
EBS(Elastic Block Store) are network attached storage, not the physically attached to the host machine. EBS Volumes are persistent, i.e. they can live beyoud the life of EC2 instances.
54. What do you mean by IOPS and how it is calculated.
IOPS means Input Output Per Second. AWS measure it in the chunk of 256KB Chunk as one IOPS. Any Operation which is more than 256KB will be calculated on this basis. If we have a 512KB operation it will be counted as 2 IOPS.
55. What do you mean by Instance Store Volume and how it is different than EBS.
Instance Store Volume will have Volume attached to the Host and whose underlying hardware is physically attached to the host computer that is running the instance. It is ephemeral, means the data on the volume exists during the lifetime of the instance.
56. What is EC2 Keypair and what is its scope.
EC2 Keypair are two cryptographic secure key used to authenticate an user while logging to the EC2 instances. It is visible within a region.
57. What is the Benefit of EBS Snapshot.
Snapshots are point in time backup of EBS Volumes and are incremental in nature. It Stores only the changes since the most recent snap-shot and we have to pay for that only.
58. What do you mean by placement group and when it is beneficial.
Placement group is a cluster of instances within the same availability zone and used by the application which require an extreme latency network between them.
59. What is different types of EC2 Purchasing options
On-demand, Reserved, Spot, Dedicated Instance and Dedicated Host.
60. What is Elastic File System (EFS) and how it is useful than EBS.
EFS is the storage option for EC2 instances and is scalable in nature. EFS file system can be accessed by more than one EC2 instances at the same time and scale to petabytes in size.
61. What do you mean by EC2 Shared Responsibility Model.
It describe the responsibility of both the parties (AWS and The Client ) for managing the AWS resources.
AWS Responsibility: DDoS Protection, Port Scanning and Ingress network Filtering Client Responsibility : Security Group ,IP table,Firewall, Encryption,SSL,KMS.
62. What is lambda and under what scenarios it is beneficial than EC2.
Lambda is an example of serverless computing platform, where we can run our code without provisioning or managing the servers. Lambda is beneficial then EC2 for the event driven model use cases. Example : CCTV Application, Storing the Data to S3 bucket.
63. Let’s suppose that we have an AWS application hosted and that requires 24×7 availability and can be down only for a maximum of 10-15 minutes. How will you make ensure that the database hosted on your EBS volume is backed up properly?
For automated backup manual intervention is not required. Whenever data backup is required, AWS API and AWS CLI play role in automating the process through some scripts. The EBS snapshot can be stored on Amazon S3 and the stored EBS volume will be used for the recovery of database instance if any failure or downtime will occur.
64. What are the states of instance?
States of instances are
65. Difference between stop and terminate the instances?
Stopping the instance refers to stop the instance for certain time/period.
Terminate the instance refers to normal shut-down, it will delete the attached EBS volumes permanently from instances unless the volume’s deleteOnTermination attribute is set to false.
66. Is it required to use encryption for S3 ?
It is preferred to use encryption for sensitive data for S3 as it is a proprietary technology.
While working in production or mission critical data its highly recommended to encrypt your data.
67.What is Amazon Machine Image(AMI)?
AMI is the snapshot of your root filesystem.
68. Define Serverless Application In Aws?
AWS SAM extends AWS CloudFormation to provide a simplified way to define the Amazon API Gateway APIs, AWS Lambda function, DynamoDB tables which is required by your serverless application.
69. Is there any chance to change the private IP addresses of an EC2 while it is running/stopped in a VPC?
The primary private IP address cannot be changed once the instance is created. Secondary private addresses can be unassigned, assigned or moved between instances anytime.
70. What are different cloud service provider and what are the services provide by cloud service providers?
The big companies like amazon, IBM, Google, Microsoft have their own cloud and are called as cloud service provider. There are different clouds in market like:
- AWS(by Amazon)
- Azure(by Microsoft)
- GCP(by Google)
- Softlayer(by IBM)
- Bluemix(by IBM)
- Oracle cloud(by Oracle)
- e2e(by e2e networks)
All the services which are provided by cloud service providers is divided into 3 catagories:
- IAAS(Infrastructure as a service)
- PAAS(Platform as a service)
- SAAS(Software as a service)
71. What are instances in AWS?
Ans: Servers in our daily life are EC2 instances (elastic compute cloud) in terms of cloud computing.
72. What is amazon free tier instances?
While creating amazon account amazon asks you to provide your credit/debit card details, and debit Rs2 from your account, after account is successfully created it provides free tier account, ther are some services which are free for 1 year and there are some services which are always free, there are some services which are available only for trials, out of 1 year free services, you are free to use t2.micro instances free for 750 hrs, ebs 30 GB, Amazon Connect for 90 mins, Amazon Pinpoint for 5000 targets,RDS db.t2.micro for 750 hours for single AZ in a year, Amazon GameLift for 125 hours, opsworks 7500 node hours for chef automate, and many more, there services are always free are: AWS Storage Gateway for 100 GB per month, AWS Lambda 1 million free request per month, Dynamo DB 25GB of storage.Glacier 10 GB of storage retrivals and so many.
73. What are type of instances and how their costing is done?
Amazon provide different type of instances depending on your requirement of memory, CPU, EBS optimization, Network performance. Depending on your choice you can select type of instances.
74. What is cost optimization in ec2 instances and how it is done for these ec2 instances?
Cost in ec2 instances are implented in 3 ways:
- Ondemand: Costliest: Only go for these instances when it is required to set up immidiately
- Reserved: Intermediate: Mostly recommended: All the instances which are running you can borrow instances from amazon at 30% cheaper then ondemand.
- Spot: cheapest: you can bid on the instances from AWS market place.
75. What is the limit of connecting ebs on ec2?
you can connect the max of 1TB and 5 number of ebs to an ec2 instance. Also, you can’t connect same EBS to multiple EC2 instances. But you can remove the EBS volume from a stopped instance and you can attached it to other instance.
76. What are security groups?
Its a virtual firewall which controls the traffic to one or more instance. You can add the rules to each security group at any time, depending on the particular IP address and port number.
77. What is S3?
S3 is simple storage service. This stores objects in form of objects inside the bucket and thats why this is also called as s3 buckets. This service offers industry-leading scalability, data availability, security, and performance. Amazon S3 is designed as 99.999999999% (11 9’s) of durability, and stores data for millions of applications for companies all around the world.
78. What are different types of S3?
S3 can be used for different purpose:
- S3 Standard
- S3 Intelligent-Tiering
- S3 Standard-IA
- S3 One Zone-IA
- S3 Glacier
79. Who many VPC, Internet gateway, customer gateway, VPN can be created per region.
5 , 5 , 50 ,50 (Soft limit) ,which can be increased as per request.
80. What is the salient feature of Internet Gateway.
Internet Gateway allows to communicate between the instances in the VPC and the internet. It is horizontal scaled, redundant and highly available. Imposes no availability risk on the network traffic.
81. What is the major difference between a NACL and a Security Group.
NACL and meant for the subnet level security and are stateless in nature i.e. we need to specify the rules for both incoming and outgoing traffic. Security group are meant for instance level security and are stateful in nature i.e. only the rules for incoming traffic need to be specified.
82. How the rules get processed by NACL and the Security Group.
NACL process the rules on the basic of priority and lower rule is getting processed first. While Security group doesn’t have priority for the traffic and it got processed as it get defined.
83. What is Bastion Host and what it is used for.
Bastion host works like a jump box which allows the authorized user to login to any of the server once they are getting authorized for the first time. We can use any third party tool like f5 to make it more secure.
84. what is cloud watch?
CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS cloud. watch enables monitoring for ec2 and other Amazon cloud services. … AWS cloud watch allows. you to record metrics for services such as EBS ec2 elastic load balancer and Amazon s3 and using these metrics
85. What are the migration strategies?
86. What is a stateless and a stateful entity?
A stateful session bean is defined as follows: … Except during method invocation, all instances of a stateless bean are equivalent, allowing the EJB container to assign an instance to any client. That is, the state of a stateless session bean should apply across all clients.
87. How auto scaling works, explain with best example?
Auto-scaling is a way to automatically scale up or down the number of compute resources that are being allocated to your application based on its needs at any given time.
88. What is Virtualization.
Virtualization is the process of creating the virtual version of something rather than the actual version of that thing.
89. How HVM (Hardware VM ) AMIs and PVM (Para VM) are different from each other.
HVM provides the ability to run an operating system directly on the top of a virtual machine without any modification, as it runs on the bare metal hardware.
PVM : Guest can run on the host hardware that does not have explicit support for virtualization.
90. What is the difference between dynamic public IP and Elastic IP with respect to EC2 instances.
Dynamic Public IP is the Internet routable IP address which get modified once the instance is getting stopped and started back. The Elastic IP are the static IPs which remain same which are getting assigned to the instances.
91. What do you mean by bootstrapping and how you will find the user data and meta data over the instances.
Bootstrapping is the process of self-starting the set of commands without external input. To get the detail of user data and meta data over the instances use the below commands.
curl http://169.254.169.254/latest/user–data/ (user data) curl http://169.254.169.254/latest/meta-data/ (meta data)
92. How will you brief about AWS and its services?
AWS which is an abbreviation of Amazon web services and provides AWS offers different services such as PaaS (platform as a service), IaaS (infrastructure as a service), new way of serverless computing, and even more with 100+ different services. Also the number is growing very rapidly as well. With this massive platform, professionals will be able to let their thoughts go wild, think of their new business models and provide services to the customers they never thought of only a few years ago
93. How do you think EC2 service is capable to replace on-premises servers?
EC2 is short for Elastic Compute Cloud which offers a virtual machines in the aws cloud environment. Like all virtual machines you can connect a virtual network interface to the virtual machines, as well as the storages.
What most virtual machines can’t do however, is auto-scaling meaning increasing and decreasing your servers based on-demand or may be automatically. EC2 has this exclusive feature that this is all built-in to this service. We would say without any doubt EC2 can replace the regular on-premise server for any type of requirement that client demands.
94. So how to classify different types of EC2 in major ?
On-Demand Instances which is based on the request that you place to EC2 services and that will be provisioned also start charging in the model which amazon has. Here like regular house hold services , it sends you the bill every month to pay
Spot requests which allows you to bid on spare AWS EC2 computing capacity. Meanwhile Spot instances are often readily available at a discounts compared to On-Demand EC2 pricing, so you can significantly reduce the cost of running your apps, grow your apps compute capacity and throughput for the same budget.
Reserved instances is a model based on a commitment. You can pay for your EC2 instances which you use up-front and in return you will obviously get a reduced hourly price. Using this Reserved Instances you can save up to 75% on your monthly budget for EC2 expenditure.
95. Just give some quick overview about AMI comparing to some other example services.
AMIs are a lot like snapshots in VMware. You could launch your own EC2 instances from an AMI and also you can even share your AMI with multiple AWS accounts.
EC2 which allows you to configure and setup everything about your own instances from your OS and your apps. An Amazon Machine Image (AMI) is just a bundled environment that includes all the necessary bits to set up also to boot your instance. Your Amazon machine images are your own unit of deployment. You may have one AMI or you may compose system out of many building block AMIs like app server, db server etc.
96. So how quickly you can scale the EC2 capacity for scale up as well as scale down ?
Amazon EC2 is providing elastic computing environment in cloud. Which enables you to decrease or increase capacity within few minutes, not for hours or days. You can immediately commission one, tens, hundreds or even thousands more of server EC2 instances simultaneously. When you need more instances, you just simply call RunInstances, so that EC2 service will typically set up your new instances in fraction of minutes. Of course, this because all are controlled with web services APIs, your apps can automatically scale itself down and up depends on its needs.
97. If you have requirement from client for some scenario how will you choose the instance type ?
Here EC2 instances are majorly categorized into 5 families: Memory Optimized, Storage Optimized ,General Purpose, Compute Optimized, and Accelerated Computing instances. Memory Optimized Instances (which is X1e, X1, R5, R4) provides larger memory sizes for memory-intensive apps, including db and memory caching apps ; General Purpose Instances have memory to CPU ratios suitable for the most general purpose apps and come with burstable performance (which is T2) or fixed performance (which is M5, M4); Compute Optimized instances (which is C5, C5n, C4) have more CPU resources than the memory and which is well suited for scale out CPU-intensive apps and High Performance Computing (HPC); Accelerating Computing instances (which is P3, P2, G3, F1) takes benefits of the parallel processing capability of the NVIDIA Tesla GPUs for high performance computing (HPC) and deep/machine learning; GPU Graphics instances (which is G3) provides high-performance 3D graphics capabilities for applications by using OpenGL and DirectX; F1 instances deliver Xilinx FPGA-based reconfigurable computing; Storage Optimized Instances (which is H1, I3, D2) that offers low latency, very high, I/O capacity using SSD-based local instance storages for I/O-intensive apps, with H1 or D2, the dense-storage and HDD-storage EC2 instances, offer local high storage density and sequential I/O performance for Hadoop, data warehousing and other data-intensive apps. While choosing instance types, you need to consider the characteristics of your app with respect to resource utilization (i.e. Memory, CPU, Storage) and choose the optimal instance family and its instance size.
98. Why AWS limits elastic IP’s to 5 ? What if I want to have more ?
Public IP addresses are a rare resource. There is only a very limited amount of public IP address spaces are available, and EC2 is committed to helping use those space efficiently. By default, Accounts are limited to only 5 Elastic IP addresses per region. If you need more than the 5 Elastic IP addresses, we can apply for our limit to be raised. With the proper business justification that you provide to Amazon support team, they will help us to increate the capacity.
99. Do we need to attach elastic IP to all the instance which we create ?
Well, no it depends on the scenario. You don’t need an Elastic IP for all our instances. Here By default, all the instances comes with a private IP address and also an internet routable public IP. The private IP remains associated with the network interfaces when the instance is restarted or stopped, and which will be released when the instance gets terminated. The public IP is associated specifically with the instance until it is terminated, stopped or replaced with an Elastic IP. These IP should be adequate for many apps where you don’t need such a long-lived internet routable end points. web crawling, backend services and Compute clusters are all some of apps which typically do not require Elastic IP.
100. Who will be interacting with AWS and what he can do on it ?
Anyone who has user account created in AWS can interact with AWS with the specified privileges. A user is a unique identity known by AWS services and its apps. Like a login user in an OS like Windows or UNIX, a user has his unique name and can identify itself using its familiar security credentials password or the access key. A user can be any individual, system, or apps requiring access to AWS service. IAM supports users managed in AWS’s identity management system called IAM users, and it enables you to grant access to AWS resources for users who managed outside of AWS in corporate directory. Which also called federated users.
A user can also place requests to the web services such as Amazon S3 and Amazon EC2. A user’s ability to access AWS web service APIs is under the responsibility and control of the AWS account under which it has defined. You can permit a user to access any of the services that is integrated with IAM and to the AWS account subscribed. If it is permitted, a user will have access to all of the resources under AWS account. Also, if the AWS account has access to its resources from a different account, its users may able to access the data under those accounts. Any AWS resources created by the user will be under control of and paid for by its account.
101. In a scenario, a user permission should be revoked or changed even deleted. Is it achievable in AWS ?
You have the privilege to enable or disable the user access at any point in time. This can be done through API call, management console, or commandline interface as well. The AWS account administrator will have the privilege to manage users, groups, security credentials, and permissions. In addition, you may also grant permissions to the individual users to place request calls to IAM APIs in order to manage the other users. Example, an AWS administrator user may be created to manage users for a corporation which is a recommended practice.
102. Do IAM role can resolve any security issues ?
Yes, IAM roles allows you to delegate access with defined permissions to trusted entities without having to share long-term access keys. You can use IAM roles to delegate access to IAM users managed within your account, to IAM users under a different AWS account, or to an AWS service such as EC2.
103. Do you think Autoscaling is the best feature in EC2 ?
Of course, Launch configurations and autoscaling groups are one of the real magic trick of Amazon EC2 service. Launch configurations and autoscaling groups ensures your AWS EC2 instances can scale up and down based on the demand. Your AWS EC2 instances will be automatically added to the load balancer which you specify which ensures your apps are available always.
104. Do you have an option to execute the script to the AWS EC2 instances currently running in your account without logging into its console ?
Run commands give you a new way to execute scripts remotely on one EC2 instances or on the entire fleet, either on a schedule or on-demand. You can, for example, you need to run an Ansible playbook to check for operating system updates regularly, you can do by using run commands.
105. How will you brief about the relational database services in AWS ?
Relational Database Service (RDS) makes it easy to scale, set up and operate a relational database in the cloud environment. RDS provides cost-efficient and more resizable capacity while you are automating time-taking administration tasks like hardware provisioning, db setup, patches and backups. RDS also supports multiple DB engines like Microsoft SQL Server, PostgreSQL, Amazon Aurora, MySQL, MariaDB and Oracle. RDS also will allow you to create your clusters which will automatically failover if it is needed. A Bring Your Own License (BYOL) model is also available for MS SQL Server so you can re-use your existing licenses you have it.
106. How will you choose your load balancer based on the application requests?
Elastic Load Balancing supports three different types of load balancers. You can select the desired load balancer based on the application and its needs. If you are in need of flexible application management and also TLS termination then you can use Application Load Balancer. If you are in need of extreme performance and static IP for your application then you can choose to use Network Load Balancer. If you are in need to build application within the EC2 Classic network, then you should use Classic Load Balancer.
107. Can you load balance applications distributed across different VPC’s and on-premises location?
There are many ways to achieve hybrid load balancing scenario. If an application runs on targets which is distributed between a VPC and an on-premises, you can add them to the same target group by using their IP address. To migrate to AWS and without impacting your existing application, gradually add VPC targets to target group and then remove on-premises targets from target group.
If in a scenario you have two different applications such that the targets for one application are in one VPC and targets for the other applications are in the on-premise location, you can place the VPC targets in one target group and on-premises targets in the other target group and use content based routing to route traffic to each target groups. You also can use separate load balancers for on-premises targets and VPCs and use DNS weighting to achieve weighted load balancing between on-premises targets and VPC.
108. How will you decide to choose the storage volume type while creating it for your application?
Amazon EBS includes two major types of storage: SSD-backed storage for transactional workloads. The performance is depending primarily on IOPS. And the second type is HDD-backed storage for throughput workloads. The performance depends primarily on throughput, measured in MB/s. SSD-backed volumes are designed for IOPS-intensive database workloads, boot volumes, transactional, and workloads that requires high IOPS.
SSD-backed volumes which basically include General Purpose SSD (gp2) and Provisioned IOPS SSD (io1). HDD-backed volumes are designed mainly for throughput-intensive and large I/O sizes , big-data workloads, and sequential I/O patterns. HDD-backed volumes which include Throughput Optimized HDD (st1) and Cold HDD (sc1). So based on the application need you can decide the storage volume type.
109. Could you explain AWS Auto Scaling vs. Auto Scaling for individual services?
You can use AWS Auto Scaling to manage scaling for multiple resources across several services. If you prefer, you can instead choose to use its individual service consoles, Application Auto Scaling API or Auto Scaling API to scale separate AWS services. You can also use the individual consoles or API if you want to set step scaling policies or scheduled scaling, as AWS Auto Scaling service creates target tracking scaling policies only. AWS Auto Scaling enables unified scaling for several resources, and also has predefined guidance which helps make it easier also faster to configure the scaling.
110. In which scenario VPC is needed and what are all the related components ?
Amazon VPC allows you to build your own range of virtual network in the AWS cloud environment- no VPNs, hardware, or any physical datacenters are required. You also can define your own network space, and control how your network and the EC2 instances inside your network are exposed to the public. You can also leverage the enhanced security options in Amazon VPC to provide more granular access from and to the EC2 resources in your virtual network. Subnet , Internet Gateway, NAT Gateway, Virtual private gateway, Peering Connection, VPC Endpoints, Egress-only Internet Gateway are different components in it
111. Endpoints in VPC having different types and brief each ?
VPC endpoints allow you to privately connect your VPC to services which are hosted on AWS without requiring an IGW, VPN, a NAT device, or firewall proxies. Endpoints are highly available virtual devices and horizontally scalable which allow communication between instances in your VPC and to AWS services. VPC provides two different types of endpoints are gateway type endpoints and interface type endpoints.
Gateway type endpoints which is available only for AWS services including DynamoDB S3 and these endpoints will add one entry to route table you select also route traffic to the supported services through aws private network. And Interface type endpoints which provides private connectivity to the services powered by PrivateLink, being AWS services, your own services or SaaS solutions, and it supports connectivity over Direct Connect. And more AWS and SaaS solutions will also be supported by these endpoints in future.
112. How important is VPC in AWS environment and brief about it.
Amazon VPC lets you provision an isolated section logically of the Amazon Web Services environment (AWS) cloud where you should be able to launch AWS resources in a virtual network which you define. You have full control over your virtual networking environment in AWS, which including the selection of your own IP address range, creating subnets, and configuring of route tables and network gateways. You can also create a hardware VPN connection between your corporate datacenter in primises and your VPC and leverage the AWS cloud as an extension of your own corporate datacenter.
113. How quickly you can launch some default patterns of VPC networking ?
Your AWS resources are provisioned automatically in the default VPC in your aws account. You can also choose to create additional VPCs by reaching to the Amazon VPC page in the AWS Management Console and then choose “Start VPC Wizard”. You’ll be getting four basic options for different network architectures. After choosing an option, you can also modify the size, IP address ranges of the VPC which you want to create and also its subnets IP. If you have selected an option with the Hardware VPN Access, you will have to specify the IP address of your VPN hardware on the network. You can also modify the VPC to add or remove secondary IP ranges & gateways, or even add more subnets to IP ranges which you want.
114. Do you have option to connect your vpc to internet ?
Amazon VPC will have an option to create an Internet gateway. This gateway will enable Amazon EC2 instances in the VPC to access the Internet directly.
115. Do you have an option to connect internet without private IP ?
Instances without the public IP can access the Internet in either of following way: 1. Instances without public IP can route its traffic through a NAT gateway or the NAT instance to access Internet. These instances will use the public IP of NAT gateway or the NAT instance to traverse the Internet.
NAT gateway or the NAT instance will allow outbound communication but which doesn’t allow machines on Internet to initiate the connection to the instances which are privately addressed. 2. For the VPCs with which a hardware VPN connection or Direct Connect connection, instances are able to route their Internet traffic down the virtual private gateway to the existing datacenter. it can access Internet via your existing egress points & network security/monitoring devices from there.
116. What would be the default ip range in Default VPC ?
Default VPCs will be in a CIDR range of 172.31.0.0/16. And Default subnets within the default VPC are assigned /20 netblocks within VPC CIDR range.
117. Do you have an option to change the VPC size ?
Yes of course. You should be able to expand your existing VPC by adding four (4) secondary IPv4 IP ranges (CIDRs) to your created VPC. You can also shrink your VPC by removing the secondary CIDR blocks that you have added to VPC. However, you cannot change the size of the IPv6 address range of your VPC.
118. Do you think you can assign any IP address to an instance ?
You can assign any IP address to your instance as long as it is, Part of the associated subnet’s IP range, Not reserved by Amazon for networking purposes, Not assigned to another interface.
119. In what way do you secure your running instances in your VPC?
Amazon EC2 security groups is used to help secure instances within the VPC. The Security groups in a VPC which enable you to specify inbound and outbound network traffic which is allowed to or from each EC2 instance. Traffic is not explicitly allowed to or from an EC2 instance is automatically denied.
120. How ec2 within vpc communicates to ec2 in different vpc ?
If an Internet gateway is configured, VPC traffic bound for EC2 instances not within a VPC which traverses the Internet gateway and then it enters the public AWS network to reach the other EC2 instance. If the Internet gateway is not configured, or if instance are in a subnet configured to route through the virtual private gateway, the traffic which traverses the VPN connection, egresses from datacenter, and then it re-enters the public AWS network.
121. Do you think you can create n number of EC2 instances ?
Yes, You are permitted to run any number of EC2 instances within a VPC, as long as your VPC is sized to have an IP address assigned to each instances. Initially you are limited to launching 20 EC2 instances at any one time and a maximum VPC size of /16 . You can also increate limit by requesting amazon.
122. Do you have option to support elastic beanstalk for other languages ?
Yes we have an option. AWS Elastic Beanstalk is built so that it could be extended to support different development stacks and programming languages.
123. Which AMI does amazon elastic beanstalk uses ?
AWS Elastic Beanstalk which runs on the custom Amazon Linux AMI and the Windows Server 2012 R2 AMI. Here Both AMIs are supported and maintained by AWS.
124. which are Amazon RDS service is related to which topic ?
Amazon Relational Database Service (Amazon RDS) is a actually a managed service which makes it easy to setting up, operating , and scaling a relational database in cloud. It also provides cost-effective and resizable capacity, even when you are managing time-consuming db administration tasks, freeing you to focus on your applications and also your business.
125. So on your behalf what does amazon RDS can manage ?
Amazon RDS manages the tasks involved while setting a relational database, from provisioning the infrastructure capacity that you request to install database software. When your database is up and running, RDS automates common administrative tasks like performing backups and patching the software which powers your database. With an optional Multi-AZ deployments, RDS also manages synchronous data replication across the Availability Zones with automatic failover.
126. Do you know how to assign IP address ranges in vpc ?
You need to assign a single Classless Internet Domain Routing (CIDR) IP range as primary CIDR block while you create a VPC and can add up to 4 secondary CIDR block after the creation of VPC. Subnets within the VPC are addressed from the CIDR ranges by you. And note that while you create multiple VPCs with different overlapping IP address range, doing so will stop you from connecting these VPCs to a common network via the hardware VPN connection. So, For the reason, AWS would recommend using non-overlapping IP range. You also can allocate Amazon-provided IPv6 CIDR blocks to the VPC created.
127. What is the CIDR for the default vpc in the aws account ?
Default VPCs created while you create the aws account are assigned a CIDR range 172.31.0.0/16. And Default subnets within a default VPC of aws account are assigned /20 netblocks within VPC CIDR range.
128. Do you think you can change the size of VPC?
I would say Yes. You will be able to expand your existing VPC by adding secondary IPv4 IP address ranges by 4 to your VPC. And You can shrink your created VPC by deleting secondary CIDR block that you have added to the VPC. However you cannot change the size of IPv6 address range of VPC.
129. Maximum number of subnets you could create in you aws account Also what is the max and min limit of subnet?
We can create 200 subnets and that can be extended by requesting amazon support case. The min size of subnet /28 for ipv4 also it cannot be larger than vpc that you have created. And IPv6 subnet size is fixed and which is to be a /64.
130. Will you be able to assign elastic IP to VPC based EC2 instances?
I would say Yes, EIP addresses will be only reachable from Internet but not over VPN connection. Each EIP address should be associated with unique private IP on EC2 instance. EIP should be only used on instances in subnets configured to route its traffic directly to Internet gateway. EIPs could not be used on instances in subnets configured to use NAT gateway or NAT instance to access Internet. This will be applicable only for the IPv4. VPCs do not support EIPs for the IPv6.
131. Use of default vpc ?
While you launch resource in default VPC, you can benefit from the advanced networking features of Amazon VPC with the ease of use of Amazon EC2. You can enjoy the features such as changing security group membership while on the fly, security group egress filtering features, multiple IP’s, and multiple NIC’s without having to explicitly create VPC and launch EC2 instances in the VPC.
132. Do you connect VPC with different region, account?
VPC peering is an advantage for connecting different vpcs with different region, different account. Provided, the acceptor should accept the request to connect with the vpc. Also while connecting different vpc, that should have non overlapping vpc cidr.
133. Do you need the internet gateway for the peering connection. ?
No, actually internet gateway is required only when you connect the vpc to internet but while connecting different vpc you really don’t need internet gateway.
designed to provide a secure, stable, and high-performance environment execution for Amazon EC2.
134. How do you make your application on elastic beanstalk application private ?
Here by default, the application is available publicly at app.elasticbeanstalk.com for public to access. You also can use Amazon VPC to provision private, isolated section of application in network that you define. This virtual network can also be made private through the specific security group, network ACL, and also custom route tables. You also can control easily what other incoming traffic, like SSH, is delivered or not to application servers by changing security group of EC2 settings.
135. How do you grand user to access elastic beanstalk?
You could grant IAM users access to the services by using created policies or custom. The process of granting access to AWS services like Elastic Beanstalk, you should use one the policy in the IAM console to help. Elastic Beanstalk also offers two templates, which is a read-only access template and other one is a full-access template. The read-only template which grants read access to Elastic Beanstalk resources created.
The full-access template which grants full access to all the Elastic Beanstalk access, as well as permissions to manage the dependent resources, such as ELB, Auto Scaling, and S3 storage. You also can use the AWS Policy Generator option to create custom policies.
136. By when will you perform major version updates in elastic beanstalk ?
You can perform major version updates in elastic beanstalk at any time using the management console, CLI, or API. You have the options to perform a major version update. Apply the update in-place on the existing environment. Or Create a clone of the existing environment with new platform version.
137. Do you know about the storage class in S3?
Amazon S3 offers different range of storage classes designed for wide different use cases. There are four storage classes including S3 Standard for the general purpose storage of very frequently accessed data, Standard-Infrequent Access or One Zone-Infrequent Access for long-lived data, but it should be less frequently accessed data, Also Glacier for long-term archival data.
138. What is the limit in S3 Storage?
Number of objects you can store and total volumes of data and are unlimited in S3. Individual objects in s3 can range in size maximum of 5 terabytes. The largest object that you can upload in a single PUT request is 5 gigabytes. For objects which is larger than 100 megabytes customers must consider using Multipart Upload option.
139. Do you know about intelligent tiering ?
S3 Intelligent-Tiering is storage class for data with the unknown access patterns or the changing access patterns which are difficult to learn. This is the first cloud storage class which delivers automatic cost savings by shipping objects between two different access tiers when the access patterns change. One tier is optimized for the frequent access and the other tiering lower-cost tier is designed for infrequent access.
Objects manually uploaded or transitioned from option to S3 Intelligent-Tiering are automatically will be stored in the frequent access tiers. S3 Intelligent-Tiering works by monitoring the access patterns and then shipping the objects that is not accessed in 30 days to the infrequent access tier. If the object is accessed later then it moves the object back to the frequent access tier automatically. Which means all objects which stored in S3 Intelligent-Tiering are always available when there is needed. There are no retrieval fees here so you will not see unexpected increases in storage bills while access patterns change.
140. Do you know one zone – IA storage class ?
One Zone-IA storage class is an S3 storage class which customers could choose to store objects in a single AZ. One Zone-IA storage redundantly stores the data within the single AZ to deliver the storage at 20% lesser cost than the geographically redundant Standard-IA storage, that stores data redundantly across different geographically separate AZ.
141. What will happen to the data while you terminate instances ?
Here this is Not like the data which are stored on a local instance store. It means which persists only as long as that instance is alive. Data stored on an EBS volume could persist independently of life of instance. So therefore you use the local instance store only for the temporary data used. For the data requiring a higher level durability use EBS volumes or back up the data to S3. If you use an EBS volume as a root partition then set Delete on termination flag as “No” if you want EBS volume to persist after life of the EC2 instance.
142. Define Auto Scaling?
which means number of active server for single application.
143. How the processes start, stop and terminate works?
start — to run the instance
stop –to stop the action of instance
Terminate — to terminate the complete instance
144. Explain in detail the function of Amazon Machine Image (AMI)?
it is a private template.
145. If I’m expending Amazon Cloud Front, can I custom Direct Connect to handover objects from my own data center?
we can choose origins tab.
it can able to customize thye TTL.
146. Explain What is Redshift?
it is warehouse tool for database.
147. Mention what are the differences between Amazon S3 and EC2?
s3 –object level storage
ec2 – block level storage
148. what is the meant by my ami?
we can create private ami.
149. what is meant by scale in and scale out
scale in means increase application from load balancer.
scale out means whenever scale will be risk .
150. what is meant cloud watch?
it is the monitoring for resource.
151. what is meant by cloud trail ?
To monitor tool for log files.
152. what is meant by cloud front ?
To reduce redundancy latency.
153. Expand s3?
Simple service storage.
154. Expand ebs ?
Elastic block storage.
155. what is meant by glacier ?
It is the idle back up in cloud .
156. Expand of ALB ?
Apllication load balanacer.
157. Explain what is DynamoDB in AWS?
It 31 billion items in tables .. we can read 24000 read capacity per scnd
158. Explain what is ElastiCache?
it is web service easy to deploy and we can able run memory in the nodes
159. What is the AWS Key Management Service?
which means the password to login with ec2 instance.
EMR is a big data across a hadoop cluster.
160. What Is Amazon CloudSearch and its features?
cloud search fully manage in the cloud.
161. Explain what is Regions and Endpoints in AWS?
endpoints means URL for resource.
regions means physical location name.
162. What is SimpleDB?
simple SQL and no sql to move the innovative paradigm for a business.
163. Should encryption be used for S3?
AES 256 encryption.
164. What Are the Different Types of Events Triggered By Amazon Cloud Front?
with CDN to distribute META data.
165. How To Use Amazon SQS?
simple queue service to push message and pull queue
166. When will you incur the costs with an Elastic IP address (EIP)?
which means public IP.
167. Why do make the subnets?
subnets is nothing but zone.
168. When do subnet is true working?
which meants datacentre.
169. What are the life cycle to hooks used for the AutoScaling?
By default instace will bring up whenever my scale in process will be in risk.
170. How do the Elastic Beanstalk can apply to updates?
this is tool for developer automation enviroments.
171. what is load balancer? what are the types of load balancers?
load blancer distributes the load to Vm’s in the directed target group.Application load balancer,Network load balancer,Classic load balancer.
172. what happens if all the vm’s in target group are at risk?
auto-scaling group will direct to the target group at risk and warm up instances will bring up.
173. what is the difference between ALB and NLB?
ALB understands the application route path and the packets are sent to each vm’s when at risk it goes to the next VM.
NLB understands the port numbers and the packets are sent at a time to all the vm’s.
174. what is SSL ?What are the layers present in SSl?
secure socket layer is used for a secure connection,we cant redirect to an unsecure page,SSL is safe and hackers cant hack it.
- Presentation layer
- Transport layer
- Network layer
- Datalink layer
175. what is the difference between the load balancer route-53 and the normal route-53?
load balancer route-53 understands the routepath of the applications.
normal route-53 does lookward and backward look up zones.
176. What cloud computing?
Cloud computing is service provider. It is use to access the services over the internet and to store the data.
177. What are the types of cloud model?
- Private cloud- Resources can be access within the premises.
- Public cloud- Resources can be access globally.
- Hybrid cloud- It uses mix of private and public cloud environment. Here organization can assign what type of services can be access globally and within premises.
178. What is the difference between stopping and terminating of instances in AWS?
- Stopping of service means shutdown of the instance and it can be restart whenever required.
- Terminating of service means permanently shutdown of the instance and it cannot be restart. VMs will be permanently taken away.
179. What is IAM in AWS?
IAM (Identity Access Management), we can create user login, roles and policies.
180. What is the difference between Roles and Endpoints?
- Role- Only a particular service can be access by a user.
- Endpoint- Multiple services can be access by a user.
181. What processor does AWS use?
182. What is region, edge, zone?
- Region- It is a physical location.
- Edge- It is a physical location where hyperlink will be saved and it will be directed to particular zone.
- Zone- Zone is a region where VMs are launched.
183. What are the types of Resource-Ids?
- Service Id
- ARN Id
- KMS Id
184. What is the difference between MyAMI and Snapshot?
- MyAMI- Copy of AMI (Amazon Machine Image), can create the image of the instance.
- Snapshot- Copy of ephemeral.
185. By default, how many buckets can be create in AWS?
186. What is cloud?
Cloud is a data centre made up of compute and storage resources connected by network.
187. What is EC2?
Elastic Cloud Computing (EC2) means scaling up and scaling down of resources by cloud service provider.
188. What is Amazon Aurora?
It is MySQL and Postgre SQL compatible relational database (RDS) built for cloud.
189. What is peering in AWS?
Peering is the connection of two VPCs. It enables to use the resources of 2 VPCs of different regions.
190. Amazon SWF is designed to help users____?
SWF stands for Simple WorkFlow Service and used to coordinate synchronous and asynchronous tasks which are distributed and fault tolerant.
191. Can I control if and when MySQL based RDS Instance is upgraded to new supported versions?
192. What does Amazon Elastic Beanstalk provide?
EB is ideal for developer. An application container where developer can develop applications.
193. True or False: When using IAM to control access to your RDS resources, the key names that can be used are case sensitive. For example, aws:CurrentTime is NOT equivalent to AWS:currenttime.
194. What will be the status of the snapshot until the snapshot is complete.
195. Can we attach an EBS volume to more than one EC2 instance at the same time?
196. True or False: Automated backups are enabled by default for a new DB Instance.
197. What does the AWS Storage Gateway provide?
It is also a storage types in aws and it allows to integrate on-premises IT environments with Cloud Storage.
198. Amazon RDS automated backups and DB Snapshots are currently supported for only the ____ storage engine.
199. How many relational database engines does RDS currently support?
Three: MySQL, Oracle and Microsoft SQL Server.
200. Fill in the blanks: The base URI for all requests for instance metadata is ____.
201. While creating the snapshots using the command line tools, which command should I be using?
202. What is RDS in AWS
RDS stands for relational database service.MySQL is one of example of RDS.
203. What are the two types of licensing options available for using Amazon RDS for Oracle?
BYOL and License Included
204. What does a “Domain” refer to in Amazon SWF?
A collection of related Workflows
205. What is Redhat AMI in AWS ?
It is preconfigured image of OS.
206. What is marketplace in AWS?
It is a place where you can use third vendor services.
207. What is My AMI ?
It is backup of operating system.
208. What is community AMI ?
It is a option in aws from where you can select your operating system.
209. What is Architecture in community AMI ?
It is a option for VM architecture for 32/64 bit.
210. What is EBS in AWS ?
It is storage option in AWS.
211. What is instance store in AWS ?
It is block level of storage.
212. What is block level storage ?
You can install os on black level storage
213. What is object level storage ?
It is storage type where we can upload images.
214. What is the difference between object & block level storage ?
Block level storage for installing os & object level for images, audios, videos etc.
215. What Is root device path ?
It is root path for os.
216. What is user name for Amazon Linux AMI ?
217. What is a cloud? What is the purpose of Cloud?
Cloud is a data centre made up of compute and storage resources connected by web.
Purpose of cloud:
- Benefit from massive economies of scale
- Infrastructure capacity needs are scalable
- Increases speed and agility of the organisation
- Stop spending money on running and maintaining data centers
- Go global in minutes
218. What does elastic cloud computing mean? What are the types of EC2 instance types. Elaborate any one type
Scaling up and down of computing resources by the cloud service provider is called as elastic cloud computing.
Types of EC2 instances:
- General Purpose
- Compute Optimized
- GPU Instances
- Memory Optimized
- Storage Optimized
General Purpose: They provide a balance of compute, memory, and network resources, and are a good choice for many applications. They are recommended for small and medium databases, data processing tasks that require additional memory for running backend servers.
219. What is the difference between redshift and s3?
Amazon Simple Storage Service is storage service. ’’“Amazon Simple Storage Service a simple web services interface to store and retrieve any amount of data from anywhere on the web.” With Amazon Simple Storage Service , you pay only for the storage” you actually use. Whereas Redshift is the warehouse of Amazon. The relationship between Redshift and Simple Storage Service is that data can be pumped into the warehouse from Simple Storage Service.
220. Why did you choose AWS?
AWS is an amazing cloud platform which provide us the easy access to servers(any OS) they also provide data security and many resources.
221. What is IAM in AWS?
IAM(Identity access management), under IAM we can create child user login credentials, create roles and policies for Instances and users respectively.
222. AWS services.
Compute,Storage,Management and Governance,Robotics,Analytics,Bussiness Applications,Blockchain,End user computing,Machine learning and many more.
223. Explain about AWS storage.
S3 is a AWS storage service, in this service we can create a bucket(a folder) and upload objects(Files) and can access it using the sharable link of an IP address.
224. what is cloud front?
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a Environment.
225. What is CloudFormation?
CloudFormation is a services using it we can create a blueprint of a network before creating or deploying a network.
226. what is a static web hosting?
If you have an existing static website that you want to host on Amazon
S3, or you can create a new S3 bucket and then host is as stating web hosting.
227. what is Cloudwatch?
We use Amazon CloudWatch web service to manage, monitor, and create custom metrics for Instance and take requires action for the same.
228. What is AWS Lambda?
AWS Lambda helps in triggering and is a responsive cloud service that inspects actions within the application and responds by deploying requirements, known as functions.
229. What is MyAMI?
Using MYAMI we can create an Image of Instance according to out requirement and using the same Image to create multiple instance.
230. what are the types of cloud?
what is the encrypion file used in aws
private,public,hybrid.The encryption file used in aws is AES256(advanced encryption standard).
231. what are regions and zone? How many regions are available in aws?
Region is a physical location and zone is the data centers available in the region.
There are 17 regions
232. what is edge location and the purpose of it?
edge location is like data center that has meta data,hence it reduces the latency and connectivity between multiple regions is fast.
233. how are vpcs interconnected across the region and within the same region?
vpcs are connected across regions and within regions through vpc peering connect.
234. how many keypairs are neccasary to access a region?
One keypair is enough to access a region.
235. what is the format of the downloaded keypair in aws?how do you launch an instance in linux using this keypair?
The downloaded keypair is in pem format.To launch an instance in linux platform the kepair is converted to ppk format and then launched in a third party application(here putty).
236. what is natting ?types of natting?
natting is used to access any instance in private subnet to the internet.Static and dynamic natting are the types of natting.
237. what are the types of storage?what is the difference between them?
block level storage and object level storage are two types of storage.Block level storage is associated with the Operating system and object level storage is not associated with the operating system.
238. what is route53?what are the types of web hosting and the differences between them?
route53 functions forward lookup zone and backward lookup zone.
There are two types of web hosting static and dynamic.
static web hosting does’nt communicate with the database,dynamic web hosting communicates with the database.
239. what is the function of warehouse?
warehouse is in cluster format,warehouse filters exact profile of the user through the nodes in cluster and directs to s3 bucket.
240. What is S3 bucket.
S3 bucket is a storage service from Amazon where you can store and retrieve objects in the cloud using a web service.
241. What is SQS?
SQS is a distributed queuing service that acts as a mediator for two controllers. It is a pay as you use web service.
242. What is SNS?
Simple Notification Service(SNS) enables you to get notification for each services which are enabled to get notified to specified emai-id.
243. Possible thigs that could be done from S3 bucket.
- Cross-region replication of S3 bucket
- Lifecycle management of object in S3 bucket
- Version control of object in Amazon S3 bucket
- Trigger Events from Amazon S3 bucket
- Host a website using AWS S3 bucket
- Requester pays and Transfer acceleration
244. What is maxium storage capacity of s3 bucket?
There is no limit to store the file as per the size and number in s3 bucket, but a user can store upto 5TB of object in an S3 bucket.
245. What is meant by egress, ingress and regress?
The traffic coming inside from outside i.e. inbound traffic is called as ingress traffic,
The traffic going outside i.e outbound traffic is called as egress traffic.
The traffic looping back to same security group is called as egress.
246. Can you connect 2 VPCs in different account?
Yes, this is possible using concept of vpc peering.
247. How to monitor the network traffic?
We can use VPC flow log feature.
248. What are difference type of load balancer and how many typed of load balancer aws give?
Ans: Basically there are 3 different type of loadbalancing algorithms
- Source IP Hash
- Round Robin
- Least Connection
On the contrary AWS provides below 3 types of Load balancer
- Network Load balancer
- Classic load balancing
- Application load balancing
249. What is the limitation of vpc for each account?
user can create 5 VPC in single account, this is soft limit and you can increate the limit from amazon call center.
250. What Are The Connectivity Options For My Vpc?
You may connect your VPC to:
- The Internet (via an Internet gateway)
- Your corporate data center using a Hardware VPN connection (via the virtual private gateway)
- Both the Internet and your corporate data center (utilizing both an Internet gateway and a virtual private gateway)
- Other AWS services (via Internet gateway, NAT, virtual private gateway, or VPC endpoints)
- Other VPCs (via VPC peering connections)