Table of contents
Interview Questions on AWS
Name 5 AWS services you have used and their use cases:
Amazon EC2: Used for scalable computing capacity. Example use case: hosting web applications and databases.
Amazon S3: Used for scalable object storage. Example use case: storing backup data and serving static content for websites.
Amazon RDS: Managed relational database service. Example use case: setting up, operating, and scaling a relational database.
AWS Lambda: Serverless compute service. Example use case: executing code in response to events without provisioning or managing servers.
Amazon VPC: Isolated network environment. Example use case: hosting web applications in a secure, isolated cloud network.
What are the tools used to send logs to the cloud environment?
AWS CloudWatch Logs: Centralized logging service that collects and stores logs from AWS resources and applications.
AWS Lambda: Can be used to process and send logs to various destinations.
Logstash: A part of the Elastic Stack, which can be used to collect, parse, and send logs to AWS services.
What are IAM Roles? How do you create/manage them?
IAM Roles: An IAM role is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. IAM roles are used to delegate access to users, applications, or services.
Creating IAM Roles:
Go to the IAM console in AWS Management Console.
Click on "Roles" and then "Create role".
Choose the type of trusted entity (AWS service, another AWS account, web identity, or SAML 2.0 federation).
Attach permission policies to the role.
Complete the role creation process.
Managing IAM Roles:
Modify the role’s policies to update permissions.
Delete the role if it is no longer needed.
Attach or detach policies as per requirements.
Use AWS CLI or SDKs to programmatically create and manage IAM roles.
How to upgrade or downgrade a system with zero downtime?
Using Elastic Load Balancer (ELB):
Add new instances with the updated version to the ELB.
Once the new instances are up and running, gradually shift traffic to them.
Remove the old instances from the ELB after confirming the new instances are handling the load correctly.
Blue-Green Deployment:
Deploy the new version of the application to a new environment (Blue).
Gradually shift traffic from the old environment (Green) to the new environment.
Monitor performance and roll back if issues are detected.
Using Auto Scaling Groups:
Update the launch configuration with the new version.
Gradually replace instances with the updated launch configuration using the Auto Scaling group.
What is infrastructure as code and how do you use it?
Infrastructure as Code (IaC): The process of managing and provisioning computing infrastructure using machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.
Use Cases:
AWS CloudFormation: Define AWS infrastructure using JSON or YAML templates.
Terraform: Use HCL (HashiCorp Configuration Language) to describe the infrastructure.
AWS CDK (Cloud Development Kit): Use programming languages like Python, JavaScript, and TypeScript to define cloud infrastructure.
Benefits:
Version control for infrastructure.
Automation of resource provisioning.
Consistency and repeatability.
Easy scaling and modification of infrastructure.
What is a load balancer? Give scenarios of each kind of balancer based on your experience.
Load Balancer: A device that distributes network or application traffic across multiple servers.
Types and Use Cases:
Application Load Balancer (ALB): Best for HTTP and HTTPS traffic. Example: Directing web traffic to microservices based on URL paths.
Network Load Balancer (NLB): Best for TCP/UDP traffic requiring extreme performance. Example: Load balancing for gaming applications requiring low latency.
Classic Load Balancer (CLB): Supports both HTTP/HTTPS and TCP protocols. Example: Legacy applications that require support for older protocols.
What is CloudFormation and why is it used for?
AWS CloudFormation: A service that helps you model and set up your Amazon Web Services resources so that you can spend less time managing those resources and more time focusing on your applications.
Usage:
Define infrastructure as code in JSON or YAML templates.
Automate the provisioning of infrastructure in a safe and repeatable manner.
Manage updates and dependencies among AWS resources.
Difference between AWS CloudFormation and AWS Elastic Beanstalk?
AWS CloudFormation:
Infrastructure as Code (IaC) tool.
Used to define and manage a wide range of AWS resources.
Provides complete control over AWS resources and their configurations.
AWS Elastic Beanstalk:
Platform as a Service (PaaS) tool.
Simplifies the deployment and scaling of web applications and services.
Automatically handles the details of capacity provisioning, load balancing, scaling, and monitoring.
What are the kinds of security attacks that can occur on the cloud? And how can we minimize them?
Kinds of Security Attacks:
DDoS (Distributed Denial of Service) attacks.
Data breaches.
Man-in-the-middle attacks.
Insecure APIs.
Account hijacking.
Minimization Techniques:
Use Web Application Firewalls (WAF) and DDoS protection services like AWS Shield.
Implement strong access controls and IAM policies.
Encrypt data at rest and in transit.
Regularly update and patch systems.
Conduct regular security audits and compliance checks.
Can we recover the EC2 instance when we have lost the key?
Recovery Steps:
Create a new key pair.
Stop the EC2 instance.
Detach the root EBS volume from the instance.
Attach the root EBS volume to another running instance as a secondary volume.
Log in to the running instance and modify the
~/.ssh/authorized_keysfile on the attached volume to include the new key.Detach the modified volume and reattach it to the original instance.
Start the original instance and use the new key pair to log in.
What is a gateway?
Gateway: A network node that serves as an access point to another network, often used to connect different network architectures and protocols.
Types in AWS:
Internet Gateway: Connects a VPC to the internet.
NAT Gateway: Allows instances in a private subnet to connect to the internet while preventing the internet from initiating connections with those instances.
Transit Gateway: Connects VPCs and on-premises networks through a central hub.
What is the difference between Amazon RDS, DynamoDB, and Redshift?
Amazon RDS: Managed relational database service supporting multiple database engines (e.g., MySQL, PostgreSQL, Oracle).
- Use Case: Traditional relational database applications.
DynamoDB: Fully managed NoSQL database service designed for high-performance and scalability.
- Use Case: Applications requiring low-latency data access and high throughput (e.g., real-time data processing).
Amazon Redshift: Fully managed data warehouse service designed for large-scale data analytics.
- Use Case: Complex querying and analysis of large datasets for business intelligence.
Do you prefer to host a website on S3? What's the reason if your answer is either yes or no?
Yes:
Reasons:
Cost-effective storage solution.
High availability and durability.
Scalability to handle high traffic.
Easy integration with CloudFront for CDN capabilities.
Simple setup and management.
No:
Reasons:
Limited to static content; dynamic content requires additional services.
Potentially higher latency compared to traditional web servers for dynamic applications.
Dependence on other AWS services for full website functionality (e.g., Lambda for serverless functions).
Happy Learning
Thanks For Reading! :)
-DevOpsParthu💝💥