Interview Question(AWS):
8 min read
Name 5 aws services you have used and what are the use cases?
Amazon S3 (Simple Storage Service): Amazon S3 provides scalable object storage for various types of data, such as images, videos, and documents. It is commonly used for backup and restore, data archiving, content distribution, and hosting static websites.
Amazon EC2 (Elastic Compute Cloud): Amazon EC2 offers virtual servers in the cloud, allowing users to deploy applications and run various workloads. It is commonly used for web hosting, application hosting, batch processing, and running scalable applications.
AWS Lambda: AWS Lambda is a serverless computing service that enables you to run your code without managing servers. It automatically scales your applications in response to incoming requests. It is commonly used for event-driven applications, real-time file processing, and microservices architecture.
Amazon RDS (Relational Database Service): Amazon RDS provides managed database services for popular relational database engines such as MySQL, PostgreSQL, and Oracle. It simplifies database administration tasks and offers scalability, backup, and high availability. It is commonly used for web applications, content management systems, and analytics platforms.
Amazon DynamoDB: Amazon DynamoDB is a fully managed NoSQL database service. It offers low-latency and scalable document and key-value store capabilities. It is commonly used for real-time applications, gaming, mobile apps, and Internet of Things (IoT) platforms.
What are the tools used to send logs to the cloud environment?
AWS CloudWatch Logs: AWS CloudWatch Logs is a service provided by Amazon Web Services (AWS) that allows you to collect, monitor, and store logs from various sources, including applications, AWS services, and custom log files. You can use the CloudWatch Logs agent or SDKs to send logs to CloudWatch for analysis and troubleshooting.
What are IAM Roles? How do you create /manage them?
IAM (Identity and Access Management) roles are a key component of AWS (Amazon Web Services) that provide a secure way to grant permissions to entities within your AWS environment. IAM roles define a set of permissions and policies that determine what actions can be performed on AWS resources.
How to upgrade or downgrade a system with zero downtime?
Set up a load balancer: Use a load balancer to distribute traffic across the active components of your system. This allows you to perform updates or downgrades on individual servers without affecting the overall user experience.
What is infrastructure as code and how do you use it?
Infrastructure as Code (IaC) is an approach to provisioning and managing infrastructure resources using machine-readable configuration files or code. Instead of manually setting up and configuring infrastructure components, IaC enables the automation of infrastructure deployment and management through code.
What is a load balancer? Give scenarios of each kind of balancer based on your experience.
Application Load Balancer (ALB):
- Scenario: ALBs are ideal for distributing HTTP and HTTPS traffic at the application layer (Layer 7) based on specific rules. They support advanced features such as content-based routing, path-based routing, and host-based routing. ALBs are commonly used in web application environments where multiple services or microservices need to be load balanced and routed based on URL patterns, headers, or other application-specific characteristics.
Network Load Balancer (NLB):
- Scenario: NLBs operate at the transport layer (Layer 4) and are primarily designed for handling TCP and UDP traffic. They are suitable for scenarios where high throughput and low latency are critical, such as TCP-based protocols, gaming applications, VoIP services, and other network-intensive workloads. NLBs can handle millions of requests per second with minimal overhead.
Classic Load Balancer (CLB):
- Scenario: CLBs were the original load balancers offered by AWS. They provide basic load-balancing capabilities at both the application and transport layers (Layer 7 and Layer 4). CLBs are suitable for general-purpose load balancing needs, but they lack some advanced features available in ALBs. However, for simple web applications or legacy systems, CLBs can still be a viable option.
What is CloudFormation and why is it used for?
AWS CloudFormation is a service provided by Amazon Web Services (AWS) that enables you to create and manage AWS resources in a declarative and automated manner. It allows you to define your infrastructure as code using a JSON or YAML template, which is known as a CloudFormation template. These templates describe the desired state of your AWS resources and their relationships.
What is the difference between AWS CloudFormation and AWS Elastic Beanstalk?
AWS CloudFormation is an infrastructure-as-code (IaC) service that allows you to define and provision AWS resources and manage their dependencies using a declarative template. With CloudFormation, you can create, update, and delete a collection of AWS resources as a single unit, known as a stack.
Elastic Beanstalk is a Platform-as-a-Service (PaaS) offering that simplifies the deployment and management of applications in the AWS cloud. It provides an environment where you can deploy your applications without worrying about the underlying infrastructure.
What are the kinds of security attacks that can occur on the cloud? And how can we minimize them?
Unauthorized Access: Attackers attempt to gain unauthorized access to cloud resources, such as user accounts, virtual machines, or storage, by exploiting weak credentials, misconfigured access controls, or vulnerabilities in the cloud provider's infrastructure.
Data Breaches: This involves unauthorized access or disclosure of sensitive data stored in the cloud, either through direct attacks on the cloud provider or by targeting poorly secured applications or databases within the cloud environment.
Can we recover the EC2 instance when we have lost the key?
Replace the Key Pair:
If you have access to the AWS Management Console and administrative privileges, you can replace the existing key pair associated with the EC2 instance.
Create a new key pair through the EC2 console or AWS Command Line Interface (CLI).
Stop the EC2 instance.
Detach the root volume from the instance.
Create a new temporary instance and attach the root volume to it.
Mount the root volume and modify the SSH configuration file to allow password authentication.
Restart the temporary instance and connect to it using SSH with a username and password.
Navigate to the mounted root volume and modify the .ssh/authorized_keys file to add the new public key.
Unmount the root volume, detach it from the temporary instance, and reattach it to the original instance.
Start the original instance and try connecting to it using the new key pair.
Use Session Manager:
If you have Session Manager configured for your EC2 instance, you can regain access using the AWS Systems Manager service.
Go to the AWS Systems Manager console and navigate to Session Manager.
Select your EC2 instance and initiate a session to access the instance remotely without needing SSH key authentication.
Create an Image and Launch a New Instance:
If you have valuable data or configurations on the existing EC2 instance, you can create a new Amazon Machine Image (AMI) from it.
Create a new EC2 instance using the newly created AMI.
Specify a new key pair during the launch process.
Once the new instance is up and running, you can access it using the new key pair.
What is a gateway?
a gateway is a device or software component that serves as an entry or exit point between two different networks or network segments. It acts as a bridge, facilitating the flow of data packets between networks that use different protocols, addressing schemes, or communication technologies.
What is the difference between Amazon Rds, Dynamodb, and Redshift?
Amazon RDS:
Amazon RDS is a managed relational database service that allows you to set up, operate, and scale relational databases in the cloud.
It supports popular relational database engines such as MySQL, PostgreSQL, Oracle, and Microsoft SQL Server.
RDS automates administrative tasks like database provisioning, backups, software patching, and hardware scaling.
It is well-suited for traditional relational database workloads, where data is structured and requires ACID (Atomicity, Consistency, Isolation, Durability) compliance.
RDS provides capabilities like automatic backups, high availability through multi-AZ deployments, and read replicas for improved scalability and fault tolerance.
Amazon DynamoDB:
Amazon DynamoDB is a fully managed NoSQL database service that delivers high performance and scalability.
It is a key-value and document database that provides flexible schema-less data storage.
DynamoDB automatically replicates data across multiple availability zones for durability and offers seamless scalability through provisioned throughput or on-demand capacity modes.
It is designed for applications that require low-latency access to large amounts of data, high read/write throughput, and seamless scaling without worrying about managing infrastructure.
DynamoDB is suitable for use cases like real-time applications, gaming, mobile, and IoT applications where rapid and scalable data access is essential.
Amazon Redshift:
Amazon Redshift is a fully managed data warehousing service designed for analytics and reporting.
It is optimized for processing large volumes of structured data and supports SQL queries across petabytes of data.
Redshift uses columnar storage and parallel query execution to deliver high-performance analytics with fast query response times.
It allows you to analyze data using standard SQL queries and integrates with popular business intelligence (BI) tools.
Redshift is ideal for data warehousing and data analysis use cases, where you need to perform complex queries on massive datasets and generate insights.
Do you prefer to host a website on S3? What's the reason if your answer is either yes or no?
Yes, hosting a website on Amazon S3 can be a viable option for certain types of websites.
Cost-effective: Amazon S3 offers cost-effective storage and data transfer pricing, making it an attractive option for static websites with low to moderate traffic
Scalability and Availability: Amazon S3 is designed to provide high scalability and availability. Your website files are distributed across multiple servers and data centers, ensuring redundancy and resilience.
Simplified Management: Hosting a static website on S3 is relatively simple.