Day 49 - INTERVIEW QUESTIONS ON AWS

Ritul GuptaRitul Gupta
7 min read

INTERVIEW QUESTIONS:

  • ๐Ÿ‘‰ Name 5 aws services you have used and what are the use cases?

    1. Amazon S3: Used for scalable object storage, ideal for storing and retrieving large amounts of data such as images, videos, and backups*.*

    2. AWS Lambda: Enables serverless computing, executing code in response to events, allowing for quick, efficient, and cost-effective execution of functions.

    3. Amazon EC2: Provides resizable virtual servers in the cloud, offering complete control over computing resources and used for various workloads like hosting websites, running applications, and performing data processing*.*

    4. Amazon RDS: Offers managed relational databases*, providing an easy and reliable way to set up, operate, and scale a relational database in the cloud, supporting popular engines like ** MySQL, PostgreSQL, and Oracle.*

    5. Amazon CloudWatch: Provides monitoring and observability for AWS resources, collecting and tracking metrics, log files, and alarms, enabling real-time visibility into the performance and health of applications and infrastructure.

  • ๐Ÿ‘‰ What are the tools used to send logs to the cloud environment?

    1. AWS CloudWatch Logs: Collects, stores, and monitors logs from various AWS services and custom applications.

    2. Amazon Kinesis Data Firehose: Ingests and delivers real-time streaming data, including logs, to various destinations, such as Amazon S3, Amazon Redshift, or Elasticsearch.

    3. Fluentd: An open-source log collector and forwarding agent that can send logs to various cloud environments, including AWS.

    4. Logstash: Part of the Elastic Stack, Logstash is a data processing pipeline that can collect, transform, and ship logs to different destinations, including cloud environments.

    5. Splunk Cloud: A cloud-based log management and analysis platform that allows you to ingest, index, and search logs from various sources*, including cloud environments.*

  • ๐Ÿ‘‰ What are IAM Roles? How do you create /manage them?

    IAM Roles provide a secure and manageable way to grant permissions to AWS entities, allowing you to control access to AWS resources efficiently.

    To create and manage IAM Roles:

    1. Open the IAM console in the AWS Management Console.

    2. Click on "Roles" in the navigation pane.

    3. Click on "Create role" to begin creating a new role.

    4. Choose the trusted entity type, which can be an AWS service, another AWS account, or a web identity provider.

    5. Configure the permissions for the role by attaching policies that define the desired permissions.

    6. Add tags (optional) to help with organization and management.

    7. Review the role configuration and click on "Create role" to create the IAM Role.

To manage existing IAM Roles:

  1. Open the IAM console in the AWS Management Console.

  2. Click on "Roles" in the navigation pane to view the list of existing roles.

  3. To edit a role, select the role from the list and click on "Edit" to modify its settings or policies.

  4. To delete a role, select the role from the list and click on "Delete" (Note: Ensure that the role is not in use and doesn't have any attached policies).

  • ๐Ÿ‘‰ How to upgrade or downgrade a system with zero downtime?

    To upgrade or downgrade a system with zero downtime, you can follow the rolling deployment strategy:

    1. Set up a load balancer: Use a load balancer to distribute traffic across multiple instances of your system.

    2. Launch new instances: Launch new instances of the upgraded or downgraded system with the updated version of your software.

    3. Add instances to the load balancer: Add the new instances to the load balancer's target group, gradually increasing their capacity while maintaining the existing instances.

    4. Validate health checks: Ensure that the health checks configured on the load balancer are passing for the new instances before proceeding.

    5. Route traffic: Adjust the load balancer's routing configuration to gradually shift traffic from the old instances to the new instances. This can be done by adjusting the load balancer's target group's traffic distribution settings.

    6. Monitor and validate: Continuously monitor the system and validate that the new instances are functioning correctly and handling traffic effectively.

    7. Decommission old instances: Once the new instances are stable and successfully handling traffic, decommission the old instances by removing them from the load balancer's target group.

  • ๐Ÿ‘‰ What is infrastructure as code and how do you use it?

    Infrastructure as Code (IaC) is the practice of defining and provisioning infrastructure resources programmatically using code. It allows you to manage and automate the configuration, deployment, and management of your infrastructure using version-controlled code.

    To use Infrastructure as Code:

    • Terraform: Terraform is an open-source IaC tool that supports a wide variety of cloud providers.

    • Ansible: Ansible is an open-source IaC tool that is designed for automation.

    • Puppet: Puppet is an open-source IaC tool that is designed for configuration management.

By using Infrastructure as Code, you can achieve infrastructure consistency, reproducibility, and automation, leading to improved efficiency, agility, and reduced operational risks.

  • ๐Ÿ‘‰ What is a load balancer? Give scenarios of each kind of balancer based on your experience.

    A load balancer is a networking device or service that distributes incoming network traffic across multiple servers or resources to ensure efficient utilization and improve the availability and performance of applications or services.

    Based on my experience, here are scenarios for each type of load balancer:

    1. Application Load Balancer (ALB):

      • Ideal for web applications with HTTP and HTTPS traffic.

      • Supports advanced routing based on content, URL, or request parameters.

      • Enables efficient load balancing for microservices architectures.

    2. Network Load Balancer (NLB):

      • Suitable for handling high volumes of TCP and UDP traffic.

      • Used for scenarios that require ultra-low latency, such as gaming or real-time streaming applications*.*

      • Offers high throughput and scalable load balancing capabilities.

    3. Classic Load Balancer (CLB):

      • Suitable for applications that require basic load balancing of HTTP, HTTPS, TCP, or SSL traffic.

      • Legacy load balancer option that has been largely superseded by ALB and NLB.

      • Offers a simple and straightforward load-balancing solution.

  • ๐Ÿ‘‰ What is CloudFormation and why is it used for?

    AWS CloudFormation is a service that allows you to define and provision AWS infrastructure resources using code. It enables you to create, update, and manage resources in a controlled and automated manner.

  • ๐Ÿ‘‰ Difference between AWS CloudFormation and AWS Elastic Beanstalk?

    AWS CloudFormation and AWS Elastic Beanstalk are both services provided by AWS for managing and deploying applications, but they have different focuses:

    AWS CloudFormation:

    • Infrastructure as Code (IaC) service for provisioning and managing AWS resources.

    • Defines and automates the infrastructure stack using templates written in YAML or JSON.

      AWS Elastic Beanstalk:

      • Platform as a Service (PaaS) simplifies application deployment and management.

      • Focuses on deploying and running applications without worrying about infrastructure details.

      • Provides a fully managed environment for applications, including infrastructure provisioning, capacity management, and load balancing.

  • ๐Ÿ‘‰ What are the kinds of security attacks that can occur on the cloud? And how can we minimize them?

    There are several types of security attacks that can occur on the cloud, including:

    Unauthorized access, Data breaches, Distributed Denial of Service (DDoS), Malware and ransomware, and API vulnerabilities.

    To minimize these security risks:

    Use strong passwords, Encrypt sensitive data, Regularly update and patch systems, Monitor and analyze logs, Educate and train users.

  • ๐Ÿ‘‰ Can we recover the EC2 instance when we have lost the key?

    Yes, it is possible to recover an EC2 instance when you have lost the key pair associated with it.

    To recover an EC2 instance when you have lost the key pair, you can create a new key pair and associate it with the instance, allowing you to regain access. However, you cannot recover the original key pair or retrieve the private key associated with it.

  • ๐Ÿ‘‰ What is a gateway?

    A gateway is a networking device that connects different networks, allowing communication and data transfer between them.

  • ๐Ÿ‘‰ What is the difference between Amazon Rds, Dynamodb, and Redshift?

    • RDS is for managed relational databases like MySQL, PostgreSQL, Oracle, and SQL Server.

    • DynamoDB is for NoSQL database needs with high scalability.

    • Redshift is for data warehousing and analytical processing of large datasets.

  • ๐Ÿ‘‰ Do you prefer to host a website on S3? What's the reason if your answer is either yes or no?

    Yes, hosting a website on S3 can be preferred for static websites with simple requirements, high scalability, low cost, and global content distribution through Amazon CloudFront. It provides reliable and efficient storage for static files, such as HTML, CSS, JavaScript, and media assets.

Happy Learning! ๐Ÿ˜€๐ŸŒŸ

~Ritul Gupta

11
Subscribe to my newsletter

Read articles from Ritul Gupta directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Ritul Gupta
Ritul Gupta

Im looking for an opportunity to start a career in Cloud Technologies where I can enhance my knowledge and skills. Having knowledge and hands-on on Azure Cloud, AWS & Open Source tools - Docker, Kubernetes, Jenkins, Source Version Control, CI/CD Pipelines, and Script.