Amazon Web Services (AWS) Interview Questions
Amazon Web Services is the hottest topic in the tech world at the moment. If you’re looking for any incredibly well paid tech job then look out for AWS which offers candidates at least a 30% increase on the average tech salary.
Don’t be fooled into thinking that AWS is something you can learn overnight though because it’s certainly not. Amazon offer a large number of web services that stretch across many areas such as compute, database, storage, content delivery and networking. The list is also constantly evolving with new services added all the time.
At it’s core, AWS offers EC2 virtual machines for hosting all manner of applications and services, which are supported by the wider infrastructure of content delivery (S3,CloudFront), storage (Glacier, EB), databases (Amazon RDS, DynamoDB) and many others.
The questions below include a variety of AWS topics that are perfect for anyone due for a technical interview in the coming days. Enjoy and good luck!
Interview Questions
1. Which database service would you choose if you wanted complex querying capabilities like joins or transactions but didn't want a data warehouse?
- Amazon DynamoDB
- Amazon RDS
- Amazon Redshift
- Amazon ElastiCache
Show AnswerAnswer:
Amazon RDS
Comments:
Amazon Relational Database Service (Amazon RDS) is a web service that makes it easy to set up, operate, and scale a relational database in the cloud. It gives you access to the capabilities of a familiar MySQL, Oracle, SQL Server, or PostgreSQL database engine. This means that the code, applications, and tools you already use today with your existing databases can be used with Amazon RDS.
2. Choose the correct AWS database service for the following requirements:
> Large volumes of structured data to persist and query using standard SQL and existing business intelligence tools
> High performance at scale as data and query complexity grows
- Amazon Redshift
- Amazon DynamoDB
- Amazon ElastiCache
- Amazon RDS
Show AnswerAnswer:
Amazon Redshift
Comments:
Amazon Redshift is a fast managed petabyte-scale data warehouse service that makes it simple and cost-effective to efficiently analyze all your data using your existing business intelligence tools.
3. Amazon RDS detects and automatically recovers from the most common failure scenarios for Multi-AZ deployments so that you can resume database operations as quickly as possible without administrative intervention. Amazon RDS automatically performs a failover in the event of which of the following:
- Loss of availability in primary Availability Zone
- Compute unit failure on primary
- Loss of network connectivity to primary
- All of these
Show AnswerAnswer:
All of these
4. In some cases, Multi-AZ deployments utilize synchronous physical replication to keep data on the standby up-to-date with the primary. In other cases a synchronous logical replication is used to achieve the same result, Which technology below uses logical replication?
- MySQL
- PostgreSQL
- Oracle
- SQL Server
Show AnswerAnswer:
SQL Server
Comments:
Multi-AZ deployments for the MySQL, Oracle, and PostgreSQL engines utilize synchronous physical replication to keep data on the standby up-to-date with the primary. Multi-AZ deployments for the SQL Server engine use synchronous logical replication to achieve the same result, employing SQL Server-native Mirroring technology. Both approaches safeguard your data in the event of a DB Instance failure or loss of an Availability Zone.
5. When you create an encrypted EBS volume and attach it to a supported instance type, which types of data are encrypted:
- All of these
- Data at rest inside the volume
- All snapshots created from the volume
- All disk I/O
Show AnswerAnswer:
All of these
Comments:
Amazon EBS encryption offers you a simple encryption solution for your EBS volumes without the need for you to build, maintain, and secure your own key management infrastructure. The encryption occurs on the servers that host EC2 instances, providing encryption of data-in-transit from EC2 instances to EBS storage.
6. You're configuring a new Security Group for your EC2 instance and want to follow security best practice. Under the Inbound rules tab which Rule Type would you commonly use with a Custom IP range?
Show AnswerAnswer:
RDP
Comments:
Security groups act as a firewall for associated instances, controlling both inbound and outbound traffic at the instance level. You must add rules to a security group that enable you to connect to your instance from your IP address using RDP. It is good security practice to restrict RDP (Remote Desktop Protocol) connections to an authorized list of IP addresses rather than anyone.
7. This question relates to S3: If the object named photos/1.jpg is stored in the johnsmith bucket, then authorized users could access the object with which URL?
- http://s3.amazonaws.com/johnsmith/photos/1.jpg
- http://s3.johnsmith.amazonaws.com/photos/1.jpg
- http://johnsmith.amazonaws.com/s3/photos/1.jpg
- http://johnsmith.s3.amazonaws.com/photos/1.jpg
Show AnswerAnswer:
http://johnsmith.s3.amazonaws.com/photos/1.jpg
8. Which version of Amazon Kinesis would you use if you wanted multi-stage processing using specialized algorithms, for example in building a recommendations engine?
- Amazon Kinesis Streams
- Amazon Kinesis Firehose
- Amazon Kinesis Analytics
- None of these options would suffice
Show AnswerAnswer:
Amazon Kinesis Streams
9. You have an existing website called example.com that points to a specific IP address. You now want to create three subdomains that point to the same IP address. To reduce maintanance which domain record type should you choose?
Show AnswerAnswer:
CNAME
Comments:
CNAME record is a type of resource record in the Domain Name System (DNS) used to specify that a domain name is an alias for another domain, the canonical domain. All information, including subdomains, IP addresses, etc., are defined by the canonical domain.
This can prove convenient when running multiple services (like an FTP server and a webserver; each running on different ports) from a single IP address. One can, for example, point ftp.example.com and www.example.com to the DNS A record for example.com, which in turn points to the IP-address. Then, if the IP-address ever changes, one only has to record the change in one place within the network: in the DNS A record.
10. A Hadoop cluster contains one master instance group that contains one master node, a core instance group containing one or more core node and an optional task node instance group, which can contain any number of task nodes.
Which type of node can you remove from a running job flow?
- core node
- task node
- None of them
- master node
Show AnswerAnswer:
task node
Comments:
A Task Node is an EC2 instance that runs Hadoop map and reduce tasks, but does not store data. Task nodes are managed by the master node, which assigns Hadoop tasks to nodes and monitors their status. While a job flow is running you can increase and decrease the number of task nodes. Because they don't store data and can be added and removed from a job flow, you can use task nodes to manage the EC2 instance capacity your job flow uses, increasing capacity to handle peak loads and decreasing it later.
11. A load balancer is a combination of a DNS name and a set of ports, which together provide a destination for all requests intended for your application
Is the following statement TRUE or FALSE?
Load balancers can span multiple Availability Zones and also multiple regions.
Show AnswerAnswer:
FALSE
Comments:
A load balancer can distribute traffic to multiple application instances across every Availability Zone within a region. Load balancers can span multiple Availability Zones within an Amazon EC2 region, but they CANNOT span multiple regions.
12. Which of the following is the correct statement regarding Availability Zones?
- A collection of regions that together make up an Availability Zone.
- A distinct location within a region that is insulated from failures in other Availability Zones.
- Another name for an entire region which contains AWS instances.
- The timeframe a particular service is available for use by authorized users
Show AnswerAnswer:
A distinct location within a region that is insulated from failures in other Availability Zones.
Comments:
Availability Zones are distinct locations within a region that are insulated from failures in other Availability Zones, and provides inexpensive, low-latency network connectivity to other Availability Zones in the same region.
13. A secret access key is used in conjunction with the access key ID to cryptographically sign programmatic AWS requests. Signing a request identifies the sender and prevents the request from being altered. What can you generate secret access keys for?
- AWS account
- All of these
- Temporary sessions
- Individual IAM users
Show AnswerAnswer:
All of these
14. Which of the following is NOT part of security group?
- List of protocols
- List of usernames
- Ports
- IP address ranges
Show AnswerAnswer:
List of usernames
Comments:
A named set of allowed inbound network connections for an instance. (Security groups in Amazon VPC also include support for outbound connections.) Each security group consists of a list of protocols, ports, and IP address ranges. A security group can apply to multiple instances, and multiple groups can regulate a single instance.
15. Which DB deployment type has a synchronous standby replica in another Availability Zone?
Show AnswerAnswer:
Multi-AZ
Comments:
A Multi-AZ deployment is a primary DB instance that has a synchronous standby replica in a different Availability Zone. The primary DB instance is synchronously replicated across Availability Zones to the standby replica.
16. Which approach would you use if you wanted an EC2 instance that matched a particular configuration but wanted to avoid dependencies to configuration services or third-party repositories?
- Golden Images
- Bootstrapping
Show AnswerAnswer:
Golden Images
Comments:
Certain AWS resource types like Amazon EC2 instances, Amazon RDS DB instances, Amazon Elastic Block Store (Amazon EBS) volumes, etc., can be launched from a golden image: a snapshot of a particular state of that resource. When compared to the bootstrapping approach, a golden image results in faster start times and removes dependencies to configuration services or third-party repositories.
17. Which Amazon service would you use for content delivery?
Show AnswerAnswer:
CloudFront
18. Which of the following redundancy types uses failover as it's recovery process?
- standby redundancy
- active redundancy
Show AnswerAnswer:
standby redundancy
Comments:
In standby redundancy when a resource fails, functionality is recovered on a secondary resource using a process called failover. The failover will typically require some time before it completes, and during that period the resource remains unavailable.
19. Data replication is the technique that introduces redundant copies of data. It can help horizontally scale read capacity, but it also increase data durability and availability. Replication can take place in a few different modes.
You want to use replicas to horizontally scale the system’s data storage but you cannot tolerate any replication lag. Which type of repliaction should you use?
- Asynchronous replication
- Synchronous replication
Show AnswerAnswer:
Synchronous replication
Comments:
Synchronous replication only acknowledges a transaction after it has been durably stored in both the primary location and its replicas. It is ideal for protecting the integrity of data from the event of a failure of the pimary node. Synchronous replication can also scale read capacity for queries that require the most up-to-date data (strong consistency).
20. What fault-isolating technique is described below:
Instead of spreading traffic from all customers across every node, you can group the instances together. For example, if you have eight instances for your service, you might create four groups of two instances each (two instances for some redundancy within each group) and distribute each customer to a specific group. In this way, you are able to reduce the impact on customers in direct proportion to the number of groups you have.
- Stack Sharding
- Shuffle Sharding
- Fault Sharding
- Split Sharding
Show AnswerAnswer:
Shuffle Sharding
21. One way you can save money with AWS is by taking advantage of the platform’s elasticity. Plan to implement Auto Scaling for as many Amazon EC2 workloads as possible, so that you horizontally scale up when needed and scale down and automatically reduce your spend when you don’t need all that capacity anymore.
Which of the following DOES require capacity decisions?
- Amazon EC2
- ELB
- CloudFront
- AWS Lambda
Show AnswerAnswer:
Amazon EC2
22. Your company wants to reduce expenditure by optimizaing the spend on Amazon EC2 instances. Which one would reduce the cost the MOST?
- On-Demand instance
- Reserved Instances
Show AnswerAnswer:
Reserved Instances
23. Which AWS would you use if you wanted to store data that requires encrypted archival storage with infrequent read access with a long recovery time objective (RTO)?
- Amazon S3
- Amazon CloudFront
- Amazon EC2 Instance Storage
- Amazon Glacier
Show AnswerAnswer:
Amazon Glacier
24. You have decided to store some data in the cloud via AWS. Which service would you choose to store archive data, with low cost and immediate access?
- Amazon Glacier
- Amazon CloudFront
- Amazon EC2 Instance Storage
- Amazon S3
Show AnswerAnswer:
Amazon S3
Comments:
Data stored in Amazon Glacier is not available immediately. Retrieval jobs typically require 3–5 hours to complete, so if you need immediate access to your data, Amazon S3 is a better choice for a low cost archive solution.
25. Amazon Glacier is an extremely low-cost storage service that provides highly secure, durable, and flexible storage for data archiving and online backup.
Which of the following will you NOT be charged for when using Glacier?
- Storage (per GB per month)
- Data transfer in (per GB per month)
- Requests (per thousand UPLOAD and RETRIEVAL requests per month)
- Data transfer out (per GB per month)
Show AnswerAnswer:
Data transfer in (per GB per month)
Comments:
There is NO data transfer in charges for using Amazon Glacier.
26. Amazon Elastic Block Store (Amazon EBS) volumes provide durable block-level storage for use with Amazon EC2 instances (virtual machines). Amazon EBS volumes are off-instance storage that persists independently from the running life of a single Amazon EC2 instance.
Which type would you choose for I/O-intensive workloads, relational databases,and NoSQL databases?
- Amazon EBS Magnetic
- Amazon EBS ZX1
- Amazon EBS General Purpose
- Amazon EBS Provisioned IOPS
Show AnswerAnswer:
Amazon EBS Provisioned IOPS
Comments:
Amazon EBS Provisioned IOPS (SSD- backed) is well-suited for use with I/O-intensive workloads, relational databases,and NoSQL databases.