How to Prepare for an AWS Interview: Common Questions - Part 2

Q1. How can you secure access to your S3 bucket?

There are two ways that you can control the access to your S3 buckets,
• ACL – Access Control List
• Bucket policies

Q2. How can you encrypt data in S3?

You can encrypt the data by using the below methods,
• Server Side Encryption – S3 (AES 256 encryption)
• Server Side Encryption – KMS (Key Management Service)
• Server Side Encryption – C (Client Side)

Q3. What are the parameters for S3 pricing?

The pricing model for S3 is as below,
• Storage used
• Number of requests you make
• Storage management
• Data transfer
• Transfer acceleration

Q4. What is the pre-requisite to work with Cross-region replication in S3?

You need to enable versioning on both the source bucket and destination to work with cross-region replication. Also both the source and destination buckets should be in different regions.

Q5. What are roles?

Roles are used to provide permissions to entities that you trust within your AWS account. Roles are users in another account. Roles are similar to users but with roles, you do not need to create any username and password to work with the resources.

Q6. What are policies and what are the types of policies?

Policies are permissions that you can attach to the users that you create. These policies will contain the access that you have provided to the users that you have created. There are 2 types of policies.
• Managed policies
• Inline policies

Q7. What is Cloudfront?

Cloudfront is an AWS web service that provided businesses and application developers an easy and efficient way to distribute their content with low latency and high data transfer speeds.
Cloudfront is the content delivery network of AWS.

Q8. What are edge locations?

The edge location is the place where the contents will be cached. When a user tries to access some content, the content will be searched in the edge location. If it is not available then the content will be made available from the origin location and a copy will be stored in the edge location.

Q9. What is the maximum individual archive that you can store in Glacier?

You can store a maximum individual archive of upto 40 TB.

Q10. What is VPC?

VPC stands for Virtual Private Cloud. VPC allows you to easily customize your networking configuration. VPC is a network that is logically isolated from other networks in the cloud. It allows
you to have your own IP address range, subnets, internet gateways, NAT gateways, and security groups.

Q11. What is VPC peering connection?

VPC peering connection allows you to connect 1 VPC with another VPC. Instances in these VPC behave as if they are in the same network.

Q12. What are NAT gateways?

NAT stands for Network Address Translation. NAT gateways enables instances in a private subnet to connect to the internet but prevent the internet from initiating a connection with those instances.

Q13. How can you control the security to your VPC?

You can use security groups and NACL (Network Access Control List) to control the security to your
VPC.

Q14. What are the different types of storage gateway?

Following are the types of storage gateway.
• File gateway
• Volume gateway
• Tape gateway

Q15. What is a snowball?

Snowball is a data transport solution that used source appliances to transfer large amounts of data into and out of AWS. Using snowball, you can move huge amount of data from one place to another which reduces your network costs, long transfer times and also provides better security.

Q16. What are the database types in RDS?

Following are the types of databases in RDS,
• Aurora
• Oracle
• MYSQL server
• Postgresql
• MariaDB
• SQL server

Q17. What is a redshift?

Amazon Redshift is a data warehouse product. It is a fast and powerful, fully managed, petabyte-scale data warehouse service in the cloud.

Q18. What is SNS?

SNS stands for Simple Notification Service. SNS is a web service that makes it easy to notifications from the cloud. You can set up SNS to receive email notifications or message notifications.

Q19. What are the types of routing policies in route53?

Following are the types of routing policies in route53,
• Simple routing
• Latency routing
• Failover routing
• Geolocation routing
• Weighted routing
• Multivalue answer

Q20. What is the maximum size of messages in SQS?

The maximum size of messages in SQS is 256 KB.

Q21. What are the types of queues in SQS?

There are 2 types of queues in SQS.
• Standard queue
• FIFO (First In First Out)

Q22. What is multi-AZ RDS?

Multi-AZ (Availability Zone) RDS allows you to have a replica of your production database in another availability zone. Multi-AZ (Availability Zone) database is used for disaster recovery. You will have an exact copy of your database. So when your primary database goes down, your application will automatically failover to the standby database.

Q23. What are the types of backups in the RDS database?

There are 2 types of backups in the RDS database.
• Automated backups
• Manual backups which are known as snapshots.

Q24.  What are the types of load balancers in EC2?

There are 3 types of load balancers,
• Application load balancer
• Network load balancer
• Classic load balancer

Q25. What is an ELB?

ELB stands for Elastic Load Balancing. ELB automatically distributes the incoming application traffic or network traffic across multiple targets like EC2, containers, and IP addresses.

Q26. What are the two types of access that you can provide when you are creating users?

Following are the two types of access that you can create.
• Programmatic access
• Console access

Q27. What are the benefits of auto-scaling?

Following are the benefits of auto-scaling
• Better fault tolerance
• Better availability
• Better cost management

Q28. What are security groups?

Security groups act as a firewall that contains the traffic for one or more instances. You can associate one or more security groups to your instances when you launch them. You can add rules to each security group that allows traffic to and from its associated instances. You can modify the rules of a security group at any time, the new rules are automatically and immediately applied to all the instances that are associated with the security group

Q29. What are shared AMI’s?

Shared AMI’s are the AMI that are created by other developed and made available for other developed to use.

Q30. What is the difference between the classic load balancer and application load balancer?

Dynamic port mapping, multiple port multiple listeners is used in Application Load Balancer, One port one listener is achieved via Classic Load Balancer.

Part 1: AWS Interview Questions Part 1

Conclusion:

Preparing for an AWS interview can be challenging, but with the right preparation and knowledge, you can ace your interview and land your dream job. We hope our guide to common AWS interview questions and answers has helped you in your preparation. Stay tuned for more interview questions and tips to come, and don't forget to keep practicing and improving your skills. Good luck!!