AWS interview questions and answers for experienced scenario based

1. Define and explain the three basic types of cloud services and the AWS products that are built based on them?

The three basic types of cloud services are:

• Computing
• Storage
• Networking

Here are some of the AWS products that are built based on the three cloud service types:

Computing – These include EC2, Elastic Beanstalk, Lambda, Auto-Scaling, and Lightsat.

Storage – These include S3, Glacier, Elastic Block Storage, Elastic File System.

Networking – These include VPC, Amazon CloudFront, Route53

2. What is the relation between the Availability Zone and Region?

AWS regions are separate geographical areas, like the US-West 1 (North California) and Asia South (Mumbai). On the other hand, availability zones are the areas that are present inside the regions. These are generally isolated zones that can replicate themselves whenever required.

3. What is auto-scaling?

Auto-scaling is a function that allows you to provision and launch new instances whenever there is a demand. It allows you to automatically increase or decrease resource capacity in relation to the demand.

Kickstart your career growth in cloud computing with our AWS Cloud Architect Master’s Program. Join one of the world’s fastest-growing industries from the ground up! Next Cohort Starts:

4. What is geo-targeting in CloudFront?

Geo-Targeting is a concept where businesses can show personalized content to their audience based on their geographic location without changing the URL. This helps you create customized content for the audience of a specific geographical area, keeping their needs in the forefront.

5. What are the steps involved in a CloudFormation Solution?

Here are the steps involved in a CloudFormation solution:

1. Create or use an existing CloudFormation template using JSON or YAML format.
2. Save the code in an S3 bucket, which serves as a repository for the code.
3. Use AWS CloudFormation to call the bucket and create a stack on your template.
4. CloudFormation reads the file and understands the services that are called, their order, the relationship between the services, and provisions the services one after the other.

6. How do you upgrade or downgrade a system with near-zero downtime?

You can upgrade or downgrade a system with near-zero downtime using the following steps of migration:

• Open EC2 console
• Choose Operating System AMI
• Launch an instance with the new instance type
• Install all the updates
• Install applications
• Test the instance to see if it’s working
• If working, deploy the new instance and replace the older instance
• Once it’s deployed, you can upgrade or downgrade the system with near-zero downtime.

Take home these interview Q&As and get much more. Download the complete AWS Interview Guide here:

7. What are the tools and techniques that you can use in AWS to identify if you are paying more than you should be, and how to correct it?

You can know that you are paying the correct amount for the resources that you are using by employing the following resources:

• Check the Top Services Table

  It is a dashboard in the cost management console that shows you the top five most used services. This will let you know how much money you are spending on the resources in question.

• Cost Explorer

  There are cost explorer services available that will help you to view and analyze your usage costs for the last 13 months. You can also get a cost forecast for the upcoming three months.

• AWS Budgets

  This allows you to plan a budget for the services. Also, it will enable you to check if the current plan meets your budget and the details of how you use the services.

• Cost Allocation Tags

  This helps in identifying the resource that has cost more in a particular month. It lets you organize your resources and cost allocation tags to keep track of your AWS costs.

Learn how to design, plan, and scale cloud implementation and excel in the field of cloud computing with Caltech cloud computing certification.

8. Is there any other alternative tool to log into the cloud environment other than console?

The that can help you log into the AWS resources are:

• Putty
• AWS CLI for Linux
• AWS CLI for Windows
• AWS CLI for Windows CMD
• AWS SDK
• Eclipse

9. What services can be used to create a centralized logging solution?

The essential services that you can use are Amazon CloudWatch Logs, store them in Amazon S3, and then use Amazon Elastic Search to visualize them. You can use Amazon Kinesis Firehose to move the data from Amazon S3 to Amazon ElasticSearch.

10. What are the native AWS Security logging capabilities?

Most of the AWS services have their logging options. Also, some of them have an account level logging, like in AWS CloudTrail, AWS Config, and others. Let’s take a look at two services in specific:

AWS CloudTrail

This is a service that provides a history of the AWS API calls for every account. It lets you perform security analysis, resource change tracking, and compliance auditing of your AWS environment as well. The best part about this service is that it enables you to configure it to send notifications via AWS SNS when new logs are delivered.

AWS Config

This helps you understand the configuration changes that happen in your environment. This service provides an AWS inventory that includes configuration history, configuration change notification, and relationships between AWS resources. It can also be configured to send information via AWS SNS when new logs are delivered.

11. What is a DDoS attack, and what services can minimize them?

DDoS is a cyber-attack in which the perpetrator accesses a website and creates multiple sessions so that the other legitimate users cannot access the service. The native tools that can help you deny the DDoS attacks on your AWS services are:

• AWS Shield
• AWS WAF
• Amazon Route53
• Amazon CloudFront
• ELB
• VPC

12. You are trying to provide a service in a particular region, but you do not see the service in that region. Why is this happening, and how do you fix it?

Not all Amazon AWS services are available in all regions. When Amazon initially launches a new service, it doesn’t get immediately published in all the regions. They start small and then slowly expand to other regions. So, if you don’t see a specific service in your region, chances are the service hasn’t been published in your region yet. However, if you want to get the service that is not available, you can switch to the nearest region that provides the services.

13. How do you set up a system to monitor website metrics in real-time in AWS?

Amazon CloudWatch helps you to monitor the application status of various AWS services and custom events. It helps you to monitor:

• State changes in Amazon EC2
• Auto-scaling lifecycle events
• Scheduled events
• AWS API calls
• Console sign-in events

14. What are the different types of virtualization in AWS, and what are the differences between them?

The three major types of virtualization in AWS are:

• Hardware Virtual Machine (HVM)

  It is a fully virtualized hardware, where all the virtual machines act separate from each other. These virtual machines boot by executing a master boot record in the root block device of your image.

• Paravirtualization (PV)

  Paravirtualization-GRUB is the bootloader that boots the PV AMIs. The PV-GRUB chain loads the kernel specified in the menu.

• Paravirtualization on HVM

  PV on HVM helps operating systems take advantage of storage and network I/O available through the host.

15. Name some of the AWS services that are not region-specific

AWS services that are not region-specific are:

• IAM
• Route 53
• Web Application Firewall
• CloudFront

16. What are the differences between NAT Gateways and NAT Instances?

While both NAT Gateways and NAT Instances serve the same function, they still have some key differences.

17. What is CloudWatch?

The Amazon CloudWatch has the following features:

• Depending on multiple metrics, it participates in triggering alarms.
• Helps in monitoring the AWS environments like CPU utilization, EC2, Amazon RDS instances, Amazon SQS, S3, Load Balancer, SNS, etc.

18. What is an Elastic Transcoder?

To support multiple devices with various resolutions like laptops, tablets, and smartphones, we need to change the resolution and format of the video. This can be done easily by an AWS Service tool called the Elastic Transcoder, which is a media transcoding in the cloud that exactly lets us do the needful. It is easy to use, cost-effective, and highly scalable for businesses and developers.

AWS Questions for Amazon EC2

19. What is Amazon EC2?

EC2 is short for Elastic Compute Cloud, and it provides scalable computing capacity. Using Amazon EC2 eliminates the need to invest in hardware, leading to faster development and deployment of applications. You can use Amazon EC2 to launch as many or as few virtual servers as needed, configure security and networking, and manage storage. It can scale up or down to handle changes in requirements, reducing the need to forecast traffic. EC2 provides virtual computing environments called “instances.”

20. What Are Some of the Security Best Practices for Amazon EC2?

Security best practices for Amazon EC2 include using Identity and Access Management (IAM) to control access to AWS resources; restricting access by only allowing trusted hosts or networks to access ports on an instance; only opening up those permissions you require, and disabling password-based logins for instances launched from your AMI.

Scenario-Based AWS Architect Interview Questions

1. You have a webserver on EC2 instance . Your instance can get to the web but nobody on the internet can get to your webserver. How will you troubleshoot this issue ?
2. What steps will you perform to enable a server in private subnet of a VPC to download updates from the web?
3. How will you build a self-healing AWS architecture ?
4. How will you design an AWS architecture for failure ?
5. As a AWS solution architect, how will you implement disaster recovery on AWS ?
6. You run a news website in eu-west-1 region which updates every 15 minutes. The website is accessed by audience across the globe and uses an auto scaling group begind an Elastic load balancer and Amazon relation database service. Static content for the application is on S3 and is distributed using CloudFront. The auto scaling group is set to trigger a scale up event with 60% CPU utilization. You use extra large DB instance with 10.000 Provisioned IOPS that gives CPU Utilization around 80% with freeable memory in the 2GB range. The web analytics report shows that the load time for the webpages is an average of 2 seconds but the SEO consultant suggests that you bring the average load time of your pages to less than 0.5 seconds. What will you do improve the page load time of the website for your users.
7. How will you right size a system for a normal and peak traffic situations ?
8. Tell us about a situation where you were given feedback that made you change your architectural design strategy.
9. What challenges are you looking forward to for the position as an AWS solutions architect ?
10.  Describe a successful AWS project which reflects your design and implementation experience about AWS Solutions Architecture.
11.  How will you design an e-commerce application using AWS services ?
12. What characteristics will you take into consideration when desgining an Amazon Cloud solution?
13. When would you prefer to use provisioned IOPS over Standard RDS storage ?
14. What do you think AWS is missing from a solutions architect perspective?
15. What if Google decides to host YouTube.com on AWS, how will you design the solution architecture ?

If you really love AWS and want to push forward on AWS certifications for sure, these AWS solutions architect interview questions will help you get through the door. However, you will also need to some hands-on and real-life exposure to AWS projects through a comprehensive AWS training to be successful.