Block Storage: it functions at a lower level and manages the data asset of blocks.
File Storage: The file storage operates at a higher level or operational level and manages data in the form of files and folders.
API tools such as API Fortress, Scripting languages like Perl and hybrid cloud management tools like Scarl are few such automation gears helpful for Spin Up Services.
It is an important feature available in AWS which helps you in preventing the users from accessing the content from specific regions. CloudFront is useful for distributing the content only to desired locations.
Availability Zone is also known as Data Centre that is designed as an independent failure zone with high-speed connectivity and low latency.
AWS Cloudtrail is an AWS service that helps you to enable governance, risk auditing, and compliance of your AWS account. Cloud trail records events when actions are taken by the role, user, or an AWS service. Events include when actions are taken by AWS command-line interface, AWS management console, APIs, and AWS SDKs.
Under one VPC, we can have 200 subnets.
We have two types of cloud watches: essential monitoring and detailed monitoring. The necessary tracking will come to you free of cost, but when it comes to detailed control, you need to pay for it.
Cloud watching is a monitoring tool in Amazon Web Services with which you can monitor different resources of your organization. You can have a look at various things like health, applications, network, etc.
Vertical Scaling refers to the process of increasing the power and performance of an existing machine by adding up resources to the infrastructure.
Horizontal Scaling refers to the scenario where the power and performance are augmented by adding new machines to the infrastructure.
Vertical Scaling is restricted to handle a limited number of users and Horizontal Scaling comes to the rescue when the users are increasing in large numbers with clustering, load balancing and distributed file system.
Larger files can be uploaded using the Multipart Upload Utility in AWS, where the large files are uploaded in parts independently and parallel to decrease the upload time. The parts will be merged and converted into a single file once the upload is completed.
Classic Load Balancer is designed for simple load balancing of traffic whereas Application Load Balancer helps in intelligent load balancing of traffic across various EC2 instances.
Application Load Balancer is utilised to route traffic to multiple instances.
Multi-AZ RDS is helpful to make a replica of the production database to be available in other availability zones. They come handy in case of disaster recovery and primary database shutdown, to have a complete set of database as a backup.
Network Address Translation gateways help the instances to be connected to the internet. NAT Gateways serve as a one-way traffic regulator since they prevent any initiation of a connection from the Internet to the instances.
Individual archives can be stored up to a maximum of 40 TB in Glacier.
Below listed are the various layers of cloud computing
SaaS: Software as a Service
PaaS: Platform as a Service
IaaS: Infrastructure as a Service
One thing that must be taken into consideration is that no one should resize the data while it is moving from one point to another. The other thing to consider is there should not be any kind of leakage with the security key from the multiple storerooms in the cloud. Dividing the information into different types and encrypting it into valid methods could help you in securing the data in the cloud.
Basic- Free service
Detailed – Charged service
A Hypervisor is a type of software used to create and run virtual machines. It integrates physical hardware resources into a platform which are distributed virtually to each user. Hypervisor includes Oracle Virtual Box, Oracle VM for x86, VMware Fusion, VMware Workstation, and Solaris Zones.
Lifecycle hooks can be added to the autoscaling group. It enables you to perform custom actions by pausing instances where the autoscaling group terminates and launches them. Every auto-scaling group consists of multiple lifecycle hooks.
Data cannot be accessible on EBS directly by a graphical interface in AWS. This process includes assigning the EBS volume to an EC2 instance. Here, when the volume is connected to any of the instances either it can be Windows or Unix, you can write or read on it. First, you can take a screenshot from the volumes with data and build unique volumes with the help of screenshots. Here, each EBS volume can be attached to only a single instance.
A Server load balancer (SLB) provides content delivery and networking services using load balancing algorithms. SLB distributes the network traffic equally across a group of servers to ensure high-performance application delivery.
When the developer launches the instance, the root device volume is used to boot the instance that contains the image. When the developer introduces the Amazon EC2, all AMIs are propped up by an Amazon EC2 instance store.
It is a type of architecture where the workload is divided into two halves among which one is on public load and the other is on the local storage. It is a mix of on-premises, private cloud and third-party, and public cloud services between two platforms.
The popular DevOps tools are:
* Chef, Puppet, Ansible, and SaltStack – Deployment and Configuration Management Tools
* Docker – Containerization Tool
* Git – Version Control System Tool
* Jenkins – Continuous Integration Tool
* Nagios – Continuous Monitoring Tool
* Selenium – Continuous Testing Tool
There are two data centres in cloud computing, one is Containerized Data centres, and another is Low-Density Data Centers.
Following are the policies that can be set for user’s passwords:
* You can set a minimum length of the password.
* You can ask the users to add at least one number or special character to the password.
* Assigning the requirements of particular character types, including uppercase letters, lowercase letters, numbers, and non-alphanumeric characters.
* You can enforce automatic password expiration, prevent the reuse of old passwords, and request for a password reset upon their next AWS sign-in.
* You can have the AWS users contact an account administrator when the user has allowed the password to expire.
Following are the few benefits of the Elastic Beanstalk:
1. Easy and simple: Elastic Beanstalk enables you to manage and deploy the application easily and quickly.
2. Autoscaling: Beanstalk scales up or down automatically when your application traffic increases or decreases.
3. Developer productivity: Developers can easily deploy the application without any knowledge, but they need to maintain the application securely and be user-friendly.
4. Cost-effective: No charge for Beanstalk. Charges are applied for the AWS service resources which you are using for your application.
5. Customization: Elastic Beanstalk allows users to select the configurations of AWS services that users want to use for application development.
6. Management and updates: It updates the application automatically when it changes the platform. Platform updates and infrastructure management are taken care of by AWS professionals.
Elastic Beanstalk is the best service offered by AWS for deploying and managing applications. It assists applications developed in Java, .Net, Node.js, PHP, Ruby, and Python. When you deploy the application, Elastic beanstalk builts the selected supported platform versions and AWS services like S3, SNS, EC2, cloud watch, and autoscaling to run your application.
It can be done by creating an autoscaling group to deploy more instances when the CPU utilization of the EC2 instance exceeds 80 percent and distributing traffic among instances by creating an application load balancer and registering EC2 instances as target instances.
Lifecycle hooks are used for Auto-scaling to put an additional wait time to a scale-in or a scale-out event.
No, a Private IP Address of an EC2 instance cannot be changed. When an EC2 instance is launched, a private IP Address is assigned to that instance at the boot time. This private IP Address is attached to the instance for its entire lifetime and can never be changed.
The buffer is used to make the system more robust to manage traffic or load by synchronizing different components.
Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud.
The AWS Serverless Application Model (AWS SAM) extends AWS CloudFormation to provide a simplified way of defining the Amazon API Gateway APIs, AWS Lambda functions, and Amazon DynamoDB tables needed by your serverless application.
Geo restriction, also known as geoblocking, is used to prevent users in specific geographic locations from accessing content that you’re distributing through a CloudFront web distribution.
Elastic Beanstalk is an orchestration service by AWS, used in various AWS applications such as EC2, S3, Simple Notification Service, CloudWatch, autoscaling, and Elastic Load Balancers. It is the fastest and simplest way to deploy your application on AWS using either AWS Management Console, a Git repository, or an integrated development environment (IDE).
AWS CloudFormation is an Amazon service, dedicated to solving the need to standardize and replicate the architectures to facilitate their execution and optimize resources and costs in the delivery of applications, or compliance with the requirements of the organization. CloudFormation allows creating a proprietary library of instance templates or architectures capable of being delivered at any time and in an organized manner, through programming.
The following are the connection issues faced by the user:
* User key not recognized by the server
* Permission denied
* Connection timeout
* Cannot connect using user’s browser
* Server unexpectedly closed network connection
* Unprotected private key
* Cannot ping the instance
* Server refused host key
The private key must begin with “BEGIN RSA PRIVATE KEY” and end with “ END RSA PRIVATE KEY.”
List of users
List of protocols
List of users
Hope these top AWS Interview questions and answers for freshers and experienced helps you in preparing for top AWS jobs in the Cloud market.
Yes, it is possible by using the Multipart Upload Utility from AWS. With the Multipart Upload Utility, larger files can be uploaded in multiple parts that are uploaded independently. You can also decrease upload time by uploading these parts in parallel. After the upload is done, the parts are merged into a single object or file to create the original file from which the parts were created.
Recovery Time Objective - It is the maximum acceptable delay between the interruption of service and restoration of service. This translates to an acceptable time window when the service can be unavailable.
Recover Point Objective - It is the maximum acceptable amount of time since the last data restore point. It translates to the acceptable amount of data loss which lies between the last recovery point and the interruption of service.
An Instance Store Volume is temporary storage that is used to store the temporary data required by an instance to function. The data is available as long as the instance is running. As soon as the instance is turned off, the Instance Store Volume gets removed and the data gets deleted.
On the other hand, an EBS Volume represents a persistent storage disk. The data stored in an EBS Volume will be available even after the instance is turned off.
An Administrator User will be similar to the owner of the AWS Resources. He can create, delete, modify or view the resources and also grant permissions to other users for the AWS Resources.
A Power User Access provides Administrator Access without the capability to manage the users and permissions. In other words, a user with Power User Access can create, delete, modify or see the resources, but he cannot grant permissions to other users.
A Stateful Firewall is the one that maintains the state of the rules defined. It requires you to define only inbound rules. Based on the inbound rules defined, it automatically allows the outbound traffic to flow.
On the other hand, a Stateless Firewall requires you to explicitly define rules for inbound as well as outbound traffic.
For example, if you allow inbound traffic from Port 80, a Stateful Firewall will allow outbound traffic to Port 80, but a Stateless Firewall will not do so.
Connection Draining is a feature provided by AWS which enables your servers which are either going to be updated or removed, to serve the current requests.
If Connection Draining is enabled, the Load Balancer will allow an outgoing instance to complete the current requests for a specific period but will not send any new request to it. Without Connection Draining, an outgoing instance will immediately go off and the requests pending on that instance will error out.
When AWS creates EC2 instances, there are some blocks of computing capacity and processing power left unused. AWS releases these blocks as Spot Instances. Spot Instances run whenever capacity is available. These are a good option if you are flexible about when your applications can run and if your applications can be interrupted.
On the other hand, On-Demand Instances can be created as and when needed. The prices of such instances are static. Such instances will always be available unless you explicitly terminate them.
When you create an instance in AWS, you may or may not want that instance to be accessible from the public network. Moreover, you may want that instance to be accessible from some networks and not from others.
Security Groups are a type of rule-based Virtual Firewall using which you can control access to your instances. You can create rules defining the Port Numbers, Networks, or protocols from which you want to allow access or deny access.
AWS IAM enables an administrator to provide granular level access to different users and groups. Different users and user groups may need different levels of access to different resources created. With IAM, you can create roles with specific access-levels and assign the roles to the users.
It also allows you to provide access to the resources to users and applications without creating the IAM Roles, which is known as Federated Access.
Geo-Targeting enables the creation of customized content based on the geographic location of the user. This allows you to serve the content which is more relevant to a user. For example, using Geo-Targeting, you can show the news related to local body elections to a user sitting in India, which you may not want to show to a user sitting in the US. Similarly, the news related to Baseball Tournament can be more relevant to a user sitting in the US, and not so relevant for a user sitting in India.
Eventual Consistency - It means that the data will be consistent eventually, but may not be immediate. This will serve the client requests faster, but chances are that some of the initial read requests may read the stale data. This type of consistency is preferred in systems where data need not be real-time. For example, if you don’t see the recent tweets on Twitter or recent posts on Facebook for a couple of seconds, it is acceptable.
Strong Consistency - It provides an immediate consistency where the data will be consistent across all the DB Servers immediately. Accordingly. This model may take some time to make the data consistent and subsequently start serving the requests again. However, in this model, it is guaranteed that all the responses will always have consistent data.