Amazon Web Services is a cloud service from Amazon that offers services that take the form of building blocks. These building blocks can be applied to build and deploy any type of application in the cloud. Amazon Web Services is formed so as to function with each other. It results in applications which are sophisticated and profoundly scalable.
Explain what is S3?
S3 refers to Simple Storage Service. You can apply the S3 interface to store and retrieve any sum of data at any time and from any place on the web. The payment model is “pay as you go” for S3.
How is buffer used in Amazon Web Services?
Buffer is used making the Amazon Web Services system more robust and manages traffic by synchronizing different components. The component processes the requests in an imbalanced manner. With the help of buffer, the components function at the same speed for quicker services and will also be balanced.
Explain the key components of Amazon Web Services?
This is a scalable and highly available Domain Name System (DNS) service. Released on December 5, 2010, it is part of Amazon.com’s cloud computing platform, Amazon Web Services (AWS). The name is a reference to TCP or UDP port 53, where DNS server requests are addressed. Route 53 also enables
Amazon Web Services customers to route users to non-AWS infrastructure and to monitor the health of their application and its endpoints. Route 53’s servers are distributed throughout the world. Amazon Route 53 supports full, end-to-end DNS resolution over IPv6.
Recursive DNS resolvers on IPv6 networks can use either IPv4 or IPv6 transport to send DNS queries to Amazon Route 53. One of the key features of Route 53 is programmatic access to the service that allows customers to modify DNS records via web service calls.
Identity and Access Management
This is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities. With an IAM framework in place, information technology (IT) managers can control user access to critical information within their organizations.
Identity and access management products offer role-based access control, which lets system administrators regulate access to systems or networks based on the roles of individual users within the enterprise.
Identity access management systems should consist of all the necessary controls and tools to capture and record user login information, manage the enterprise database of user identities and orchestrate the assignment and removal of access privileges. Continue reading
Amazon Simple Email Service
This is a cloud-based email sending service designed to help digital marketers and application developers send marketing, notification, and transactional emails. It is a reliable, cost-effective service for businesses of all sizes that use email to keep in contact with their customers.
You can use the SMTP interface or one of the AWS SDKs to integrate Amazon SES directly into your existing applications. You can also integrate the email sending capabilities of Amazon SES into the software you already use, such as ticketing systems and email clients.
Amazon Small Email Service includes features such as content filtering technologies, dedicated IP addresses, and a reputation dashboard help protect and enhance your sender reputation. Maintaining a good reputation ensures that your messages reach your customers’ inboxes. Read more
Simple Storage Device
This is storage for the Internet designed to make web-scale computing easier for developers. It has a simple web services interface that you can use to store and retrieve any amount of data, at any time, from anywhere on the web. It gives any developer access to the same highly scalable, reliable, fast, inexpensive data storage infrastructure that Amazon uses to run its own global network of web sites.
The service aims to maximize benefits of scale and to pass those benefits on to developers. This guide explains the core concepts of Amazon S3, such as buckets, access points, and objects, and how to work with these resources using the Amazon S3 application programming interface (API).
Elastic Block Store
It simply provides raw block-level storage that can be attached to Amazon EC2 instances and is used by Amazon Relational Database Service (RDS). Amazon Elastic Block Store provides a range of options for storage performance and cost.
These options are divided into two major categories: SSD-backed storage for transactional workloads, such as databases and boot volumes (performance depends primarily on IOPS), and disk-backed storage for throughput intensive workloads, such as MapReduce and log processing (performance depends primarily on MB/s).
Elastic Compute Cloud
This forms a central part of Amazon.com’s cloud-computing platform, Amazon Web Services (AWS), by allowing users to rent virtual computers on which to run their own computer applications.
EC2 encourages scalable deployment of applications by providing a web service through which a user can boot an Amazon Machine Image (AMI) to configure a virtual machine, which Amazon calls an “instance”, containing any software desired.
A user can create, launch, and terminate server-instances as needed, paying by the second for active servers hence the term “elastic”. EC2 provides users with control over the geographical location of instances that allows for latency optimization and high levels of redundancy
This is a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.
The CloudWatch collects monitoring and operational data in the form of logs, metrics, and events, providing you with a unified view of AWS resources, applications, and services that run on Amazon Web Services and on-premises servers.
You can use CloudWatch to detect anomalous behaviour in your environments, set alarms, visualize logs and metrics side by side, take automated actions, troubleshoot issues, and discover insights to keep your applications running smoothly.
CloudWatch collects monitoring and operational data in the form of logs, metrics, and events, and visualizes it using automated dashboards so you can get a unified view of your AWS resources, applications, and services that run in AWS and on-premises.
You can correlate your metrics and logs to better understand the health and performance of your resources. You can also create alarms based on metric value thresholds you specify, or that can watch for anomalous metric behaviour based on machine learning algorithms. Learn more about the benefits
What is Amazon Machine Image?
It is a template that offers the information of the operating system, server, applications etc. to run an instance that is the replica of the Amazon Machine Image running in the cloud by taking the role of a virtual server. An instance can be initiated from as many various AMIs according to the requirement.
What is auto-scaling?
It is one of the great features of AWS. It supervises your applications and automatically adjusts capacity to keep up steady, predictable performance in the economic cost. With the help of AWS Auto Scaling, it’s simple to set up application scaling for several resources across multiple services in minutes.
Distinguish between scalability and flexibility?
Scalability: It is the ability of any scheme to augment the tasks on its hardware resources. This is for the purpose of holding the inconsistency in command.
Flexibility: Flexibility is the aptitude of a schema that boosts the task on the hardware property.
Amazon Web Services offers various configuration solutions for Amazon Web Services scalability, flexibility, management and availability
Is an internet gateway required to use peering connections?
There is no requirement of internet gateway to apply virtual private cloud peering connections. The Internet gateway is a network “node” that connects two different networks that use different protocols (rules) for communicating.
In the most basic terms, an Internet gateway is where data stops on its way to or from other networks. For Internet connections at home, the Internet gateway is usually the Internet Service Provider (ISP), who, in this case, offers access to the entire Internet through its own network.
If you have a WiFi connection at home, your Internet gateway is the modem or modem/router combination that your ISP provides so that you connect to the Internet through their network.
If your Internet gateway is a computer server, which is more likely in an office or business situation, it acts as a firewall and a proxy server. A firewall, as discussed earlier, keeps unwanted traffic and outside computers out of a private network. A proxy server makes sure that the actual server can handle your online data requests.
What is RedShift?
Being a data warehouse product, Amazon RedShift is a quick and powerful, completely managed, petabyte-scale data warehouse service in the cloud. Redshift powers analytical workloads for Fortune 500 companies, startups, and everything in between. Companies like Lyft have grown with Redshift from startups to multi-billion dollar enterprises.
RedShift enables Amazon to provide scientists with near real-time analysis of millions of rows of manufacturing data generated by continuous manufacturing equipment, with 1,600 data points per row. Redshift also enables Amazon to query our high-volume data at 10 times the performance of the company’s prior data warehousing solution.
What is Geo Restriction on cloud front?
Also termed as geo-blocking, Geo Restriction can be applied to restrict or block the users in a specific geographic location from accessing the content that is being distributed with the help of CloudFront web distribution.
What is SimpleDB?
Amazon Simple Database Service (SimpleDB) is also called a key-value data store. It is an extensively available and flexible non-relational database that lets developers request and store data. This is done with minimal database management and administrative responsibility.
Is one Elastic IP address enough for every instance that I have running?
Every instance has its own private and public address. The private address is connected exclusively with the instance and is returned to Amazon EC2 only at the time of being stopped or terminated. In the same way, the public address is connected exclusively with the instance until it is stopped or terminated.
This can be replaced by the unique Elastic IP address. Its speciality is that it stays with the instance as long as the user doesn’t remove it manually. However, when you are hosting multiple websites on your EC2 server, you may need more than one Elastic IP address.
What are the best practices for Security in Amazon EC2?
There are various best practices to secure Amazon EC2. Some of them are:
- Apply AWS Identity and Access Management to manage access to your AWS resources.
- Restrict access by only letting trusted hosts or networks to reach ports on your instance.
- Go through the rules in your security groups in a diligent manner frequently
- Open only permissions that you need
- Disable password-based logins for instances initiated from your AMI. Passwords can be identified or cracked and pave the way to security risk.
How will you access the data on EBS in Amazon Web Services?
Elastic block storage offers long-lasting, highly available and high-performance block-level storage that can be associated to a running EC2 instance. The storage can be eventually formatted and mounted as a file system. The raw storage can be reached directly too.
Differentiate between vertical and horizontal scaling in Amazon Web Services
The manner in which you add compute resources to your infrastructure is the major difference between vertical and horizontal scaling. More power is added to the available machine in vertical scaling while extra resources are added into the system in horizontal scaling. There is also the addition of more machines into the network in such a way that the processing and workload is shared among multiple devices.
What is the total number of buckets that can be created in AWS by default?
100 buckets can be formed in each of the AWS accounts. If more buckets are needed, raise the bucket limit by submitting a service limit increase.
What are the possible connection issues you encounter when connecting to an EC2 instance?
- An unprotected private key file
- Connection timed out
- Server refused key
- No supported authentication method present
- Host key not found, permission denied.
- User key not recognized by the server, permission denied.
What happens when you launch instances in Amazon VPC?
Each instance contains a default IP address once the instance is initiated in Amazon VPC. This strategy is regarded as ideal when you should link cloud resources with the data centres.
Is it possible to scale an Amazon instance vertically? How?
It is possible. You have to simply stop the server and then change the instance type. You should again start the server.
What is DynamoDB?
DynamoDB is the solution when you need a fast and flexible NoSQL database that has a flexible data model and dependable performance. It is a fully managed proprietary NoSQL database service that supports key-value and document data structures and is offered by Amazon.com as part of the Amazon Web Services portfolio
DynamoDB exposes a similar data model to and derives its name from Dynamo, but has a different underlying implementation. Dynamo had a multi-master design requiring the client to resolve version conflicts and DynamoDB uses synchronous replication across multiple data centres for high durability and availability.
What are the different types of instances?
Following are the types of instances,
- Storage Optimized
- Computer Optimized
- Accelerated Computing
What are policies and what are the types of policies?
Policies are permissions that you can associate to the users that you build. These policies will consist of that specific access that you have given to the users that you have created. The two types of policies are:
- Managed policies
- Inline policies
What is a snowball?
Snowball is a data transport solution that boosts moving terabyte to petabytes of data into and out of AWS services using storage devices framed to be secure for physical transport. With the help of Snowball, you can remove challenges that can be faced with large-scale data transfers comprising high network costs, security concerns and long transfer times.
How can you convert a public subnet to private subnet?
Eliminate IGW and add NAT Gateway, connect subnet in Private route table. If your VPC has spare capacity, you can simply create additional subnets. To make those subnets private, don’t associate an internet gateway to them.
Culled from Soft Logic Systems | AWS Interview Questions and Answers