AWS Basic Interview Questions

By /

Question 1: What is Amazon S3?

  1. Expected Answer: Amazon Simple Storage Service (S3) is an object storage service offering scalability, data availability, security, and performance. It is designed for 99.999999999% (11 nines) durability and 99.99% availability of objects over a given year. S3 stores data as objects within buckets. Buckets are like containers for storing objects, and each object has a key (filename) and optional metadata. S3 offers different storage classes optimized for various access patterns and cost considerations, such as S3 Standard, S3 Intelligent-Tiering, S3 Standard-IA, S3 One Zone-IA, S3 Glacier Instant Retrieval, S3 Glacier Flexible Retrieval, and S3 Glacier Deep Archive.
  2. Skill/Concept Being Tested: Core AWS service, Object storage, Scalability, Durability, Availability, Storage classes.

Question 2: What is Amazon EC2?

  1. Expected Answer: Amazon Elastic Compute Cloud (EC2) is a web service that provides resizable compute capacity in the cloud. It allows you to rent virtual servers, known as instances, with various operating systems, software packages, and configurations. You can launch, manage, and terminate these instances as needed, providing flexibility and control over your computing resources. EC2 offers different instance types optimized for various workloads, such as general purpose, compute optimized, memory optimized, accelerated computing, and storage optimized.
  2. Skill/Concept Being Tested: Core AWS service, Virtual machines, Compute capacity, Instance types, Scalability.

Question 3: What is an Availability Zone (AZ) and a Region in AWS?

  1. Expected Answer: An AWS Region is a geographical area consisting of two or more Availability Zones. Each Availability Zone is a physically separate and isolated infrastructure located within a Region. AZs are designed to be isolated from failures in other Availability Zones and provide inexpensive, low-latency network connectivity to other AZs in the same Region. This architecture allows you to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center.
  2. Skill/Concept Being Tested: AWS Global Infrastructure, High Availability, Fault Tolerance, Region concept, Availability Zone concept.

Question 4: What is VPC in AWS?

  1. Expected Answer: Amazon Virtual Private Cloud (VPC) enables you to launch AWS resources in a logically isolated virtual network that you define. You have complete control over your virtual networking environment, including the selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. A VPC spans all the Availability Zones in a Region.
  2. Skill/Concept Being Tested: Networking in AWS, Network isolation, Subnets, Route tables, Network gateways.

Question 5: What are subnets in a VPC?

  1. Expected Answer: A subnet is a range of IP addresses in your VPC. You can launch AWS resources into a subnet that you select. Subnets can be either public or private. Public subnets have a route to an internet gateway, allowing resources within them to directly communicate with the internet. Private subnets do not have a direct route to an internet gateway; resources in a private subnet can communicate with the internet through a Network Address Translation (NAT) gateway or NAT instance in a public subnet.
  2. Skill/Concept Being Tested: VPC networking, IP addressing, Public vs. Private subnets, Internet Gateway, NAT Gateway.

Question 6: What is an Internet Gateway (IGW)?

  1. Expected Answer: An Internet Gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between instances in your VPC and the internet. It performs network address translation (NAT) for instances that have been assigned public IPv4 addresses. An IGW supports IPv4 and IPv6 traffic. You attach one Internet Gateway per VPC.
  2. Skill/Concept Being Tested: VPC networking, Internet connectivity, Network Address Translation (NAT).

Question 7: What are Security Groups?

  1. Expected Answer: Security Groups act as a virtual firewall for your EC2 instances. They control inbound and outbound traffic at the instance level. You configure rules that allow or deny traffic based on protocol, port, and source/destination IP address ranges. Security Groups are stateful, meaning if you allow inbound traffic, the response traffic is automatically allowed outbound, and vice versa. You can associate multiple Security Groups with an instance, and multiple instances can belong to the same Security Group.
  2. Skill/Concept Being Tested: Network security, Firewalls, Instance-level security, Stateful firewalls.

Question 8: What are IAM roles?

  1. Expected Answer: IAM roles are a way to grant permissions to AWS services and applications without needing to use long-term security credentials like access keys. An IAM role defines a set of permissions that entities can assume. When an entity assumes a role, it receives temporary security credentials. Roles are useful for granting permissions to EC2 instances, Lambda functions, and other AWS services to access other AWS resources securely.
  2. Skill/Concept Being Tested: AWS Identity and Access Management (IAM), Permissions management, Security best practices, Avoiding long-term credentials.

Question 9: What is the difference between IAM users and IAM roles?

  1. Expected Answer: IAM users represent people or applications that interact with AWS services. They have unique security credentials (passwords, access keys) for authentication. IAM roles, on the other hand, are identities that you can assume, and they define a set of permissions. Roles are not associated with specific long-term credentials. Instead, when an entity (user, service, etc.) assumes a role, it gets temporary security credentials. The key difference is that users are for persistent identities, while roles are for granting temporary permissions.
  2. Skill/Concept Being Tested: AWS IAM, User management, Role-based access control, Security principles.

Question 10: What is AWS Lambda?

  1. Expected Answer: AWS Lambda is a serverless, event-driven compute service that lets you run code without provisioning or managing servers. You only pay for the compute time consumed – there is no charge when your code is not running. Lambda functions are triggered by events from various AWS services or invoked directly through the AWS CLI or SDKs. Lambda supports multiple programming languages, including Python, Java, Node.js, Go, C#, and Ruby.
  2. Skill/Concept Being Tested: Serverless computing, Event-driven architecture, Compute services, Cost optimization.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top