AWS Flashcards
What are the storage classes available in Amazon S3?
S3 storage classes include:
S3 Standard (frequent access),
S3 Intelligent-Tiering (automatic cost optimization),
S3 Standard-IA (infrequent access),
S3 One Zone-IA (low-cost, infrequent access in one availability zone),
S3 Glacier (low-cost archival),
S3 Glacier Deep Archive (lowest cost for long-term archival).
How do you manage access to Amazon S3 buckets?
Access to S3 buckets is managed using IAM policies, bucket policies, access control lists (ACLs), and object tagging. You can also use AWS Identity and Access Management (IAM) roles for granular access control.
What is Amazon S3 Replication?
S3 Replication allows automatic, asynchronous copying of objects between S3 buckets in the same (same-region replication) or different AWS regions (cross-region replication) for backup, compliance, or latency reduction.
Explain the difference between AWS S3, AWS EBS, and AWS EFS? When do you use what?
S3: Object storage for unstructured data, ideal for backups, archives, and media hosting.
EBS: Block storage for EC2 instances, used for high-performance databases or filesystems.
EFS: Scalable file storage for EC2, suitable for shared access across multiple instances.
Use S3 for backups, EBS for low-latency storage directly attached to instances, and EFS for shared filesystem access.
Explain AWS EC2 Service.
Amazon EC2 (Elastic Compute Cloud) provides scalable virtual servers (instances) in the cloud. EC2 allows you to run applications on a variety of instance types tailored to different computing needs.
Can S3 Be Used with EC2 Instances, and If Yes, How?
Yes, EC2 instances can use S3 for storage by accessing objects over the network. This can be done via the AWS SDK, CLI, or using tools like S3FS to mount an S3 bucket as a file system.
List types of AWS EC2 instances available?
How do you connect EC2 instance from your local machine?
Common EC2 instance types include:
General Purpose (e.g., t3, m5),
Compute Optimized (e.g., c5),
Memory Optimized (e.g., r5, x1),
Storage Optimized (e.g., i3, d2),
GPU Instances (e.g., p3, g4).
You can connect to an EC2 instance via SSH using a key pair and the ssh command. For Windows, you might use tools like PuTTY.
What are the purpose of EC2 tags?
EC2 tags are key-value pairs used to organize, categorize, and manage resources (e.g., by project, environment, cost center).
What is the difference between spot instance and on-demand instance?
On-demand instances are paid at a fixed rate by the hour with no long-term commitment, while spot instances allow you to bid on unused EC2 capacity, which can provide cost savings but are subject to termination when capacity is needed.
What is AMI instance?
An Amazon Machine Image (AMI) is a pre-configured template containing the OS and application data used to launch EC2 instances.
What is EC2 snapshot?
An EC2 snapshot is a point-in-time copy of an EBS volume, stored in S3. It can be used to create new volumes or restore data.
What is the difference between EC2 and ECS Service in AWS?
EC2 provides virtual machines for general-purpose computing. ECS (Elastic Container Service) is a container orchestration service for running Docker containers, either on EC2 instances or AWS Fargate (serverless).
Explain AWS Lambda Service.
AWS Lambda is a serverless compute service that automatically scales your application by running code in response to events without provisioning or managing servers.
What are the advantages of using the Serverless approach?
Serverless advantages include automatic scaling, no infrastructure management, reduced operational cost, and pay-per-execution pricing.
Is there any disadvantage of using this approach too? What do you think?
Disadvantages include cold starts (initial latency), limited execution time (up to 15 minutes for Lambda), and potential complexity in debugging and monitoring.
How long can a Lambda function execute?
Lambda functions can run for a maximum of 15 minutes per execution.
How to deploy Lambda Function in AWS?
How do you implement an AWS Lambda function?
You can deploy Lambda functions using the AWS Console, CLI, or tools like AWS SAM or CloudFormation for automated deployment.
Implement Lambda by writing a handler function in supported languages (e.g., Python, Java, Node.js), packaging the code, and configuring triggers.
How do you troubleshoot AWS Lambda Functions?
Troubleshooting is done via CloudWatch logs, using metrics like invocation count, error count, and duration. X-Ray tracing can be used for debugging distributed applications.
What Is Identity and Access Management (IAM) and How Is It Used?
IAM manages user access and permissions to AWS services and resources through policies. It controls who can access what.
What Is Amazon Virtual Private Cloud (VPC) and Why Is It Used?
A VPC allows you to create a virtual network within AWS to securely isolate and control access to your resources (e.g., EC2 instances).
What is IAM Policy Conditions? Can you provide examples of when and how would you use them in IAM Policy?
IAM Policy Conditions allow you to add extra constraints to policies (e.g., allowing access only from specific IPs). Example: Restricting access to S3 based on the user’s source IP address.
Explain the difference between IAM Policies attached to users and Policies attached to groups.
Policies attached to users apply to individual users. Group policies apply to all users within the group, making management easier for multiple users.
How does Policy evaluation work when a user is a member of multiple groups?
The most permissive policy is applied. If there are conflicting deny and allow policies, the deny policy takes precedence.
Explain the difference between IAM inline Policies and Managed Policies. When would you choose one over the other?
Inline policies are directly attached to a single user, group, or role. Managed policies can be reused across multiple users, groups, and roles. Use managed policies for consistency and ease of maintenance.
