AWS Interview Questions For Freshers

Question 1

Security

Name some services that can secure your application?

Answer 1

• KMS keys encryption can handle encryption at rest
• AWS Certificate Manager to store SSL certificates to encrypt data in transit
• AWS WAF: for general security threats such as distributed denial-of-service (DDoS) attack, SQL Injection, Man-in-the-middle , Cross-site scripting
• Amazon Guard Duty: threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect AWS accounts, workloads, and data stored in Amazon S3.
• You can use IAM or Cognito User Pools and Indentity Pools to manage authorizatoin and authentication

Question 2

How to make sure you don’t go over a certain budget in AWS?

Answer 2

-You can use AWS budegts to set your threshold
-You can set alerts if you hit a percentage of that threshold
-You can trigger a lambda to shut down an EC2 instance or load balancer

Question 3

What are your alternatives to doing everything in the console?

Answer 3

You have the option to create, update and delete resources via AWS CLI
You can add AWS SDK you can all AWS API actions from your code
Within a DevOps pipeline, you can also update your resources via Iac, like CloudFormation or Terraform.

Question 4

Name the region specific and global specific AWS services?

Answer 4

Global resources: CloudFront, S3, IAM
Regional: EC2 instances, VPC, Lambda, CloudFormation
You can always tell if a resource is regional or global based on whether the top right corner.

Also most compute services are usually regional.

Question 5

Favorite AWS services and Why?

Answer 5

CloudWatch enables you to monitor your complete stack (applications, infrastructure, and network) and use alarms, logs, and events data to take automated actions

Question 6

How would you scale your application running in EC2 or Lambda?

Answer 6

EC2: AutoScaling Groups to scale baased on CPU, Memory, Schedule

Lambda: Is serverless so scaling happens automatically. If you exceed the default concurrent limit of 1000 per Region you can always increase by submitting a request in the AWS Support Center

Question 7

How would you scale your application running Kubernetes?

Answer 7

Kubernetes: HorizontalPodAutoscaler automatically updates a workload resource with the aim of automatically scaling the workload to match demand.

Question 8

Which AWS service would you use to track logs?

Answer 8

Application logs go to Cloudwatch
Infrastructure logs go to Cloudtrail

Question 9

Files – Data collections that are grouped into files located in ______.

Blocks – It is the lowest level of storage and the closest to the _________.

Datasets – Data sets are organized into ______ like SQL or NoSQL

Objects – Data and the associated metadata are organized as ___-____ resources.

Answer 9

Files – Data collections that are grouped into files located in folders.

Blocks – It is the lowest level of storage and the closest to the hardware.

Datasets – Data sets are organized into tables like SQL or NoSQL

Objects – Data and the associated metadata are organized as web-based resources.

Question 10

Amazon Cognito identity pools provide ______________ AWS credentials for users who are ______________ ________ or a ________ for users who have been authenticated.

Answer 10

Cognito user pool = Authourization

Amazon Cognito identity pools provide temporary AWS credentials for users who are unauthenticated guests or a token for users who have been authenticated.

Question 11

With a Cognito user pool you can add ________ and ________ to mobile and web apps and it also offers a user directory so user accounts can be ________ within the user pool.

Answer 11

Cognito user pool = Authentication

With a Cognito user pool you can add sign-up and sign-in to mobile and web apps and it also offers a user directory so user accounts can be created within the user pool.

Question 12

What are three way to run Kubernetes in AWS?

Answer 12

EKS
Red Hat OpenShift Service on AWS (ROSA)
Running self-managed EKS on EC2

Question 13

Can you explain the difference between continuous integration and continuous delivery?

Answer 13

Continuous integration (CI) is the practice of regularly integrating code changes into a shared repository

Continuous delivery (CD) refers to the ability to release new features to production at any time by automating the build, test, and deployment process.

Question 14

How do you handle deployments in a distributed environment? (2)

Answer 14

In a distributed environment, deployments can be handled using Terraform, Ansible, Puppet, or Chef to automate configuring and updating servers.

Additionally, containerization technologies such as Docker can help ensure consistency and ease of deployment across multiple servers.

Question 15

Can you explain the role of a DevOps engineer?

Answer 15

A DevOps engineer manages the processes and tools that enable the development and operations teams to work together seamlessly. This includes implementing and maintaining CI/CD pipelines, monitoring, and logging systems, and infrastructure as code.

Question 16

How do you ensure security in the deployment process? (5)

Answer 16

Implement security best practices such as the principal of least privilege, encryption, and regularly updating systems and libraries.

Incorporating security testing into the CI/CD pipeline can help to catch vulnerabilities before they reach production.

Question 17

How do you handle rollbacks in production?
.

Answer 17

A good backup plan and disaster recovery strategy should include storing multiple versions of the application and **the ability to switch quickly between them **if needed. Feature flags can also help by allowing you to easily disable a feature if there is a problem.

Question 18

Can you explain the concept of “Infrastructure as Code”?

Answer 18

Infrastructure as Code (IaC) is the practice of treating infrastructure as code, which can be versioned, tracked, and managed in the same way as application code.

Question 19

How do you measure the performance of a system in production?

Answer 19

Measuring system performance is done by using monitoring and logging tools to gather metrics such as CPU and memory usage, network traffic, and error rates.

Question 20

Can you explain the difference between a load balancer and a reverse proxy?

Answer 20

A load balancer distributes incoming traffic across multiple servers, while a reverse proxy directs traffic to the appropriate server based on the request.

While load balancers and reverse proxies may seem similar, they serve different purposes and are often used in conjunction with one another.

Question 21

How do you handle scaling in a production environment?

Answer 21

Scaling can be handled by using tools such as auto-scaling groups in cloud environments and containerization technologies like Docker.

Question 22

Can you explain the concept of “blue-green deployment”?

Answer 22

Blue-green deployment is a technique for rolling out updates to a production environment by maintaining two separate production environments, one “blue” and one “green”.