Table of contents
- Name 5 aws services you have used and what are the use cases?
- What are the tools used to send logs to the cloud environment?
- What are IAM Roles? How do you create /manage them?
- How to upgrade or downgrade a system with zero downtime?
- What is infrastructure as code and how do you use it?
- What is a load balancer? Give scenarios of each kind of balancer based on your experience.
- What is CloudFormation and why is it used for?
- Difference between AWS CloudFormation and AWS Elastic Beanstalk?
- What are the kinds of security attacks that can occur on the cloud? And how can we minimize them?
- Can we recover the EC2 instance when we have lost the key?
- What is a gateway?
- What is the difference between Amazon Rds, Dynamodb, and Redshift?
- Do you prefer to host a website on S3? What's the reason if your answer is either yes or no?
Name 5 aws services you have used and what are the use cases?
Amazon S3 (Simple Storage Service): S3 is an object storage service used to store and retrieve large amounts of data. It is often used for backup and restore, data archiving, content storage and distribution, and hosting static websites.
Amazon EC2 (Elastic Compute Cloud): EC2 provides virtual servers in the cloud, allowing you to run applications and services. It is commonly used for web hosting, running enterprise applications, and batch-processing tasks.
Amazon RDS (Relational Database Service): RDS offers managed database services for popular relational database engines like MySQL, PostgreSQL, Oracle, and SQL Server. It simplifies database administration tasks and is commonly used for application data storage, data warehousing, and analytics.
AWS Lambda: Lambda is a serverless computing service that allows you to run code without provisioning or managing servers. It is commonly used for building serverless applications, event-driven data processing, and executing backend tasks in response to events.
Amazon CloudWatch: CloudWatch is a monitoring and observability service that provides insights into your AWS resources and applications. It is commonly used for monitoring metrics, setting up alarms, and collecting log files to help with troubleshooting and performance optimization.
What are the tools used to send logs to the cloud environment?
Logs can be sent to the cloud environment using a variety of tools, such as Amazon CloudWatch Logs, AWS CloudTrail, and AWS Elastic Beanstalk. Additionally, there are well-known logging and monitoring solutions like Splunk, Logstash, and Fluentd available for this purpose.
What are IAM Roles? How do you create /manage them?
IAM (Identity and Access Management) Roles in AWS are a way to grant permissions and access rights to AWS services and resources securely. They provide temporary credentials and eliminate the need for long-term access keys. IAM roles are commonly used for cross-service interactions and allowing services to access resources without hardcoded credentials.
To create an IAM role, you need to:
Access the IAM service in the AWS Management Console. Navigate to "Roles" and click on "Create role".
Choose the trusted entity type, such as another AWS service or external identity provider.
Define the use case or service that will assume the role.
Attach policies to specify the role's permissions.
Optionally, assign tags for better organization.
Review the details and create the role.
How to upgrade or downgrade a system with zero downtime?
To achieve a system upgrade or downgrade without experiencing any downtime, you can employ strategies like blue-green deployment, rolling deployment, or canary deployment. These approaches entail creating a replica environment, deploying the updated version to the duplicate environment, and gradually transitioning user traffic from the old environment to the new one.
What is infrastructure as code and how do you use it?
Infrastructure as a code is the way of creating cloud services through code. There are some tools like Terraform and CloudFormation used to create resources in the cloud, like S3, EC2, RDS, VPC, etc.
To use IAC you need to create coding scripts by defining the resource details and what are the configurations requirement the resource is going to use. Like in Terraform, it allows users to have a pre-execution check to validate whether the configurations meet the result expectations or not before updating or provisioning the infrastructure. It enables users to have their desired infrastructure across multiple cloud providers through a single and consistent CLI workflow. You can quickly provision different environments using the same configuration and manage the entire lifecycle of your desired infrastructure, thus reducing human errors and increasing automation in the infrastructure provisioning and management process.
What is a load balancer? Give scenarios of each kind of balancer based on your experience.
A load balancer is a networking device or service that distributes incoming network traffic across multiple servers or resources to ensure efficient utilization and high availability. It helps distribute the workload and ensures that no single server becomes overloaded, thereby improving performance, scalability, and fault tolerance.
Application Load Balancer (ALB):
Scenario: An e-commerce website with multiple microservices.
Use case: ALB performs intelligent routing decisions based on application-layer information (HTTP/HTTPS). It is suitable for balancing traffic across multiple services, enabling advanced routing features, such as path-based routing, host-based routing, and content-based routing. ALB is commonly used for web applications, API services, and microservices architectures.
Network Load Balancer (NLB):
Scenario: A high-traffic gaming application with low latency requirements.
Use case: NLB operates at the transport layer (TCP/UDP) and is designed to handle high-volume, low-latency traffic. It is ideal for scenarios that require ultra-low latency, such as gaming or real-time streaming applications. NLB offers network-level load balancing and supports static IP addresses and high throughput.
Classic Load Balancer (CLB):
Scenario: An application with legacy infrastructure and simple load balancing needs.
Use case: CLB is the original load balancer in AWS and provides basic load balancing across multiple instances. It operates at both the application and network layers. Although it lacks advanced features compared to ALB and NLB, it can still be used for simple applications or scenarios that require backward compatibility.
What is CloudFormation and why is it used for?
AWS CloudFormation is a service that allows you to model and provision AWS resources in a declarative way using templates. It is used to automate the deployment and management of infrastructure as code in AWS, making it easier to create, update, and delete stacks of resources with minimal effort. By using CloudFormation, you can create and configure resources in a consistent and repeatable way, reducing the time and effort required to manage your infrastructure.
Difference between AWS CloudFormation and AWS Elastic Beanstalk?
AWS CloudFormation
Infrastructure as Code (IaC) service.
Focuses on provisioning and managing a wide range of AWS resources.
Allows you to define and manage infrastructure using declarative templates.
Offers flexibility to create complex and custom architectures.
Supports a wide range of AWS services and resources.
Enables automation and consistency in resource provisioning and updates.
Well-suited for managing infrastructure and deploying multi-tier applications.
Requires more manual configuration and customization.
AWS Elastic Beanstalk
Platform as a Service (PaaS) offering.
Streamlines application deployment and management.
Focuses on deploying and managing applications rather than infrastructure.
Simplifies the process of deploying and running applications by providing a pre-configured environment.
Handles infrastructure provisioning, capacity management, and load balancing automatically.
Supports multiple programming languages and frameworks.
Offers an easy-to-use web interface and CLI for application management.
Well-suited for developers who want a managed platform and don't require extensive control over infrastructure details.
Provides a simpler and faster deployment experience compared to CloudFormation.
What are the kinds of security attacks that can occur on the cloud? And how can we minimize them?
Several types of security attacks can occur on the cloud. Here are some common ones:
Unauthorized Access
Data Breach
DDoS Attacks
Man-in-the-Middle (MitM) Attacks
Malware and Ransomware
To minimize these security attacks on the cloud, consider the following measures:
Strong Authentication and Access Controls
Data Encryption
Regular Patching and Updates
Network Security
Security Monitoring and Logging
Employee Education and Awareness
Regular Backup and Disaster Recovery
Can we recover the EC2 instance when we have lost the key?
When the key pair for an EC2 instance is lost, there are two methods to recover it:
By creating a new key pair:
Generate a fresh key pair and associate it with the instance.
Stop the instance, detach the root volume, and launch a new instance using the new key pair.
Attach the detached root volume to the new instance, start it, and update security groups and IP addresses if necessary.
By creating an AMI (Amazon Machine Image) and launching a new instance:
Create an AMI of the existing instance, which includes all the configuration and data.
Launch a new instance using the AMI, and during the instance launch wizard, select a new key pair.
Start the new instance with the new key pair, and security groups and IP addresses can be adjusted as required.
What is a gateway?
A gateway is a networking device or software component that serves as an entry or exit point between two different networks. It acts as a bridge between different network protocols or architectures, enabling communication and data transfer between them. Gateways are responsible for routing network traffic, performing protocol conversions, and enforcing security measures.
What is the difference between Amazon Rds, Dynamodb, and Redshift?
Amazon RDS (Relational Database Service)
Amazon RDS is a managed relational database service that supports popular database engines such as MySQL, PostgreSQL, Oracle, and SQL Server.
It provides automated backups, automated software patching, scalability, and high availability.
RDS is suitable for traditional relational database workloads, where data is structured and requires ACID (Atomicity, Consistency, Isolation, Durability) compliance.
It offers features like read replicas, multi-Availability Zone deployment, and automatic failover to enhance performance and availability.
DynamoDB
DynamoDB is a fully managed NoSQL database service provided by AWS.
It offers seamless scalability, high performance, and low latency for applications that require flexible data models and high throughput.
DynamoDB is schema-less and stores data in key-value pairs or document formats.
It automatically scales up or down based on the workload, allowing for elastic and cost-efficient capacity management.
DynamoDB is suitable for use cases that involve high-speed read and write operations, large-scale data storage, and dynamic, non-relational data models.
Redshift
Amazon Redshift is a fully managed data warehousing service designed for analytics and reporting.
It is optimized for handling large datasets and performing complex queries across multiple tables.
Redshift uses columnar storage and parallel processing techniques to provide fast query performance.
It supports structured and semi-structured data and integrates with various data loading and ETL (Extract, Transform, Load) tools.
Redshift is suitable for data warehousing, business intelligence, and data analytics use cases where fast query response times and scalability are critical.
Do you prefer to host a website on S3? What's the reason if your answer is either yes or no?
Hosting a website on S3 may be a good option for simple static websites that don't require server-side scripting or complex functionality. S3 charges based on the amount of storage used and data transferred, which can be significantly cheaper than using a traditional web hosting service.
However, for more advanced websites or applications, other web hosting services may be a better fit. S3 doesn't support server-side scripting, which means you can't use popular web technologies like PHP or ASP.NET. S3 also lacks some features that are typically included in web hosting services, such as domain name registration, email hosting, and database support.
Thank you for reading!!
~Shreya Gupta
Great initiative by the #trainwithshubham community. Thank you Shubham Londhe
#devops #90daysofdevops #aws #iam #awsinterviewquestionsanswers