## AWS Interview questions!!!
1️⃣ Name 5 AWS services you have used and their use cases
• EC2 (Elastic Compute Cloud): Used to host applications, web servers, and custom workloads.
• S3 (Simple Storage Service): Object storage for static websites, backups, and logs.
• RDS (Relational Database Service): Managed SQL databases like MySQL or PostgreSQL.
• CloudWatch: Monitoring logs, metrics, and setting alarms.
• IAM (Identity and Access Management): Securely managing access with users, groups, roles, and policies.
2️⃣ What are the tools used to send logs to the cloud environment?
• CloudWatch Logs Agent → To send logs from EC2 to CloudWatch.
• Fluentd / Fluent Bit → Open-source log forwarders for Cloud + containerized environments.
• AWS FireLens (for ECS/EKS containers).
• Kinesis Data Firehose → To collect and stream logs to S3, Redshift, or Elasticsearch/OpenSearch.
3️⃣ What are IAM Roles? How do you create/manage them?
• IAM Roles provide temporary permissions to AWS services/users without using long-term credentials.
• Example: An EC2 instance role allows the instance to access S3 without embedding access keys.
• Creation/Management:
1. Go to IAM Console.
2. Create a new role → choose trusted entity (AWS service, user, or account).
3. Attach permissions (policies).
4. Assign role to resources (like EC2, Lambda, ECS).
4️⃣ How to upgrade or downgrade a system with zero downtime?
• Use Blue/Green Deployment (Elastic Beanstalk, CodeDeploy, ECS).
• Or use Rolling Updates with Auto Scaling Groups.
• Leverage Load Balancers to gradually switch traffic to the new version.
5️⃣ What is Infrastructure as Code (IaC) and how do you use it?
• IaC is managing and provisioning infrastructure through code instead of manual setups.
• Benefits: Consistency, automation, version control, reusability.
• Examples:
• CloudFormation (AWS-native) → YAML/JSON templates.
• Terraform (multi-cloud) → Declarative language (HCL).
6️⃣ What is a Load Balancer? Give scenarios of each kind of balancer.
• Application Load Balancer (ALB): Routes HTTP/HTTPS requests based on URL/path. (e.g., /api → service A, /auth → service B).
• Network Load Balancer (NLB): Handles TCP/UDP at very high performance and low latency (e.g., gaming apps, real-time streaming).
• Classic Load Balancer (CLB): Legacy, basic request distribution (not recommended for new apps).
7️⃣ What is CloudFormation and why is it used?
• CloudFormation is an AWS service for managing infrastructure as code.
• It lets you create and manage resources (EC2, VPC, S3, RDS) in templates.
• Use cases: Automated deployments, disaster recovery, repeatable environments.
8️⃣ Difference between AWS CloudFormation and AWS Elastic Beanstalk?
• CloudFormation: Focuses on provisioning resources (IaC). You manage infrastructure.
• Elastic Beanstalk: Focuses on deploying and managing applications. AWS manages infra + scaling for you.
9️⃣ What are the kinds of security attacks that can occur on the cloud? How can we minimize them?
• Attacks:
• DDoS attacks
• Data breaches
• Man-in-the-middle (MITM) attacks
• Misconfigured S3 buckets / IAM roles
• Mitigation:
• Use AWS Shield & WAF for DDoS.
• Encrypt data (KMS, SSE).
• Apply IAM best practices (least privilege, MFA).
• Regular monitoring with CloudTrail & GuardDuty.
🔟 Can we recover the EC2 instance when we have lost the key?
Yes
Steps:
1. Stop the instance.
2. Detach root volume.
3. Attach to another instance.
4. Add a new public key to ~/.ssh/authorized_keys.
5. Reattach volume to original instance and restart.
1️⃣1️⃣ What is a Gateway?
• Gateway is an entry/exit point for a network.
• AWS Types:
• Internet Gateway (IGW): Allows VPC communication with the internet.
• NAT Gateway: Allows private instances to access the internet securely.
• Virtual Private Gateway: Connects VPC with on-prem via VPN.
• API Gateway: Manages and scales APIs.
1️⃣2️⃣ Difference between Amazon RDS, DynamoDB, and Redshift?
• RDS: Managed relational database (OLTP).
• DynamoDB: Fully managed NoSQL (key-value, high scalability).
• Redshift: Data warehouse for analytics (OLAP).
1️⃣3️⃣ Do you prefer to host a website on S3? Why?
• Yes → If it’s a static website (HTML, CSS, JS). Cost-effective, scalable, no server needed.
• No → If it requires server-side processing (PHP, Node.js, databases). In that case, EC2, ECS, or Elastic Beanstalk is better.
- These answers are structured to show understanding + hands-on knowledge—which is exactly what interviewer is looking for.
Top comments (0)