Thursday, November 16, 2023

How to choose a region in amazon aws?

How to choose a region in amazon aws?


Amazon Web Services (AWS) region is an important decision that can impact the performance, cost, and legal compliance of your cloud resources. Here are some key factors to consider when selecting an AWS region:

-Proximity to Users: Choose a region that is geographically close to your end users. The closer the region is to your users, the lower the latency they will experience, leading to faster response times for your applications.

-Service Availability: Not all AWS services are available in every region. Check the AWS Regional Services List to ensure that the region you are considering offers all the services you need.

-Compliance and Legal Requirements: Certain data may be subject to legal and regulatory requirements that dictate where it can be stored and processed. Make sure to choose a region that complies with relevant data sovereignty laws and regulations.

-Pricing: The cost of AWS services varies by region. Compare the prices for the services you plan to use in different regions to optimize for cost. AWS Pricing Calculator can help in estimating costs.

-Network Performance and Latency: For some applications, network performance and latency are crucial. Use the AWS Global Infrastructure page to understand the network connectivity and latency between different regions.

-Disaster Recovery and Redundancy: For high availability and disaster recovery, you might need to replicate data across multiple regions. Consider choosing regions that are sufficiently distant from each other to avoid common disasters but close enough to meet your latency requirements.

-Data Transfer Rates: Data transfer rates, especially when moving large amounts of data into and out of AWS, can vary by region. Consider these costs when choosing a region.

-Ecosystem and Partners: Some regions may have a richer ecosystem of partners, marketplaces, and third-party tools, which can be beneficial depending on your specific needs.

-Sustainability: If sustainability is a concern for your organization, consider choosing regions where AWS has committed to using renewable energy sources.

What is availability zone in AWS ?

What is availability zone in AWS ?

The number of Availability Zones (AZs) in Amazon Web Services (AWS) is not something that users can create or define; rather, they are predefined and managed by AWS itself. Each AWS Region consists of multiple, isolated, and physically separate AZs within a geographic area. The exact number of AZs varies from one AWS Region to another.

Here are some key points about AWS Availability Zones:

-Fixed Number per Region: AWS determines the number of AZs in each region based on various factors like demand, capacity, and geographical spread.

-Variable Across Regions: Some regions may have as few as two AZs, while others have more. Larger regions, especially those with high demand, tend to have more AZs.

-Continual Expansion: AWS has been continuously expanding its global infrastructure, adding new Regions and AZs. The number and distribution of AZs are subject to change as AWS grows.

-Purpose of AZs: Each AZ is designed to be isolated from failures in other AZs, offering redundancy and fault tolerance for hosted services and applications.

-Usage by Customers: Customers cannot create new AZs, but they can choose in which AZs to deploy their resources, such as EC2 instances or RDS databases, to achieve desired levels of availability and fault tolerance.

Tuesday, November 14, 2023

What is GitHub?

What is GitHub?

GitHub is a web-based platform and service that provides tools for version control, collaboration, and automation in software development. It simplifies the process of managing and tracking changes to software code, making it easier for teams of developers to work together efficiently.

Here's a simple breakdown:

Version Control: GitHub allows developers to store their code in repositories (folders) and tracks changes made to the code over time. This means you can always go back to a previous version of the code if something goes wrong.

Collaboration: Multiple developers can work on the same project simultaneously. GitHub provides features for team members to collaborate on code, review each other's work, and discuss changes.

Automation: GitHub integrates with various DevOps tools and services, allowing you to automate tasks like testing, building, and deploying your software. This helps streamline the development process and ensures that changes are tested and deployed consistently.

In summary, GitHub is a fundamental tool in DevOps that helps development teams work together, manage their code efficiently, and automate various aspects of the software development lifecycle.


AWS Solutions Architect Interview Questions and Answers (Part3)

AWS Solutions Architect Interview Questions and Answers (Part3)

 

Q1. What is Short polling and Long polling in SQS ?


Ans1 – Amazon SQS provides short polling and long polling to receive messages from a queue. By default, queues use short polling.


With short polling, the ReceiveMessage request queries only a subset of the servers (based on a weighted random distribution) to find messages that are available to include in the response. Amazon SQS sends the response right away, even if the query found no messages.


With long polling, the ReceiveMessage request queries all of the servers for messages. Amazon SQS sends a response after it collects at least one available message, up to the maximum number of messages specified in the request. Amazon SQS sends an empty response only if the polling wait time expires.


Q2. How does the standard queue guarantee that a message is delivered?


Ans2 – Standard queues provide at-least-once delivery, which means that each message is delivered at least once. FIFO queues provide exactly once processing, which means that each message is delivered once and remains available until a consumer processes it and deletes it. Duplicates are not introduced into the queue. 


Q3. How does SQS help decouple systems in AWS?


Ans3 – SQS lets you decouple application components so that they run and fail independently, increasing the overall fault tolerance of the system. Multiple copies of every message are stored redundantly across multiple availability zones so that they are available whenever needed.


Q4. Do we increase the Lambda runtime that jobs will run more than 15 minutes?


Ans4 – You cannot increase the runtime to more than 15 minutes. The AWS Lambda limit page states the Function timeout is 900 seconds (15 minutes). If you need more than 15 minutes of execution time you have to look at other services.


Q5. Any limitation of creating Lambda function with AWS free tier account?


Ans5 – The AWS Lambda free usage tier includes 1M free requests per month and 400,000 GB-seconds of compute time per month.


Q1. What is DynamoDB?

A1. Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. DynamoDB lets you offload the administrative burdens of operating and scaling a distributed database so that you don’t have to worry about hardware provisioning, setup and configuration, replication, software patching, or cluster scaling


Q2.  What is Transitive peering ?

A2. Instead of using VPC peering, you can use an AWS Transit Gateway that acts as a network transit hub, to interconnect your VPCs and on-premises networks. You cannot route packets directly from VPC B to VPC C through VPC A.


Q3. How do I connect to a different VPC in AWS?

A3.The simplest way to connect two VPCs is to use VPC Peering. In this setup, a connection enables full bidirectional connectivity between the VPCs. This peering connection is used to route traffic between the VPCs. VPCs across accounts and AWS Regions can also be peered together.


Q4. Why do we need VPC?

A4. Provision a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define. Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.


Q5. If we have a VPN, do we need NAT gateway?

A5. Yes NAT gateway is required if you have a VPN.


Q6. What is a NAT gateway?

A6. NAT gateway is used to enable instances in a private subnet to connect to the internet or other AWS services, but prevent the internet from initiating a connection with those instances.


Q7. How to create a VPN connection?

A7. Create a VPN connection


In the Amazon VPC console, under VPN Connections, choose VPN Connections.

Select Create VPN Connection.

Enter a meaningful name for the VPN connection.

For Virtual Private Gateway, choose the virtual private gateway you just created.

For Customer Gateway, choose the customer gateway you just created.

For Routing Options, choose Dynamic or Static. If you choose static routing, specify the Static IP Prefixes of the appropriate private network(s) on your office LAN.

Choose Yes, Create.

https://aws.amazon.com/premiumsupport/knowledge-center/create-connection-vpc/



Q1. Can we install PhpMyAdmin for that MySQL instance?


Ans 1 – Installing phpMyAdmin is a quick process and once installed, we can create databases, tables, MySQL users, as well as setting privileges for MySQL users for particular tables or databases. Before installing phpMyAdmin, we should have already installed a web server such as Apache or IIS.


Q2. What about database encryption on AWS?


Ans 2 – Amazon RDS encrypts your databases using keys you manage with the AWS Key Management Service (KMS). On a database instance running with Amazon RDS encryption, data stored at rest in the underlying storage is encrypted, as are its automated backups, read replicas, and snapshots.


Q3. What type of indexing is used in DynamoDB?


Ans 3 – DynamoDB supports two types of secondary indexes: Global secondary index — An index with a partition key and a sort key that can be different from those on the base table. A global secondary index is considered “global” because queries on the index can span all of the data in the base table, across all partitions.


Q4. How does SNS work? Is this for SMS only?


Ans 4 – You can use Amazon SNS to send text messages, or SMS messages, to SMS-enabled devices. You can send a message directly to a phone number, or you can send a message to multiple phone numbers at once by subscribing those phone numbers to a topic and sending your message to the topic.


Q5. Can DynamoDB be used by applications running on any operating system?


Ans 5 – Yes. DynamoDB is a fully managed cloud service that you access via API. Applications running on any operating system (such as Linux, Windows, iOS, Android, Solaris, AIX, and HP-UX) can use DynamoDB. We recommend using the AWS SDKs to get started with DynamoDB.


Q1. What is CloudWAtch?

A1. Amazon CloudWatch is a monitoring and management service that provides data and actionable insights for AWS, hybrid, and on-premises applications and infrastructure resources. With CloudWatch, you can collect and access all your performance and operational data in form of logs and metrics from a single platform.


Q2. What is Route 53 hosted zone?

A2. A hosted zone is an Amazon Route 53 concept. A hosted zone is analogous to a traditional DNS zone file; it represents a collection of records that can be managed together, belonging to a single parent domain name. All resource record sets within a hosted zone must have the hosted zone’s domain name as a suffix.


Q3. Can I buy domain from AWS?

A3.You can register new domain names with Route 53 as well as manage DNS records for your domain. Select Get Started Now under Domain Registration then Click the Register Domain button.


Q4. How much GoDaddy charges for a cheap domain name?

A4. With GoDaddy, you can register domains for as low as ₹ 72.80(INR). You can even snag a free domain with one of our website hosting plans. It doesn’t get any cheaper or any better.


Q5.What is IPv4 and IPv6?

A5.The Internet Protocol version 4 (IPv4) is a protocol for use on packet-switched Link Layer networks (e.g. Ethernet). IPv4 provides an addressing capability of approximately 4.3 billion addresses. The Internet Protocol version 6 (IPv6) is more advanced and has better features compared to IPv4.


Q6. Does VPC have a private and Public Subnet?

A6. Yes, VPC has private and public subnets.


Q1- What is the difference between public and private subnet in AWS?


Ans1 – The instances in the public subnet can send outbound traffic directly to the Internet, whereas the instances in the private subnet can’t. Instead, the instances in the private subnet can access the Internet by using a network address translation (NAT) gateway that resides in the public subnet.


Q2- How many days logs will be maintained in CloudTrail by default?


Ans2 – CloudTrail trail logs are not limited to 90 days retention. They can be delivered to an S3 bucket or to AWS CloudWatch Logs and configured to send SNS notifications when a particular event happens.


Q3- Who should use CloudTrail?


Customers who need to track changes to resources, answer simple questions about user activity, demonstrate compliance, troubleshoot, or perform security analysis should use CloudTrail.


Q4- What is the difference between CloudTrail and CloudWatch?


Ans4 –


AWS CloudWatch:

It is a monitoring tool used for real-time monitoring of AWS resources and applications. It provides a report on the basis of monitoring which can be used to analyze the performance of the system. It monitors various AWS resources like Amazon EC2, Amazon RDS, Amazon S3, Elastic Load Balancer, etc.


AWS CloudTrail:

It is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. It continuously logs and monitors the activities and actions across your AWS account. It also provides the event history of your AWS account including information about who is accessing your AWS services.


Q5- What does “MySQL compatible” mean?


Ans5 – It means that most of the code, applications, drivers, and tools you already use today with your MySQL databases can be used with Aurora with little or no change. The Amazon Aurora database engine is designed to be wire-compatible with MySQL 5.6 and 5.7 using the InnoDB storage engine. Certain MySQL features like the MyISAM storage engine are not available with Amazon Aurora.


Q1.  Why do we use auto scaling?

A1. Auto Scaling is a service in AWS that automatically monitors resources to maintain performance for applications as demand increases or decreases. As the demand increases it scales up the resources and as the demand decreases it scales down the resources.


Q2. What is the difference between auto scaling and load balancing?

A2.Load balancing evenly distributes load to application instances in all availability zones in a region while auto scaling makes sure instances scale up or down depending on the load.


Q3. Can auto scaling upgrade instance?

A3. No, Auto Scaling does not upgrade instances.


Q4. How many auto scaling groups can you have per region?

A4. You can have 200 Auto Scaling Groups per region.(defined by AWS)


Q5. What is difference between Application Load Balancer and Network Load Balancer?

A5.The network load balancer just forward requests whereas the application load balancer examines the contents of the HTTP request header to determine where to route the request. So, the application load balancer is performing content based routing.


Q1- What are IPV4 and IPV6?


Ans1- IPV4 ­- IPv4 stands for Internet Protocol version 4. It is the underlying technology that makes it possible for us to connect our devices to the web. Whenever a device accesses the Internet, it is assigned a unique, numerical IP address such as 99.48.227.227. To send data from one computer to another through the web, a data packet must be transferred across the network containing the IP addresses of both devices.


IPV6 – IPv6 is the next-generation Internet Protocol (IP) address standard intended to supplement and eventually replace IPv4, the protocol many Internet services still use today. Every computer, mobile phone, home automation component, IoT sensor, and any other device connected to the Internet needs a numerical IP address to communicate between other devices. The original IP address scheme, called IPv4, is running out of addresses due to its widespread usage from the proliferation of so many connected devices.


Q2- What is a VPC subnet?


Ans2- Subnet is a key component in VPC. A VPC can contain all public subnets (or) public/private subnet combination. A private Subnet is a subnet that doesn’t have a route to the internet gateway. A subnet can be configured as a VPN-only subnet by routing traffic via a virtual private gateway.


Q3- What is the price of Amazon Route 53?


Ans3 – Amazon Route 53 charges are based on actual usage of the service for Hosted Zones, Queries, and Health Checks.  You pay only for what you use. There are no minimum fees, no minimum usage commitments, and no overage charges


Q4- Why should I use Amazon VPC?


Ans 4 – Amazon VPC enables you to build a virtual network in the AWS cloud – no VPNs, hardware, or physical datacenters required. You can define your own network space, and control how your network and the Amazon EC2 resources inside your network are exposed to the Internet. You can also leverage the enhanced security options in Amazon VPC to provide more granular access to and from the Amazon EC2 instances in your virtual network.


Q5 – Can I connect to my VPC using software VPN?


Ans5- Yes, You may use a third-party software VPN to create a site-to-site or remote access VPN connection with your VPC via the Internet gateway.


Q1. What is the difference between a virtual machine and an AWS machine instance?

A1.EC2 instances are effectively a static portion of host resources, while VMs are ephemeral. Static resources are used to isolate your EC2 instance from those of other tenants hosted on the same server. Since a VM is hosted on a private network, its resources do not need to be isolated.


Q2. What is PPK file in AWS?

A2. PPK file is a SSH private key used to access EC2 Instance through PuTTY in Windows PC.


Q3. How do convert private key from PEM (Open SSH) into PPK (PuTTy SSH)?

A3. To convert your private key


Open PuTTYgen.

Click on Load. By default, PuTTYgen displays only files with the extension .ppk. To locate your .pemfile, choose the option to display files of all types.

Select your .pemfile for the key pair that you specified when you launched your instance and choose Open. PuTTYgen displays a notice that the .pem file was successfully imported. Choose OK.

To save the key in the format that PuTTY can use, choose Save private key.

PuTTYgen displays a warning about saving the key without a passphrase. Choose Yes.

Specify the same name for the key that you used for the key pair (for example, my-key-pair) and choose Save. PuTTY automatically adds the .ppkfile extension

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/putty.html

Q4. Do we need to delete AMI first for deleting a Snapshot?

A4. Yes, for deleting a Snapshot you need to first delete AMI.


Q5. Can we get a email notification if web servers are down?

A5. Yes, you can get a email notification if the server is down but you need to set up email alerts in cloud Watch for that.


Q1 What is the difference between Virtual machine and container?


A1. Virtual machines are part of virtualization environments. A container, on the other hand, is a specific kind of virtualization strategy that offers its own benefits and disadvantages in different kinds of virtualization platforms, including hosted networks and cloud computing systems.


Q2 Can I have multiple health checks in ELB?


A2. Yes, you can but there is only one URL we can provide for continuous health check monitoring. If we use TCP based health check, we can only come to know if the instances are up and running but not the actual web applications.


Q3 Difference between Horizontal and Vertical autoscaling?


A3.  In short, the main difference between vertical and horizontal autoscaling in AWS is that in vertical autoscaling the capacity or size of the instance is increased as per demand whereas in horizontal autoscaling the number of instances (not the size) under the load balancer is increased as per requirement.


Q4 Does the EBS backup go in as a snapshot?


A4. You can back up the data on your Amazon EBS volumes to Amazon S3 by taking point-in-time snapshots. Snapshots are incremental backups, which means that only the blocks on the device that have changed after your most recent snapshot are saved. This minimizes the time required to create the snapshot and saves on storage costs by not duplicating data. Each snapshot contains all of the information that is needed to restore your data (from the moment when the snapshot was taken) to a new EBS volume.


Q5. What can I scale with AWS Auto Scaling?


A5. Amazon EC2 Auto Scaling groups.


Amazon Elastic Container Service (ECS) services (currently ECS services cannot be discovered using resource tags)


Amazon EC2 Spot Fleets.


Amazon DynamoDB throughput capacity.


Aurora replicas for Amazon Aurora.


Q6. Can our Windows file systems be in different regions and EC2 instances are in different regions, What combination is allowed?


A6-  Yes you can have a multi-region Windows File System using Amazon FSx but the setup is a bit different and complex. At first, you will have to setup a VPC peering connection between the two regions that you want to setup for FSx and use another AWS service named AWS Datasync which can copy data for Server Message Block (SMB) protocol. Datasync enables data transfer rapidly over the network in AWS infrastructure and provides end-to-end security, including encryption and integrity validation, to ensure your data arrives securely, intact, and ready to use.


For more information you can check this AWS document:


https://aws.amazon.com/blogs/storage/how-to-replicate-amazon-fsx-file-server-data-across-aws-regions/


AWS Day 3 FAQ’s


Q1 Does AWS help us to delete the data stored in on-premise after successful migration?


A1-Once the migration completes successfully and the migrated VMs are configured and running properly, you can delete the replication job to stop replication from your on-premises data center to AWS.


Q2 Is it free of cost to create AMI on AWS?


A2- You are only charged for the storage of the bits that make up your AMI, there are no charges for creating an AMI. EBS-backed AMIs are made up of snapshots of the EBS volumes that form the AMI.


Q3 What is the main object of AMI on AWS?


A3- An Amazon Machine Image (AMI) provides the information required to launch an instance. You must specify an AMI when you launch an instance. You can launch multiple instances from a single AMI when you need multiple instances with the same configuration.


Q4 Can I have multiple key value pairs for one EC2 instance?


A4- EC2 doesn’t support multiple Key Pairs by default. And updating Key Pairs (adding new keys, replacing existing keys, or deleting existing keys) is not supported by default. User Data allows you to deploy a bunch of Key Pairs on an EC2 instance during bootstrapping.


Q5 Does AMI are region-specific?


A5- Consistent global deployment: Copying an AMI from one Region to another enables you to launch consistent instances in different regions based on the same AMI. You can also take advantage of Region-specific features, such as for instance types or other AWS services.


Q1. What is edge location?

A1. An Edge location is basically a small setup in different locations that provides low latency connectivity by providing static contents to be available from nearest location of the request. What happens is that instead of getting the information from the source it just routes to the nearest edge location and delivers the information reducing the latency. This way the access time is less, and response is faster.


Q2. What is archival data?

A2. The data that you are not going to access for a long period of time or say you are going to access the day less frequently; Archival data is stored so that at any time it can be brought back into service.


Q3. What is the difference between RDS and Non-relational database?

A3. The difference between the relational and non-relational databases: relational databases store data in rows and columns like a spreadsheet while non-relational databases store data don’t, using a storage model (one of four) that is best suited for the type of data it’s storing.


Q4. IAM user cannot create another IAM user?

A4. No, an IAM user is not authorized to create another IAM user, only a Root User can create IAM users and assign permissions to them in terms of Policies.


Q5. To reduce EC2 usage, I just shut it down, after my use, correct?

A5. Yes, correct you shall terminate the resources which you have launched once its need is over, this will save you cost, and you won’t exceed the free tier limit soon. Please try to clean up the resources once, no more required.


Q1. Why is HTTP rule added?

A1.  HTTP is a protocol which allows the fetching of resources. It is the foundation of any data exchange on the Web and it is a client-server protocol, which means requests are initiated by the recipient, usually the Web browser.


Q2.  How many IP addresses are allocated during auto- assigning IP?

A2. 255 IP addresses are allocated out of which 5 IP addresses are reserved by AWS.


Q3. What are inbound and outbound rules?

A3. Inbound rules control the incoming traffic to your instance, and outbound rules control the outgoing traffic from your instance. When you launch an instance, you can specify one or more security groups. If you don’t specify a security group, Amazon EC2 uses the default security group.


Q4. How do I change inbound or outbound rules?

A4. To update a rule using the console :

Open the Amazon VPC console In the navigation pane, choose Security Groups. Select the security group to update. Choose Actions, Edit inbound rules or Actions,Edit outbound rules.


Q5. For ping which protocol needs to be allocated in Security Group?

A5. ICMP protocol is to be allocated in the Security Group for Ping.


AWS DAY 2


Q1. Is EC2 Insatnce a virtual machine?

A1. Yes, EC2 Instance is a virtual machine.


Q2. Is arn unique for each resource in AWS?

A2. Yes arn is unique for each resource in AWS.


Q3. Can we log in with root and the IAM user at the same time?

A3. Yes, but for the other user you have to use incognito browser if you want to log in with both the users at the same time.


Q4. How can we have new user assigned default password policy?

A4. You can set a password policy on your AWS account to specify complexity requirements and mandatory rotation periods for your IAM users’ passwords.


You can use a password policy to do these things:


Set a minimum password length.

Require specific character types, including uppercase letters, lowercase letters, numbers, and non-alphanumeric characters. Be sure to remind your users that passwords are case sensitive.

Allow all IAM users to change their own password

Note: When you allow your IAM users to change their own passwords, IAM automatically allows them to view the password policy. IAM users need permission to view the account’s password policy in order to create a password that complies with the policy.

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html


Q5. Can I have multiple authentication devices active for my AWS account?

A5. Yes. Each IAM user can have its own authentication device. However, each identity (IAM user or root account) can be associated with only one authentication device.


Q6. What is the difference between SSE-C , SSE-KMS and SSE-S3?

A6. With Server-Side Encryption with Customer-Provided Keys (SSE-C), you manage the encryption keys and Amazon S3 manages the encryption, as it writes to disks, and decryption, when you access your objects.

Server-Side Encryption with Customer Master Keys (CMKs) Stored in AWS Key Management Service (SSE-KMS) is similar to SSE-S3, but with some additional benefits and charges for using this service. There are separate permissions for the use of a CMK that provides added protection against unauthorized access of your objects in Amazon S3.

When you use Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3), each object is encrypted with a unique key. As an additional safeguard, it encrypts the key itself with a master key that it regularly rotates. Amazon S3 server-side encryption uses one of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256), to encrypt your data.

https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html


Q7. What is asymmetric key vs. symmetric key?

A7. Symmetric encryption uses the same secret key to perform both the encryption and decryption processes. Asymmetric encryption, also known as public-key encryption, uses two keys, a public key for encryption and a corresponding private key for decryption.


Q8. How many buckets can be created from a single AWS account?

A8. By default, you can create up to 100 buckets in each of your AWS accounts. If you need additional buckets, you can increase your account bucket limit to a maximum of 1,000 buckets by submitting a service limit increase.


Q9. If we create and delete the bucket can we create it with the same name?

A9. Yes. If you have deleted a bucket via the web console, you can create a new one with the same name after a delay of 24h.


Q10. Is S3 a serverless storage service in AWS?

A10. Yes S3 is a serverless storage service in AWS. S3 forms the functional basis for all serverless solutions that handle large files like user-generated data, images, or video content.


Q1. Is SNS Cross region?

A1. Amazon SNS supports cross-region deliveries, both for Regions that are enabled by default and for opt-in Regions. Amazon SNS supports the cross-region delivery of notifications to Amazon SQS queues and to AWS Lambda functions.


Q2. What is the difference between root user and IAM user in AWS?

A2. There are two different types of users in AWS. You are either the account owner (root user) or you are an AWS Identity and Access Management (IAM) user. The root user is created when the AWS account is created and IAM users are created by the root user or an IAM administrator for the account.


Q3. What is the MFA?

A3. AWS Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection on top of your user name and password. You can enable MFA for your AWS account and for individual IAM users you have created under your account. MFA can be also be used to control access to AWS service APIs.


Q4 Can EFS be mounted on a windows ec2?

A4. Amazon EFS is not supported on Windows instances.


Q5. What is the use of bucket Versioning ?

A5. You can use versioning to preserve, retrieve, and restore every version of every object stored in your Amazon S3 bucket. With versioning, you can easily recover from both unintended user actions and application failures.

AWS Solutions Architect Interview Questions and Answers (Part2)

 AWS Solutions Architect Interview Questions and Answers (Part2)


Q1. How terminating and stopping an instance are the different processes?

A1. Instance performs a regular shut down when it is stopped. It then performs transactions. As the entire EBS volumes remain present, it is possible to start the instance anytime again when you want. The best thing is when the instance remains in the stopped state, users don’t need to pay for that particular time.

Upon termination, the instance performs a regular shutdown. After this, the Amazon EBS volumes start deleting. You can stop them from deleting simply by setting the “Delete on Termination” to false. Because the instance gets deleted, it is not possible to run it again in the future.


Q2. At what value the instance’s tenancy attribute is to be set for running it on single-tenant hardware?

A2. It should be set to the Dedicated Instance for smoothly running it on single-tenant hardware. Other values are not valid for this operation.


Q3. When there is a need to acquire costs with an EIP?

A3. EIP stands for Elastic Internet Protocol address. Costs are acquired with an EIP when the same is associated and allocated with a stopped instance. In case only one Elastic IP is there with the instance you are running, you will not be charged for it. However, in case the IP is attached to a stopped instance or doesn’t attach to any instance, you need to pay for it.


Q4. What is the difference between an On-demand instance and a Spot Instance?

A4. Spot instance is similar to bidding and the price of bidding is known as the Spot price. Both Spot and on-demand instances are pricing models. In both of them, there is no commitment to the exact time from the user end. Without upfront payment, Spot instance can be used while the same is not possible in case of an On-demand instance. It needs to be purchased first and the price is higher than the spot instance.


Q5. Name the Instances types for which the Multi AZ-deployments are available?

A5. The Multi-AZ deployments are simply available for all the instances irrespective of their types and use.


Q6. When Instances are launched in the cluster placement group, what are the network performance parameters that can be expected?

A6. Actually, it depends largely on the type of Instance, as well as on the specification of network performance. In case they are started in the placement group, you can expect the following parameters

20 Gbps in case of full-duplex or when in multi-flow

Up to 10 Gbps in case of a single-flow

Outside the group, the traffic is limited to 5 Gbps.


Q7. Which Instance can be used for deploying a 4-node cluster of Hadoop in Amazon Web Services?A7. It is possible to use i2.large or c4.8x large Instance for this. However, c.4bx needs a better configuration on the PC. At some stages, you can simply launch the EMR for the automatic configuration of the server for you. Data can be put into S3 and EMR is able to pick it from there. It will load your data in S3 again after processing it.


Q8.What do you know about an AMI?

A8. AMI is generally considered as the template for the virtual machines. While starting an instance, it is possible to select pre-baked AMI’s that AMI commonly have in them. However, not all AMIs are available to use free of cost. It is also possible to have a customized AMI and the most common reason to use the same is nothing but saving the space on Amazon Web Service. This is done in case a group of software is not required and AMI can simply be customized in that situation.


Q9. Tell us various parameters that you should consider while selecting the Availability Zone?

A9. For this, there are various parameters that should be kept in mind. Some of them are the performance, pricing, latency, as well as response time.


Q10. What do you know about the private and the public address?

A10. Well, the private address is directly correlated with the Instance and is sent back to EC2 only in case it is terminated or stopped. On the other side, the public address is correlated in a similar manner with the Instance until it is terminated or stopped. It is possible to replace the public address with Elastic IP. This is done when a user wants it to stay with Instance as per the need.


Q11. Is it possible to run the multiple websites on the EC2 server with one Elastic IP address?

A11. No, it’s not possible. We need more than one elastic IP in such a case.


Q12. Name the practices available when it comes to securing the Amazon EC2?

A12.This can be done through several practices. A review of the protocols in the security group is to be monitored regularly and it is to be ensured that the principle of least is applicable over there. Next practice is using access management and AWS identity for controlling and securing access. Access is to be restricted to hosts and networks that are trusted. In addition to this, only those permissions are opened which are required and not any other. It would also be good to disable password based logins for the instances.


Q13. What are the states available in Processor State Control?

A13. It contains two states and they are:


P-state-It has different levels starting from P0 to P15. P0 represents the highest frequency and P15 represents the lowest frequency.

C-State-Its levels are from C0 to C6 where C6 is the strongest state for the processor.It is possible to customize these states in a few EC2 instances which enable users to customize processor as per need.

 Q14. Name the approach that restricts the access of third-party software in Storage Service to S3 bucket named “Company Backup”?

A14. There is a policy named custom IAM user policy that limits the S3 API in the bucket


Q15. It is possible to use S3 with EC2 instances. How?

A15. Yes, it’s possible if the instances are having root devices and they are supported by the instance storage. Amazon uses one of the very reliable, scalable, fast, as well as inexpensive networks for hosting all their websites. With the help of S3, it is possible for the developers to get access to the same network. There are tools available in AMI’s that users can consider when it comes to executing systems in EC2. The files can simply be moved between EC2 and S3.


Q16. Is it possible to speed up data transfer in Snowball? How?

A16. Yes, it’s possible. There are certain methods for this. First is simply copying from different hosts to the same Snowball. Another method is by creating a group of smaller files. This is helpful as it cut down the encryption issues. Data transfer can also be enhanced by simply copy operations again and again at the same time provided the workstation is capable to bear the load.


Q17. Name the method that you will use for moving the data to a very long distance?

A17. Amazon Transfer Acceleration is a good option. There are other options such as Snowball but the same doesn’t support data transfer over a very long distance such as among continents. Amazon Transfer Acceleration is the best option because it simply throttles the data with the help of network channels that are optimized and assures very fast data transfer speed.


Q18. What will happen if you launch the instances in Amazon VPC?

A18. This is a common approach that is considered when it comes to launching EC2 instances. Each instance will be having a default IP addressed if the instances are launched in Amazon VPC. This approach is also considered when you need to connect cloud resources with the data centers.


Q19.  Is it possible to establish a connection between the Amazon cloud and a corporate data center? How?

A19. Yes, it’s possible. For this, first, a Virtual Private Network is to be established between the Virtual private cloud and the organization’s network. After this, the connection can simply be created and data can be accessed reliably.


Q20. Why is it not possible to change or modify the private IP address of an EC2 instance when it is running?

A20.  This is because the private IP remains with the instance permanently or through the life cycle. Thus it cannot be changed or modified. However, it is possible to change the secondary private address.


Q21. Why are subnets required to be created?

A21. They are needed to utilize the network with a large number of hosts in a reliable manner. Of course, it’s a daunting task to manage them all. By dividing the network into smaller subnets, it can be made simpler and the chances of errors or data loss can be eliminated up to an excellent extent.


Q22. Is it possible to attach multiple subnets to a routing table?

A22. Yes, it’s possible. They are generally considered when it comes to routing the network packets. Actually, when a subnet has several route tables, it can create confusion about the destination of these packets. It is because of no other reason than this there should be only one route table in a subnet. The route table can have unlimited records and therefore it is possible to attach multiple subnets to a routeing table.


Q23. What happens if the AWS Direct Connect fails to perform its function?

A23. It is recommended to backup the Direct Connect as in case of a power failure you can lose everything. Enabling BFD i.e. Bi-directional Forwarding Detection can avoid the issues. In case no backup is there, VPC traffic would be dropped and you need to start everything from the initial point again.


Q24.  What will happen if the content is absent in CloudFront and a request is made?

A24.  CloudFront sent the content from the primary server directly to the cache memory of the edge location. As it’s a content delivery system, it tries to cut down the latency and that is why it will happen. If the operation is performed for the second time, the data would directly be served from the cache location.


Q25. Is it possible to use direct connect for transferring the objects from the data centers?

A25. Yes, it is possible. Cloud Front simply supports custom origins and thus this task can be performed. However, you need to pay for it depending on the data transfer rates.


Q26. When there is a need to consider Provisional IOPS than Standard RDS storage in AWS?

A26. In case you have hosts that are batch oriented, there is a need for the same. The reason is provisional IOPs are known to provide faster IO rates. However, they are a bit expensive when compared to other options. Hosts with batch processing don’t need manual intervention from the users. It is because of this reason provisional IOPs are preferred.


Q28. Is it possible to run multiple DB for Amazon RDS free of cost?

A28. Yes, it’s possible. However, there is a strict upper limit of 750 hours of usage post which everything will be billed as per RDS prices. In case you exceed the limit, you will be charged only for the extra hours beyond 750.


Q29. Name the services which can be used for collecting and processing e-commerce data?

A29. Amazon Redshift and Amazon DynamoDB are the best options. Generally, data from e-commerce websites are in an unstructured manner. As both of them are useful for unstructured data, we can use them.


Q30. What is the significance of Connection Draining?

A30. There are certain stages when the traffic needs to be re-verified for bugs unwanted files that raise security concerns. Connection draining helps in re-routing the traffic that comes from the Instances and which is in a queue to be updated.


Q31. What is auto-scaling?

 A31. Auto-scaling is a feature of AWS which allows you to configure and automatically provision and spin-up new instances without the need for your intervention.


Q32. What are the different types of cloud services?

A32. Different types of cloud services are:

Software as a Service (SaaS)

Data as a Service (DaaS)

Platform as a Service (PaaS)

Infrastructure as a Service (IaaS)


Q33. What is the type of architecture, where half of the workload is on the public load while at the same time half of it is on the local storage?

A33. Hybrid cloud architecture.


Q34. Can I vertically scale an Amazon instance? How do you do it?

A34. Yes, Spinup a new larger instance than the one you are running, then pause that instance to detach the root EBS volume from this server and discard. After that, stop the live instance and detach its root volume. Note the unique device ID and attach that root volume to the new server, and start again. This way you will have scaled vertically.


Q35. How can you send a request to Amazon S3?

A35. You can send requests by using the REST API or the AWS SDK wrapper libraries that wrap the underlying Amazon S3 REST API.


Q36. Should encryption be used for S3?

A36. Encryption should be considered for sensitive data as S3 is a proprietary technology.


Q37. What are the various AMI design options?

A37. Fully Baked AMI, JeOS (just enough operating system) AMI, and Hybrid AMI.


Q38. Explain what is a T2 instance?

A38.  T2 instances are designed to provide moderate baseline performance and the capability to burst to higher performance as required by workload.


Q39. What is a Serverless application in AWS?

A39. The AWS Serverless Application Model (AWS SAM) extends AWS CloudFormation to provide a simplified way of defining the Amazon API Gateway APIs, AWS Lambda functions, and Amazon DynamoDB tables needed by your serverless application.


Q40. What is the use of Amazon ElastiCache?

A40. Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud.


Q41. Explain how the buffer is used in Amazon web services?

A41. The buffer is used to make the system more robust to manage traffic or load by synchronizing different components.


Q42. Differentiate between stopping and terminating an instance?

A42. When an instance is stopped, the instance performs a normal shutdown and then transitions to a stopped state. When an instance is terminated, the instance performs a normal shutdown, then the attached Amazon EBS volumes are deleted unless the volume’s deleteOnTermination attribute is set to false.


Q43. Is it possible to change the private IP addresses of an EC2 while it is running/stopped in a VPC?A43. The primary private IP address cannot be changed. Secondary private addresses can be unassigned, assigned or moved between interfaces or instances at any point.


Q44. Give one instance where you would prefer Provisioned IOPS over Standard RDS storage?A44. When you have batch-oriented workloads.


Q45. What is the boot time for an instance store backed instance?

A45. The boot time for an Amazon Instance Store -Backed AMI is less than 5 minutes.


Q46. Will you use encryption for S3?

A46. Yes, I will, as it is a proprietary technology. It’s always a good idea to consider encryption for sensitive data on S3.


Q47. What is Identity Access Management and how is it used?

A47. It is a web service, which is used to securely control access to AWS services. Identity Access Management allows you to manage users, security credentials, and resource permissions.


Q48. Explain the advantages of AWS’s Disaster Recovery (DR) solution.

A48. Following are the advantages of AWS’s Disaster Recovery (DR) solution:


AWS offers a cost-effective backup, storage, and DR solution, helping the companies to reduce their capital expenses

Fast setup time and greater productivity gains

AWS helps companies to scale up even during seasonal fluctuations

It seamlessly replicates on-premises data to the cloud

Ensures fast retrieval of files

Q49. What is DynamoDB?

A49. DynamoDB is a fully managed proprietary NoSQL database service, supporting key-value and document data structures. It can be used when a fast and flexible NoSQL database with a flexible data model and reliable performance is required.


Q50. Which data centers are deployed for cloud computing?

A50. There are two data centers in cloud computing, one is Containerized Data centers, and another is Low-Density Data Centers.


Q51. Which AWS services will you use to collect and process e-commerce data for near real-time analysis?

A51. Following are the AWS services will be used to collect and process e-commerce data for near real-time analysis:

Amazon DynamoDB

Amazon ElastiCache

Amazon Elastic MapReduce

Amazon Redshift


Q52. What is SQS?

A52.  Simple Queue Service (SQS) is a distributed message queuing service that acts as a mediator for two controllers. It is a pay-per-use web service.


Q53. What are the popular DevOps tools?

A53. The popular DevOps tools are –

Chef, Puppet, Ansible, and SaltStack – Deployment and Configuration Management Tools

Docker – Containerization Tool

Git – Version Control System Tool

Jenkins – Continuous Integration Tool

Nagios – Continuous Monitoring Tool

Selenium – Continuous Testing Tool


Q54. What is Hybrid cloud architecture?

A54. It is a type of architecture where the workload is divided into two halves among which one is on public load and the other is on the local storage. It is a mix of on-premises, private cloud and third-party, and public cloud services between two platforms.


Q55. What Is Configuration Management?

A55. Configuration management is used to manage the configuration of systems and the services that they provide entirely through code. This is a repetitive and consistent process that is achieved through –

Intuitive command-line interface

Lightweight and easily readable domain-specific language (DSL)

Comprehensive REST-based API


Q56. What are the features of Amazon cloud search?

A56. Amazon cloud search features:

AutoComplete advice

Boolean Searches

Entire text search

Faceting term boosting

Highlighting

Prefix Searches

Range searches


Q57. How do you access the data on EBS in AWS?

A57. Data cannot be accessible on EBS directly by a graphical interface in AWS. This process includes assigning the EBS volume to an EC2 instance. Here, when the volume is connected to any of the instances either it can be Windows or Unix, you can write or read on it. First, you can take a screenshot from the volumes with data and build unique volumes with the help of screenshots. Here, each EBS volume can be attached to only a single instance.


Q58. What is the difference between Amazon RDS, Redshift and Dynamo DB?

A58. Differentiate between Amazon RDS, Redshift and Dynamo DB:

Features Amazon RDS Redshift Dynamo DB

Primary Usage Feature Conventional Databases Datawarehouse Database for dynamically modified data

Database Engine MySQL, Oracle DB, SQL Server, Amazon Aurora, Postgre SQL Redshift NoSQL

Computing Resources Instances with 64 vCPU and 244 GB RAM

 Nodes with vCPU and 244 GB RAM Not specified, SaaS-Software as a Service.

Multi A-Z Replication Additional Service Manual In-built

Maintenance Window 30 minutes every week. 30 minutes every week. No impact

 

Q59. If you hold half of the workload on the public cloud whereas different half is on local storage, in such case what type of architecture can be used?

A59. In such cases, the hybrid cloud architecture can be used.


Q60. Mention the possible connection issues you encounter when connecting to an EC2 instance?A60. Following are the possible connection issues you encounter when connecting to an EC2 instance:

Server refused key

Connection timed out

Host key not found, permission denied.

Unprotected private key file

No supported authentication method available


Q61. What are lifecycle hooks in AWS autoscaling?

A61.Lifecycle hooks can be added in the autoscaling group. It enables you to perform custom actions by pausing instances where the autoscaling group terminates and launches them. Every auto-scaling group consists of multiple lifecycle hooks.


Q62. What is a Hypervisor?

A62. A Hypervisor is a type of software used to create and run virtual machines. It integrates physical hardware resources into a platform which are distributed virtually to each user. Hypervisor includes Oracle Virtual Box, Oracle VM for x86, VMware Fusion, VMware Workstation, and Solaris Zones.


Q63. Explain the use of Route Table?

A63. Route Table is used to control the network traffic where each subnetwork of VPC is associated with a route table. Route table consists of a large number of information, whereas connecting multiple subnetworks to a route table is also feasible.


Q64. What is the use of Connection Draining?

A64. Connection Draining is a process used to support load balancer.  It keeps tracking all of the instances if any instance fails connection draining drag all the traffic from that specific failed instance and re-route the traffic to the active instances.


Q65. Explain the use of Amazon Transfer Acceleration Service?

A65. Amazon Transfer Acceleration Service is used to boost your data transfer with the help of advanced network paths. It also transfers files fast and secures between your client and an S3 bucket.


Q66. How to update AMI tools at the Boot-Time on Linux?

A66. To update  AMI tools at the Boot-Time on Linux:

# Update to Amazon EC2 AMI tools

echo ” + Updating EC2 AMI tools”

yum update -y aws-amitools-ec2

echo ” + Updated EC2 AMI tools”


Q67. How does Encryption is done in S3?

A67.  Encryption is done in S3 by using:

In Transit: SSL/TLS

 At Rest

Server-Side in Encryption

S3 Managed Keys – SSE-S3

AWS Key Management Service, Managed of Keys – SSE-KMS

 6.Server-Side Encryption with Customer Provided Keys – SSE-C

Client-Side Encryptions

 

Q68. What are the pricing models for EC2 instances?

A68. Following are the different pricing model for EC2 instances:

Dedicated

Reserved

On-demand

Scheduled

Spot


Q69. What are the parameters for S3 pricing?

A69. Following are the parameters for S3 pricing:

Transfer acceleration

Number of requests you make

Storage management

Data transfer

Storage used


AWS Solutions Architect Interview Questions and Answers (Part1)

 AWS Solutions Architect Interview Questions and Answers (Part1)


Q1. What Is Amazon EC2?

A1. EC2 is short for Elastic Compute Cloud, and it provides scalable computing capacity. Using Amazon EC2 eliminates the need to invest in hardware, leading to faster development and deployment of applications. You can use Amazon EC2 to launch as many or as few virtual servers as needed, configure security and networking, and manage storage. It can scale up or down to handle changes in requirements, reducing the need to forecast traffic. EC2 provides virtual computing environments called “instances.”


Q2. What Are Some of the Security Best Practices for Amazon EC2?

A2. Security best practices for Amazon EC2 include using Identity and Access Management (IAM) to control access to AWS resources; restricting access by only allowing trusted hosts or networks to access ports on an instance; only opening up those permissions you require, and disabling password-based logins for instances launched from your AMI.


Q3. What Is Amazon S3?

A3. S3 is short for Simple Storage Service, and Amazon S3 is the most supported storage platform available. S3 is object storage that can store and retrieve any amount of data from anywhere. Despite that versatility, it is practically unlimited as well as cost-effective because it is storage available on demand. In addition to these benefits, it offers unprecedented levels of durability and availability. Amazon S3 helps to manage data for cost optimization, access control, and compliance.


Q4. Can S3 Be Used with EC2 Instances, and If Yes, How?

A4. Amazon S3 can be used for instances with root devices backed by local instance storage. That way, developers have access to the same highly scalable, reliable, fast, inexpensive data storage infrastructure that Amazon uses to run its own global network of websites. To execute systems in the Amazon EC2 environment, developers load Amazon Machine Images (AMIs) into Amazon S3 and then move them between Amazon S3 and Amazon EC2.

Amazon EC2 and Amazon S3 are two of the best-known web services that make up AWS.


Q5. What Is Identity Access Management (IAM) and How Is It Used?

A5. Identity Access Management (IAM) is a web service for securely controlling access to AWS services. IAM lets you manage users, security credentials such as access keys, and permissions that control which AWS resources users and applications can access.


Q6. What Is Amazon Virtual Private Cloud (VPC) and Why Is It Used?

A6. A VPC is the best way of connecting to your cloud resources from your own data center. Once you connect your datacenter to the VPC in which your instances are present, each instance is assigned a private IP address that can be accessed from your data center. That way, you can access your public cloud resources as if they were on your own private network.


Q7. What Is Amazon Route 53?

A7. Amazon Route 53 is a scalable and highly available Domain Name System (DNS). The name refers to TCP or UDP port 53, where DNS server requests are addressed.


Q8. What Is Cloudtrail and How Do Cloudtrail and Route 53 Work Together?

A8. CloudTrail is a service that captures information about every request sent to the Amazon Route 53 API by an AWS account, including requests that are sent by IAM users. CloudTrail saves log files of these requests to an Amazon S3 bucket. CloudTrail captures information about all requests. You can use information in the CloudTrail log files to determine which requests were sent to Amazon Route 53, the IP address that the request was sent from, who sent the request, when it was sent, and more.


Q9. When Would You Prefer Provisioned IOPS over Standard Rds Storage?

A9. You would use Provisioned IOPS when you have batch-oriented workloads. Provisioned IOPS delivers high IO rates, but it is also expensive. However, batch processing workloads do not require manual intervention.


Q10. How Do Amazon Rds, Dynamodb, and Redshift Differ from Each Other?

A10. Amazon RDS is a database management service for relational databases. It manages patching, upgrading, and data backups automatically. It’s a database management service for structured data only. On the other hand, DynamoDB is a NoSQL database service for dealing with unstructured data. Redshift is a data warehouse product used in data analysis.


Q11. What Are the Benefits of AWS’s Disaster Recovery?

A11. Businesses use cloud computing in part to enable faster disaster recovery of critical IT systems without the cost of a second physical site. The AWS cloud supports many popular disaster recovery architectures ranging from small customer workload data centre failures to environments that enable rapid failover at scale. With data centres all over the world, AWS provides a set of cloud-based disaster recovery services that enable rapid recovery of your IT infrastructure and data.


Q12. Describe the key components of AWS?

A12. The key components of AWS are:

Simple Storage Device or (S3): It is the most widely used AWS service and also a storage device.

Route 53: It is called a DNS Web Service.

Simple E-mail Service: It is used for sending an e-mail via regular SMTP or by using the RESTFUL API call.

Identity and Access Management: Its purpose is to provide identity management and enhanced security for a user’s AWS account.

Elastic Compute Cloud (EC2): The purpose of EC2 is to provide on-demand computing resources for hosting applications. It is convenient for unpredictable workloads.

Elastic Block Store (EBS): It offers determined storage volumes that connect to EC2 to allow you to endure data past the lifespan of a single Amazon EC2 instance.

Cloud Watch: It allows administrators to view and collect the key to monitoring AWS resources. Also, it can be used to set a notification alarm in case of trouble.


Q13. What is Amazon Machine Image?

A13. Amazon Machine Image is AMI. AMI is a template providing the information (an application server, an operating system, and applications) required for launching an instance. That instance is a copy of the AMI which is running as a virtual server in the cloud. The instances from different AMIs are launched as per requirement.


Q14. Describe the relationship between an instance and AMI?

A14. You can launch multiple types of instances from a single AMI. An instance type defines the host computer hardware which is used for your instance. Different computer and memory capabilities are provided by each instance type. Once an instance is launched, it resembles a traditional host, which is used for interaction as done with any computer.


Q15. What does an AMI include?

A15. An AMI consists of the following things:

A template that is used as the base volume for the instance.

A block device mapping to determine the volumes to attach to the instance when it is launched.

Start-up permissions decide which AWS accounts can leverage the AMI to start instances.


Q16. How to send a request to Amazon S3?

A16. As Amazon S3 is a REST Service, by using the REST API or the AWS SDK wrapper libraries that wrap the elemental Amazon S3 REST API a request is sent.


Q17. Differentiate between Amazon S3 and EC2?

A17. EC2 S3


Q18. In AWS how many buckets can be created by default?

A18. In each AWS account, you can create up to 100 buckets by default.Q19. Explain the process to vertically scale on Amazon Instance?

The steps to vertically scale on Amazon instance are:

Upgrade from the current instance to a new larger instance.

Pause the previous instance and discard it by detaching the root web volumes from the servers.

Now stop the live instance and also detach its root volume.

Attach the root volume to the new server after you note the unique device ID.

And finally, restart it.


Q19. Describe the T2 instances?

A19. T2 instances are designed such as to provide balanced baseline achievement and also it has the capacity to gust to higher achievement based on the requirement of the workload.


Q20. Which subnet should be preferred to launch database servers?

Q20. Among the private and public subnets in VPC, private subnet should be preferred ideally for launching the database servers.


Q21. Enlist few best Security practices for Amazon EC2?

A21. Following are the best security practices for secure Amazon EC2:

To control access to your AWS resources using AWS identity and access management.

Limit the access to ports of instance by allowing only trusted hosts or networks.

Analyse the rules regularly in your security groups.

Open the permissions based on the requirement only.

Disable password-based login.


Q22. Explain the use of a buffer in Amazon web services?

A22. To make the system more robust for managing the traffic or load by synchronizing different components the buffer is used. Generally, receiving and processing of the requests are in an unbalanced way by the components. But when the buffer is used, the components are balanced and work at the same speed to provide proper service.


Q23. What are the possible connection issues one might face while connecting to the instance?

A23. While connecting instances the possible connection issues one might face are:

Connection Time out

User key unrecognizable by the server

Host key not found; permission denied

A private key file which is unprotected

Server refusing key or No support authentication method available

On Safari Browser Error using Mind Term

Error while using Mac OS X RDP Client


Q24. What do you mean by key-pairs in AWS?

A24. The secured login information used for virtual machines is called as Key Pairs. For connecting to the instances, key-pairs containing a public-key and private-key are used.


Q25. Explain the different types of instances?

A25. The different types of instances are:

General-purpose

Computer Optimized

Memory-Optimized

Storage Optimized

Accelerated Computing


Q26. Does Amazon VPC support the property of broadcast or multicast?

A26. No, currently support for the property of broadcast or multicast is not provided by Amazon VPC.


Q27. How many Elastic IPs are can create an AWS account combined?

A27. Five VPC Elastic IP addresses are necessary for creating the AWS account.


Q28. Explain S3’s default storage class?

A28. The default storage class in S3 is a Standard that is frequently accessed.


Q29. What do you understand by the roles?

A29. In AWS, Roles are providing permissions to the entities which you can trust within your account. Roles and users are similar to each other. However, while working with the resources it does not require creating the username and password, unlike users.


Q30. Describe the term edge locations?

A30. The contents are cached in an area which is called the Edge location. Whenever a user tries to access any content, the content will be automatically searched in the edge location.


Q31. Explain VPC?

A31.VPC is an abbreviation for Virtual Private Cloud. It helps in the customization of the networking configuration.VPC is a network in the cloud that is logically isolated from the other network. VPC provides you with IP address range, subnet, internet gateways, and security groups.


Q32. What is a snowball?

A32. A data transport option is called Snowball. Snowball uses source appliances for huge data in and out of AWS. Snowball helps in transferring a massive amount of data in different places. It is helpful in reducing networking costs.


Q33. What is a redshift?

A33. Redshift is a big data warehouse product that is fast and powerful, fully managed data warehouse service in the cloud.


Q34. Enlist the advantages of auto-scaling?

A34. The advantages of auto-scaling are:

It offers tolerance for fault.

Proper availability

Effective cost management

Q35. Define subnet?

A35. A subnet is a huge segment of IP Addresses divided into chunks.


Q36. Is it possible to establish a Peering connection to a VPC in a different region?

A36. No, the peering connection to a VPC is possible in only the same region.


Q37. Define SQL with reference to AWS?

A37. SQL is called Simple Queues Services. It acts as a mediator for two controllers which helps in the distribution of the queuing service.


Q38. How many subnets can be used per VPC?

A38. 200 subnets per VPC can be used.


Q39.  Categorize the DNS and Load Balancer service in cloud service?

A39. DNS and Load Balancer services belong to the IAAS-storage cloud service.


Q40. Explain AWS Cloud Trail?

A40. AWS Cloud Trail is a special tool for logging and tracking API calls. It also helps in auditing the S3 bucket access.


Q41. When was EC2 officially launched?

A41. In the year 2006 EC2 was officially launched.


Q42. What do you understand by SimpleDB?

A42. A data depository is a structured record that strengthens the data doubts and indexing of both S3 and EC2 is Simple DB.


Q43. Define Amazon ElasticCache?

A43. A web service that is easy to deploy, scale, and store data in the cloud is Amazon ElasticCache.


Q44. Define AWS Lambda?

A44. An Amazon computes service which permits you to run code in the AWS Cloud without controlling servers is AWS Lambda.


Q45. What types of AMI are provided by AWS?

A45. AWS provides the following types of AMI:


Instance store backed

EBS backed

Q46. Which AWS service redundantly cache data and images?

A46. AWS service which redundantly cache data and images are AWS Edge locations.


Q47. What do you mean by the term Geo Restriction in CloudFront?

A47. Geo-restriction is a feature that helps us to prevent specific geographic locations users from accessing content that has been distributed through a CloudFront web distribution.


Q48. Explain Amazon EMR?

A48. Amazon EMR is a survived cluster stage which is helpful in data structures as it illustrates the working before the intimation. Apache Spark and Apache Hadoop on Amazon Web Services are helpful in investigating data of a magnificent amount. Using Apache Hive the data for the analytics goals and marketing intellect workloads can be prepared. It also uses other relevant open-source designs.


Q49. Specify the boot time required for the instance stored backed AMI?

A49. The boot time required for an Amazon instance store-backend AMI is less than 5 minutes.


Q50. Is there a requirement of an Internet gateway to use peering connections?

A50. Yes, there is a requirement of an Internet gateway while using VPC (virtual private cloud peering) connections.


Q51. Is it possible to connect the EBS volume to multiple instances?

A51. It is not possible to connect the EBS volume to multiple instances. In fact, it is possible to connect numerous EBS Volumes to a single instance.


Q52. Mention the various types of cloud services?

A52. The various types of cloud services are:

Software as a Service (SaaS)

Data as a Service (DaaS)

Platform as a Service (PaaS)

Infrastructure as a Service (IaaS)


Q53. What is the difference between an AMI and an Instance?

A53. A template consisting of the software configuration part is AMI. For example Application, application server, operating systems. On the other hand, if you start an Instance, it is a duplicate of the AMI in a row as an attendant in the cloud.


 


 



Thursday, November 9, 2023

What is ELB in AWS ?

What is ELB in AWS ?


ELB stands for Elastic Load Balancing, which is a service provided by Amazon Web Services (AWS). It automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions. It ensures that the application traffic is handled efficiently and can scale to meet demand.

Here's a brief overview of what ELB offers:

1. *Distribution of Traffic:* ELB helps in distributing the incoming application or network traffic across multiple computing resources, improving the overall efficiency and fault tolerance of applications.

2. *High Availability:* It automatically routes traffic to available instances across multiple Availability Zones, reducing the risk that an outage in one zone will affect the overall performance of the application.

3. *Scalability:* Elastic Load Balancing can scale your load balancer as traffic to your application changes over time, which can be automated or manually configured.

4. *Types of Load Balancers:* AWS offers three types of load balancers that suit different use cases:
   - *Application Load Balancer (ALB):* Best for HTTP and HTTPS traffic, providing advanced request routing targeted at delivery of modern application architectures, including microservices and containers.
   - *Network Load Balancer (NLB):* Optimized for TCP, UDP, and TLS traffic where extreme performance is required.
   - *Classic Load Balancer (CLB):* Provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level.

5. *Health Checks:* ELB can perform health checks on the computing resources behind it, ensuring that it only sends traffic to the healthy ones.

6. *Security Features:* It works with AWS Certificate Manager (ACM) to enable SSL/TLS for your websites and applications, offering secure and encrypted connections.

7. *Integration with AWS Services:* Elastic Load Balancing integrates well with Amazon CloudWatch for metrics and monitoring, AWS Auto Scaling for elasticity, and AWS Identity and Access Management (IAM) for security.

Elastic Load Balancing is a key component for building resilient and scalable web applications on AWS. 

What is ASG in AWS ?

What is ASG in AWS ?

In AWS (Amazon Web Services), ASG stands for Auto Scaling Group. An Auto Scaling Group is a part of the AWS Auto Scaling service that allows you to automatically scale your EC2 (Elastic Compute Cloud) instances up or down according to conditions you define, such as traffic demands or a schedule.

Here are key points about Auto Scaling Groups:

1. *Dynamic Scaling:* ASGs adjust the number of EC2 instances in response to real-time demand, ensuring that you have the right number of instances to handle the load at any time.

2. *Health Checks:* ASGs perform health checks on instances and replace any that are deemed unhealthy, ensuring that your application has continuous availability.

3. *Load Balancing:* ASGs can be used with Elastic Load Balancing (ELB), which distributes incoming traffic across the instances within the group, for better performance and fault tolerance.

4. *Scheduled Scaling:* You can set up scaling actions to happen at specific times, which is useful for predictable load changes.

5. *Cost Management:* By scaling down when demand is low, you can save on costs by only running the resources you need.

6. *Instance Distribution:* You can spread instances across multiple Availability Zones, reducing the risk of a zone failure impacting your application.

Auto Scaling is a key feature within AWS for maintaining application performance and availability while managing costs.