8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

AWS Interview Questions

A list of top frequently asked AWS Interview Questions and answers are given below.

1) What is AWS?

AWS stands for Amazon Web Services. It is a service which is provided by the Amazon that uses
distributed IT infrastructure to provide different IT resources on demand. It provides different
services such as an infrastructure as a service, platform as a service, and software as a service.

2) What are the components of AWS?

The following are the main components of AWS are:

Simple Storage Service: S3 is a service of aws that stores the files. It is object-based
storage, i.e., you can store the images, word files, pdf files, etc. The size of the file that
can be stored in S3 is from 0 Bytes to 5 TB. It is an unlimited storage medium, i.e., you
can store the data as much you want. S3 contains a bucket which stores the files. A
bucket is like a folder that stores the files. It is a universal namespace, i.e., name must be
unique globally. Each bucket must have a unique name to generate the unique DNS
address.

Elastic Compute Cloud: Elastic Compute Cloud is a web service that provides resizable
compute capacity in the cloud. You can scale the compute capacity up and down as per
the computing requirement changes. It changes the economics of computing by
allowing you to pay only for the resources that you actually use.

Elastic Block Store: It provides a persistent block storage volume for use with EC2
instances in aws cloud. EBS volume is automatically replicated within its availability zone
to prevent the component failure. It offers high durability, availability, and low-latency
performance required to run your workloads.

https://www.javatpoint.com/aws-interview-questions 2/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

CloudWatch: It is a service which is used to monitor all the AWS resources and
applications that you run in real time. It collects and tracks the metrics that measure
your resources and applications. If you want to know about the CloudWatch in detail,
then click on the below link: Click here

Identity Access Management: It is a service of aws used to manage users and their
level of access to the aws management console. It is used to set users, permissions, and
roles. It allows you to grant permission to the different parts of the aws platform. If you
want to know about the IAM, then click the below link: Click here

Simple Email Service: Amazon Simple Email Service is a cloud-based email sending
service that helps digital marketers and application developers to send marketing,
notification, and transactional emails. This service is very reliable and cost-effective for
the businesses of all the sizes that want to keep in touch with the customers.

Route53: It is a highly available and scalable DNS (Domain Name Service) service. It
provides a reliable and cost-effective way for the developers and businesses to route
end users to internet applications by translating domain names into numeric IP
addresses. If you want to know more about Route53 in detail, then click on the link given
below: Click here

3) What are Key-pairs?

An Amazon EC2 uses public key cryptography which is used to encrypt and decrypt the login
information. In public key cryptography, the public key is used to encrypt the information while
at the receiver's side, a private key is used to decrypt the information. The combination of a
public key and the private key is known as key-pairs. Key-pairs allows you to access the
instances securely.

4) What is S3?

S3 is a storage service in aws that allows you to store the vast amount of data. To know more
about S3, click on the link given below:

Click here

5) What are the pricing models for EC2 instances?

There are four pricing models for EC2 instances:

On-Demand instance

https://www.javatpoint.com/aws-interview-questions 3/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

On-Demand pricing is also known as pay-as-you-go. Pay-as-you-go is a pricing

model that allows you to pay only for those resources that you use.

You need to pay for the compute capacity by per hour or per second that
depends on which instances you run.

On-Demand instance does not require any upfront payments.

While using On-Demand instance, you can increase or decrease the compute
capacity based on the requirements of your application.

On-Demand instances are recommended for those applications which are of short
term and unpredictable workloads.

Users that want low cost and flexibility on EC2 instances with no upfront
payments.

On-Demand instances are used for those applications which have been
developed or tested on EC2 for the first time.

Reserved instance
Reserved instance is the second most important pricing model that reduces the
overall cost of your AWS environment by making an upfront payment for those
services that you know will be used in the future.

Reserved instances provide a discount of up to 75% as compared to On-Demand

instance.

Reserved instances are assigned to a specific Availability zone that reserves the
compute capacity for you so that you can use whenever you need.

Reserved instances are mainly recommended for those applications that have
steady state and require reserve capacity.

Customers who want to use the EC2 over 1 to 3 term can use the reserved
instance to reduce the overall computing costs.

Spot instance
Spot instances consist of unused capacity which is available at a highly discounted
rate.

It offers up to 90% discount as compared to On-Demand instance.

Spot instances are mainly recommended for those applications which have
flexible start and end times.

It is useful when applications require computing capacity at a very low price.

https://www.javatpoint.com/aws-interview-questions 4/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

It is useful when applications require additional amount of computing capacity at

an urgent need.

Dedicated Hosts
It is a physical EC2 server which is dedicated for your use. It reduces the overall costs by
providing you a VPC that comprise of a dedicated hardware.

6) What is AWS Lambda?

AWS Lambda is a compute service that runs your code without managing servers. Lambda
function runs your code whenever needed. You need to pay only when your code is running. If
you want to know more about the AWS Lambda, then click on the link shown below:

Click Here

7) How many buckets can be created in S3?

By default, you can create up to 100 buckets.

8) What is Cross Region Replication?

Cross Region Replication is a service available in aws that enables to replicate the data from
one bucket to another bucket which could be in a same or different region. It provides
asynchronous copying of objects, i.e., objects are not copied immediately. If you want to know
more about the Cross Region Replication, then click on the link shown below:

Click Here

9) What is CloudFront?

CloudFront is a computer delivery network which consists of distributed servers that delivers
web pages and web content to a user based on the geographic locations of a user. If you want
to know more about the CloudFront, then click on the link shown below:

Click Here

10) What are Regions and Availability Zones in aws?

Regions: A region is a geographical area which consists of 2 or more availability zones. A

region is a collection of data centers which are completely isolated from other regions.

https://www.javatpoint.com/aws-interview-questions 5/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

Availability zones: An Availability zone is a data center that can be somewhere in the country
or city. Data center can have multiple servers, switches, firewalls, load balancing. The things
through which you can interact with the cloud reside inside the Data center.

If you want to know more about the Availability zone and region, then click on the link shown
below:

Click Here

11) What are edge locations in aws?

Edge locations are the endpoints in aws used for caching content. If you want to know more
about the edge locations, then click on the link shown below:

Click Here

12) What is the minimum and maximum size that you can store in S3?

The minimum size of an object that you can store in S3 is 0 bytes and the maximum size of an
object that you can store in S3 is 5 TB.

13) What are EBS Volumes?

Elastic Block Store is a service that provides a persistent block storage volume for use with EC2
instances in aws cloud. EBS volume is automatically replicated within its availability zone to
prevent from the component failure. It offers high durability, availability, and low-latency
performance required to run your workloads. . If you want to know more about the EBS
Volumes, then click on the link shown below:

Click Here

14) What is Auto Scaling?

Auto Scaling is a feature in aws that automatically scales the capacity to maintain steady and
predictable performance. While using auto scaling, you can scale multiple resources across
multiple services in minutes. If you are already using Amazon EC2 Auto- scaling, then you can
combine Amazon EC2 Auto-Scaling with the Auto-Scaling to scale additional resources for
other AWS services.

Benefits of Auto Scaling

https://www.javatpoint.com/aws-interview-questions 6/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

Setup Scaling Quickly

It sets the target utilization levels of multiple resources in a single interface. You can see
the average utilization level of multiple resources in the same console, i.e., you do not
have to move to the different console.

Make Smart Scaling Decisions

It makes the scaling plans that automate how different resources respond to the
changes. It optimizes the availability and cost. It automatically creates the scaling
policies and sets the targets based on your preference. It also monitors your application
and automatically adds or removes the capacity based on the requirements.

Automatically maintain performance

Auto Scaling automatically optimize the application performance and availability even
when the workloads are unpredictable. It continuously monitors your application to
maintain the desired performance level. When demand rises, then Auto Scaling
automatically scales the resources.

15) What is AMI?

AMI stands for Amazon Machine Image. It is a virtual image used to create a virtual machine
within an EC2 instance. If you want to know more about the AMI, then click on the link shown
below:

Click Here

16) Can a AMI be shared?

Yes, an AMI can be shared.

17) What is an EIP?

EIP (Elastic IP address) is a service provided by an EC2 instance. It is basically a static IP

address attached to an EC2 instance. This address is associated with your AWS account not
with an EC2 instance. You can also disassociate your EIP address from your EC2 instance and
map it to another EC2 instance in your AWS account.

Let's understand the concept of EIP through an example:

https://www.javatpoint.com/aws-interview-questions 7/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

Suppose we consider the website www.javatpoint.com points to the instance which has a
public IP address. When instance is restarted, then AWS takes another public IP address from
the pool and the previous public IP address is no longer valid. Due to this reason, the original
link is no longer available between the website and EC2 instance. To overcome from such
situation, Elastic IP address or static address is used which does not change.

18) What are the different storage classes in S3?

Storage classes are used to assist the concurrent loss of data in one or two facilities. Each
object in S3 is associated with some storage class. Amazon S3 contains some storage classes in
which you can store your objects. You can choose a storage class based on your requirements
and these storage classes offer high durability. To know more about the storage classes and its
types, click on the link given below:

Click Here

19) How can you secure the access to your S3 bucket?

S3 bucket can be secured in two ways:

ACL (Access Control List)

ACL is used to manage the access of resources to buckets and objects. An object of each
bucket is associated with ACL. It defines which AWS accounts have granted access and
the type of access. When a user sends the request for a resource, then its corresponding

https://www.javatpoint.com/aws-interview-questions 8/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

ACL will be checked to verify whether the user has granted access to the resource or not.
When you create a bucket, then Amazon S3 creates a default ACL which provides a full
control over the AWS resources.

Bucket Policies
Bucket policies are only applied to S3 bucket. Bucket policies define what actions are
allowed or denied. Bucket policies are attached to the bucket not to an S3 object but the
permissions define in the bucket policy are applied to all the objects in S3 bucket.

The following are the main elements of Bucket policy:

Sid
A Sid determines what the policy will do. For example, if an action that needs to be
performed is adding a new user to an Access Control List (ACL), then the Sid would be
AddCannedAcl. If the policy is defined to evaluate IP addresses, then the Sid would be
IPAllow.

Effect: An effect defines an action after applying the policy. The action could be either
to allow an action or to deny an action.

Principal
A Principal is a string that determines to whom the policy is applied. If we set the
principal string as '*', then the policy is applied to everyone, but it is also possible that
you can specify individual AWS account.

Action
An Action is what happens when the policy is applied. For example, s3:Getobject is an
action that allows to read object data.

Resource
The Resource is a S3 bucket to which the statement is applied. You cannot enter a simply
bucket name, you need to specify the bucket name in a specific format. For example, the
bucket name is javatpoint-bucket, then the resource would be written as
"arn:aws:s3""javatpoint-bucket/*".

20) What are policies and what are the different types of policies?

Policy is an object which is associated with a resource that defines the permissions. AWS
evaluate these policies when user makes a request. Permissions in the policy determine
whether to allow or to deny an action. Policies are stored in the form of a JSON documents.

AWS supports six types of policies:

Identity-based policies

https://www.javatpoint.com/aws-interview-questions 9/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

Resource-based policies

Permissions boundaries

Organizations SCPs

Access Control Lists

Session policies

Identity-based policies
Identity-based policies are the permissions stored in the form of JSON format. This
policy can be attached to an identity user, group of users or role. It determines the
actions that the users can perform, on which resources, and under what conditions.
Identity-based policies are further classified into two categories:
Managed Policies: Managed Policies are the identity-based policies which can be
attached to multiple users, groups or roles. There are two types of managed
policies:

AWS Managed Policies

AWS Managed Policies are the policies created and managed by AWS. If
you are using the policies first time, then we recommend you to use AWS
Managed Policies.

Custom Managed Policies

Custom Managed Policies are the identity-based policies created by user. It
provides more precise control over the policies than AWS Managed
Policies.

https://www.javatpoint.com/aws-interview-questions 10/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

Inline Policies
Inline Policies are the policies created and managed by user. These policies are
encapsulated directly into a single user, group or a role.

Resource-Based Policies
Resource-based policies are the policies which are attached to the resource such as S3
bucket. Resource-based policies define the actions that can be performed on the
resource and under what condition, these policies can be applied.

Permissions boundaries
Permissions boundaries are the maximum permissions that identity-based policy can
grant to the entity.

Service Control Policies (SCPs)

Service Control Policies are the policies defined in a JSON format that specify the
maximum permissions for an organization. If you enable all the features in an
Organization, then you can apply Service Control Policies to any or all of your AWS
accounts. SCP can limit the permission on entities in member accounts as well as AWS
root user account.

Access Control Lists (ACLs)

ACL defines the control that which principals in another AWS account can access the
resource. ACLs cannot be used to control the access of a principal in a different AWS
account. It is the only policy type which does not have the JSON policy document
format.

21) What are different types of instances?

Following are the different types of instances:

General Purpose Instance type

General purpose instances are the instances mainly used by the companies. There are
two types of General Purpose instances: Fixed performance (eg. M3 and M4) and
Burstable performance (eg. T2). Some of the sectors use this instance such as
Development environments, build servers, code repositories, low traffic websites and
web applications, micro-services, etc.

Following are the General Purpose Instances:

T2 instances: T2 instances are the instances that receive CPU credits when they
are sitting idle and they use the CPU credits when they are active. These instances
do not use the CPU very consistently, but it has the ability to burst to a higher
level when required by the workload.

https://www.javatpoint.com/aws-interview-questions 11/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

M4 instances: M4 instances are the latest version of General purpose instances.

These instances are the best choice for managing memory and network resources.
They are mainly used for the applications where demand for the micro-servers is
high.

M3 instances: M3 instance is a prior version of M4. M4 instance is mainly used

for data processing tasks which require additional memory, caching fleets,
running backend servers for SAP and other enterprise applications.

Compute Optimized Instance type

Compute Optimized Instance type consists of two instance types: C4 and C3.

C3 instance: C3 instances are mainly used for those applications which require
very high CPU usage. These instances are mainly recommended for those
applications that require high computing power as these instances offer high
performing processors.

C4 instance: C4 instance is the next version of C3 instance. C4 instance is mainly

used for those applications that require high computing power. It consists of Intel
E5-2666 v3 processor and use Hardware virtualization. According to the AWS
specifications, C4 instances can run at a speed of 2.9 GHz, and can reach to a
clock speed of 3.5 GHz.

GPU Instances
GPU instances consist of G2 instances which are mainly used for gaming applications
that require heavy graphics and 3D application data streaming. It consists of a high-
performance NVIDIA GPU which is suitable for audio, video, 3D imaging, and graphics
streaming kinds of applications. To run the GPU instances, NVIDIA drivers must be
installed.

Memory Optimized Instances

Memory Optimized Instances consists of R3 instances which are designed for memory-
intensive applications. R3 instance consists of latest Intel Xeon lvy Bridge processor. R3
instance can sustain a memory bandwidth of 63000 MB/sec. R3 instance offers a high-
performance databases, In memory analytics, and distributed memory caches.

Storage Optimized Instances

Storage Optimized Instances consist of two types of instances: I2 and D2 instances.
I2 instance: It provides heavy SSD which is required for the sequential read, and
write access to a large data sets. It also provides random I/O operations to your
applications. It is best suited for the applications such as high-frequency online
transaction processing systems, relational databases, NoSQL databases, Cache for
in-memory databases, Data warehousing applications and Low latency Ad- Tech
serving applications.

https://www.javatpoint.com/aws-interview-questions 12/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

D2 instance: D2 instance is a dense storage instance which consists of a high-

frequency Intel Xeon E5-2676v3 processors, HDD storage, High disk throughput.

22) What is the default storage class in S3?

The default storage class is Standard Frequently Accessed.

23) What is a snowball?

Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer
large amounts of data into and out of aws cloud. If you want to know more about the
Snowball, click on the link given below:

Click Here

24) Difference between Stopping and Terminating the instances?

Stopping: You can stop an EC2 instance and stopping an instance means shutting down the
instance. Its corresponding EBS volume is still attached to an EC2 instance, so you can restart
the instance as well.

Terminating: You can also terminate the EC2 instance and terminating an instance means you
are removing the instance from your AWS account. When you terminate an instance, then its
corresponding EBS is also removed. Due to this reason, you cannot restart the EC2 instance.

25) How many Elastic IPs can you create?

5 elastic IP addresses that you can create per AWS account per region.

26) What is a Load Balancer?

Load Balancer is a virtual machine that balances your web application load that could be Http
or Https traffic that you are getting in. It balances a load of multiple servers so that no web
server gets overwhelmed. To know more, click on the link given below:

Click Here

https://www.javatpoint.com/aws-interview-questions 13/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

27) What is VPC?

VPC stands for Virtual Private Cloud. It is an isolated area of the AWS cloud where you can
launch AWS resources in a virtual network that you define. It provides a complete control on
your virtual networking environment such as selection of an IP address, creation of subnets,
configuration of route tables and network gateways. To know more about VPC, click on the link
given below:

Click Here

28) What is VPC peering connection?

A VPC peering connection is a networking connection that allows you to connect one
VPC with another VPC through a direct network route using private IP addresses.

By using VPC peering connection, instances in different VPC can communicate with each
other as if they were in the same network.

You can peer VPCs in the same account as well as with the different AWS account

To know more about, click on the link given below: Click Here

29) What are NAT Gateways?

NAT stands for Network Address Translation. It is an aws service that enables to connect an
EC2 instance in private subnet to the internet or other AWS services. If you want to know more
about NAT Gateways, click on the link shown below:

Click Here

30) How can you control the security to your VPC?

You can control the security to your VPC in two ways:

Security Groups
It acts as a virtual firewall for associated EC2 instances that control both inbound and
outbound traffic at the instance level. To know more about Security Groups, click on the
link given below: Click Here

Network access control lists (NACL)

It acts as a firewall for associated subnets that control both inbound and outbound

https://www.javatpoint.com/aws-interview-questions 14/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

traffic at the subnet level. To know more about NACL, click on the link given below: Click
Here

31) What are the different database types in RDS?

Following are the different database types in RDS:

Amazon Aurora
It is a database engine developed in RDS. Aurora database can run only on AWS
infrastructure not like MySQL database which can be installed on any local device. It is a
MySQL compatible relational database engine that combines the speed and availability
of traditional databases with the open source databases. To know more about Amazon
Aurora, click on the link given below: Click Here

Postgre SQL
PostgreSQL is an open source relational database for many developers and
startups.

It is easy to set up, operate, and can also scale PostgreSQL deployments in the
cloud.

You can also scale PostgreSQL deployments in minutes with cost-efficient.

PostgreSQL database manages time-consuming administrative tasks such as

PostgreSQL software installation, storage management, and backups for disaster
recovery.

MySQL
It is an open source relational database.

It is easy to set up, operate, and can also scale MySQL deployments in the cloud.

By using Amazon RDS, you can deploy scalable MySQL servers in minutes with
cost-efficient.

MariaDB

It is an open source relational database created by the developers of MySQL.

It is easy to set up, operate, and can also scale MariaDB server deployments in the
cloud.

By using Amazon RDS, you can deploy scalable MariaDB servers in minutes with
cost-efficient.

It frees you from managing administrative tasks such as backups, software

patching, monitoring, scaling and replication.

https://www.javatpoint.com/aws-interview-questions 15/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

Oracle
It is a relational database developed by Oracle.

It is easy to set up, operate, and can also scale Oracle database deployments in
the cloud.

You can deploy multiple editions of Oracle in minutes with cost-efficient.

It frees you from managing administrative tasks such as backups, software

patching, monitoring, scaling and replication.

You can run Oracle under two different licensing models: "License Included" and
"Bring Your Own License (BYOL)". In License Included service model, you do
need have to purchase the Oracle license separately as it is already licensed by
AWS. In this model, pricing starts at $0.04 per hour. If you already have purchased
the Oracle license, then you can use the BYOL model to run Oracle databases in
Amazon RDS with pricing starts at $0.025 per hour.

SQL Server

SQL Server is a relational database developed by Microsoft.

It is easy to set up, operate, and can also scale SQL Server deployments in the
cloud.

You can deploy multiple editions of SQL Server in minutes with cost-efficient.

It frees you from managing administrative tasks such as backups, software

patching, monitoring, scaling and replication.

32) What is Redshift?

Redshift is a fast, powerful, scalable and fully managed data warehouse service in the
cloud.

It provides ten times faster performance than other data warehouse by using machine
learning, massively parallel query execution, and columnar storage on high-performance
disk.

You can run petabytes of data in Redshift datawarehouse and exabytes of data in your
data lake built on Amazon S3.

To know more about Amazon Redshift, click on the link given below: Click Here

https://www.javatpoint.com/aws-interview-questions 16/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

33) What is SNS?

SNS stands for Simple Notification Service. It is a web service that provides highly scalable,
cost-effective, and flexible capability to publish messages from an application and sends them
to other applications. It is a way of sending messages. If you want to know more about SNS,
click on the link given below:

Click Here

34) What are the different types of routing policies in route53?

Following are the different types of routing policies in route53:

Simple Routing Policy

Simple Routing Policy is a simple round-robin policy which is applied to a single

resource doing the function for the domain, For example, web server is sending
the content to a website where web server is a single resource.

It responds to DNS queries based on the values present in the resource.

Weighted Routing Policy

Weighted Routing Policy allows you to route the traffic to different resources in
specified proportions. For example, 75% in one server, and 25% in another server.

Weights can be assigned in the range from 0 to 255.

Weight Routing policy is applied when there are multiple resources accessing the
same function. For example, web servers accessing the same website. Each web
server will be given a unique weight number.

Weighted Routing Policy associates the multiple resources to a single DNS name.

Latency-based Routing Policy

Latent-based Routing Policy allows Route53 to respond to the DNS query at

which data center gives the lowest latency.

Latency-based Routing policy is used when there are multiple resources accessing
the same domain. Route53 will identify the resource that provides the fastest
response with lowest latency.

Failover Routing Policy

Geolocation Routing Policy

https://www.javatpoint.com/aws-interview-questions 17/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

35) What is the maximum size of messages in SQS?

The maximum size of message in SQS IS 256 KB.

36) Differences between Security group and Network access control

list?

Security Group NACL (Network Access Control List)

It supports only allow rules, and by It supports both allow and deny rules, and by
default, all the rules are denied. You default, all the rules are denied. You need to
cannot deny the rule for establishing a add the rule which you can either allow or deny
connection. it.

It is a stateful means that any changes It is a stateless means that any changes made
made in the inbound rule will be in the inbound rule will not reflect the
automatically reflected in the outbound outbound rule, i.e., you need to add the
rule. For example, If you are allowing an outbound rule separately. For example, if you
incoming port 80, then you also have to add an inbound rule port number 80, then you
add the outbound rule explicitly. also have to explicitly add the outbound rule.

It is associated with an EC2 instance. It is associated with a subnet.

All the rules are evaluated before deciding Rules are evaluated in order, starting from the
whether to allow the traffic. lowest number.

Security Group is applied to an instance NACL has applied automatically to all the
only when you specify a security group instances which are associated with an instance.
while launching an instance.

It is the first layer of defense. It is the second layer of defense.

37) What are the two types of access that you can provide when you
are creating users?

There are two types of access:

Console Access
If the user wants to use the Console Access, a user needs to create a password to login
in an AWS account.
https://www.javatpoint.com/aws-interview-questions 18/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

Programmatic access
If you use the Programmatic access, an IAM user need to make an API calls. An API call
can be made by using the AWS CLI. To use the AWS CLI, you need to create an access
key ID and secret access key.

38) What is subnet?

When large section of IP address is divided into smaller units is known as subnet.

A Virtual Private Cloud (VPC) is a virtual network provided to your AWS account. When you
create a virtual cloud, you need to specify the IPv4 addresses which is in the form of CIDR
block. After creating a VPC, you need to create the subnets in each availability zone. Each
subnet has a unique ID. When launching instances in each availability zone, it will protect your
applications from the failure of a single location.

39) Differences between Amazon S3 and EC2?

S3

It is a storage service where it can store any amount of data.

It consists of a REST interface and uses secure HMAC-SHA1 authentication keys.

https://www.javatpoint.com/aws-interview-questions 19/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

EC2

It is a web service used for hosting an application.

It is a virtual machine which can run either Linux or Windows and can also run the
applications such as PHP, Python, Apache or other databases.

40) Can you establish a peering connection to a VPC in a different

region?

No, it's not possible to establish a peering connection to a VPC in a different region. It's only
possible to establish a peering connection to a VPC in the same region.

41) How many subnets can you have per VPC?

You can have 200 subnets per VPC.

42) When EC2 officially launched?

EC2 was officially launched in 2006.

43) What is Amazon Elasticache?

An Amazon Elasticache is a web service allows you to easily deploy, operate, and scale an in-
memory cache in the cloud. To know more about the Amazon Elasticache, click on the link
given below:

Click Here

44) What are the types of AMI provided by AWS?

There are two types of AMI provided by AWS:

Instance store backed

An instance-store backed is an EC2 instance whose root device resides on the

virtual machine's hard drive.

When you create an instance, then AMI is copied to the instance.

Since "instance store-backed" instances root device is stored in the virtual

machine's hard drive, so you cannot stop the instance. You can only terminate the
https://www.javatpoint.com/aws-interview-questions 20/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

instance, and if you do so, the instance will be deleted and cannot be recovered.

If the virtual machine's hard drive fails, then you can lose your data.

You need to leave this instance-store instance in a running state until you are
completely done with it.

You will be charged from the moment when your instance is started until your
instance is terminated.

EBS backed
An "EBS backed" instance is an EC2 instance that uses EBS volume as a root
device

EBS volumes are not tied to a virtual hardware, but they are restricted to an
availability zone. This means that EBS volume is moved from one machine to
another machine within the same availability zone.

If the virtual machine's fails, then the virtual machine can be moved to another
virtual machine.

The main advantage of "EBS backed" over "instance store-backed" instances is

that it can be stopped. When an instance is in a stopped state, then EBS volume
can be stored for a later use. The virtual machine is used for some other instance.
In stopped state, you are not charged for the EBS storage.

45) What is Amazon EMR?

An Amazon EMR stands for Amazon Elastic MapReduce. It is a web service used to process the
large amounts of data in a cost-effective manner. The central component of an Amazon EMR is
a cluster. Each cluster is a collection of EC2 instances and an instance in a cluster is known as
node. Each node has a specified role attached to it known as a node type, and an Amazon EMR
installs the software components on node type.

Following are the node types:

https://www.javatpoint.com/aws-interview-questions 21/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

Master node
A master node runs the software components to distribute the tasks among other nodes
in a cluster. It tracks the status of all the tasks and monitors the health of a cluster.

Core node
A core node runs the software components to process the tasks and stores the data in
Hadoop Distributed File System (HDFS). Multi-node clusters will have at least one core
node.

Task node
A task node with software components processes the task but does not store the data in
HDFS. Task nodes are optional.

46) How to connect EBS volume to multiple instances?

You cannot connect the EBS volume to multiple instances. But, you can connect multiple EBS
volumes to a single instance.

47) What is the use of lifecycle hooks in Autoscaling?

Lifecycle hooks perform custom actions by pausing instances when Autoscaling group
launches or terminates an instance. When instance is paused, an instance moves in a wait state.
By default, an instance remains in a wait state for 1 hour. For example, when you launch a new

https://www.javatpoint.com/aws-interview-questions 22/27
8/18/23, 4:04 PM Top 51 AWS Interview Questions (2023) - javatpoint

instance, lifecycle hooks pauses an instance. When you pause an instance, you can install a
software on it or make sure that an instance is completely ready to receive the traffic.

48) What is Amazon Kinesis Firehose?

An Amazon Kinesis Firehose is a web service used to deliver real-time streaming data to
destinations such as Amazon Simple Storage Service, Amazon Redshift, etc. To know more
about Amazon Kinesis Firehose, click on the link given below:

Click Here

49) What is the use of Amazon Transfer Acceleration Service?

An Amazon Transfer Acceleration Service is a service that enables fast and secure transfer of
data between your client and S3 bucket. To know more about Amazon Transfer Acceleration
Service, click on the link given below:

Click Here

50) How will you access the data on EBS in AWS?

EBS stands for Elastic Block Store. It is a virtual disk in a cloud that creates the storage volume
and attach it to the EC2 instances. It can run the databases as well as can store the files. All the
files that it store can be mounted as a file system which can be accessed directly. To know more
about EBS, click on the link given below:

Click Here

51) Differences between horizontal scaling and vertical scaling?

Vertical scaling means scaling the compute power such as CPU, RAM to your existing machine
while horizontal scaling means adding more machines to your server or database. Horizontal
scaling means increasing the number of nodes, and distributing the tasks among different
nodes.

https://www.javatpoint.com/aws-interview-questions 23/27