Top 90 AWS Interview Questions and Answers in 2023

Our contemporary life has brought about many changes and has increased the requirement of cloud professionals. AWS – Amazon Web Services is the most widely used cloud computing platform. AWS career is the in-demand career opportunity that can be grabbed. 

To build up your AWS career acing the AWS interviews would be the topmost priority. To help you with the interview process in building your AWS career, here are the topmost questions and answers that will be of great help.

Top 90 AWS Interview Questions and Answers

1. What is AWS?

It is the widely adopted cloud computing platform that offers around 200 fully-featured services from various data centers across the globe. Right from start-ups to established business organizations to the government agencies, are embracing AWS to cut down on cost, become dexterous and break new grounds.

2. Which are the three basic cloud services? How are the AWS products constructed based on them?

Computing –  Lightsat, Elastic Beanstalk, Auto-Scaling, Lambda and EC2.

Networking – Amazon CloudFront and Route 53.

Storage – Glacier, Elastic Block Storage, S3 and Elastic File System.

3. What do you mean by geo-targeting that is in CloudFront?

Businesses can use Geo-Targeting to show personalized content to their spectators on the basis of their terrestrial location without replacing the URL.

4. Explain the function auto-scaling?

Function auto-scaling allows one to provide and launch new exemplar whenever there is a demand.

5. Is there any relation between the AWS Region and Availability Zone? Explain.

Yes, AWS regions are distinct geographical areas. Whereas, availability zones are the locations present inside AWS regions.

6. Explain the steps associated with a CloudFormation solution.

1. Construct or utilize an existing CloudFormation template utilizing JSON & YAML format.
2. Save your created code template in an S3 bucket or locally.
3. Use AWS CloudFormation to make a stack on your template.
4. The CloudFormation will identify the file and comprehend the services that are specified.

7.  How can you identify if you are paying more than you should be, using AWS?

• Top Services Table – It is a dashboard in the cost management console that shows you the top five most utilized services. This will give you a summary of the  money spent on the resources in question.
• Cost Explorer – These are helpful to view and examine your usage costs of the last 13 months. One can also have a cost forecast for the upcoming three months.
• AWS Budgets – This is a planning tool to budget your AWS services. It will also analyze your current plan, whether it meets your budget and how you use the services.
• Cost Allocation Tags – Helps to identify the resource that has been costly in a particular month. It keeps a track of your AWS costs.

8.  List few of the AWS services that are not region-specific.

• IAM 
• Web Application Firewall 
• CloudFront
• Route 53

9. How do you use AWS to set up a system to monitor website metrics in real-time?

• State changes in Amazon EC2
• Auto-scaling lifecycle events
• Scheduled events
• AWS API calls
• Console sign-in events

10. How would you fix this real-time case:

“You are furnishing a service in a particular region, but you do not see the service in that region.”

If you see that a specific service is not available in a particular region, you can switch to the nearest available region that provides that service.

11. Suggest how to enhance or diminish a system with almost nil downtime?

1. Open EC2 console
2. Select operating system AMI
3. Launch with the new instance type
4. Induct the updates
5. Induct applications
6. Check the instance if it’s operational
7. If operational, employ the new instance and oust the older instance
8. Once employed, enhance or diminish the system with almost nil downtime

12. Suggest services that can be used to construct a centralized logging solution?

The necessary services that can be used are Amazon CloudWatch Logs, save them in Amazon S3, and then utilize Amazon Elastic Search to see them. Amazon Kinesis Firehose can be used to move the data from Amazon S3 to Amazon ElasticSearch.

13. What are the indegenious AWS Security logging potentialities?

AWS CloudTrail and AWS Config.

14. What are the different types and differences of virtualization in AWS?

HVM (Hardware Virtual Machine) – This is a complete virtualized hardware, where all the virtual machines act different from each other. These virtual machines boot by executing a master boot record in the root block device of your image.

PV (Paravirtualization) – Paravirtualization-GRUB is the bootloader that boots the PV AMIs. 

PV on HVM – PV on HVM helps operating systems take advantage of storage and network I/O available through the host.

15. What is a DDoS attack, how can it be curbed?

DDoS is a cyber-attack, in which the perpetrator accesses a website and creates multiple sessions. It can be curbed by using

• AWS Shield
• Amazon CloudFront
• Amazon Route53
• ELB
• VPC
• AWS WAF

16. What are Solaris and AIX operating systems?

Solaris uses SPARC processor architecture that is not supported by the public cloud currently. 

AIX runs only on Power CPU and not on Intel, which means that you cannot create AIX instances in EC2.

17. Which are the tools other than the console that can be used to log into AWS resources?

• Putty
• Eclipse
• AWS CLI for Linux

18. How to set up an SSH agent forwarding to avoid copying the key each time you log in?

• Enter the PuTTY Configuration
• Select the category SSH -> Auth
• Permit SSH agent forwarding as your instance

19. State the various types of EC2 instances with regards to their costs.

On-demand Instance, Reserved Instance and Spot Instance.

20. State the difference between stopping and terminating an EC2 instance?

When an EC2 instance is stopped, a normal shutdown is performed by the instance and it is moved to a stopped state. But, when an EC2 is terminated, it is moved to a stopped state, as well as the EBS volumes tagged to it are deleted and can never be retrieved.

21. Define AIX and Solaris operating systems?

AIX is an operating system that runs only on Power CPU and not on Intel, so one cannot fabricate AIX instances in EC2.

Solaris is an operating system that uses SPARC processor architecture, but is not supported by the public cloud currently.

22. Mention how you would permit an user to get access to a particular bucket?

1. Classify your instances
2. Interpret how authorized users can manage specific servers
3. Lockdown your tags
4. Tag the policies to IAM users

23.  State the ordinary variants of AMI designs?

1. Fully Baked AMI
2. Hybrid AMI
3. Just Enough Baked AMI (JeOS AMI)

24.  Imaging that you have lost the key to an EC2 instance, how would you recover it to login?

1. Check if the EC2Config service is running
2. Disconnect the root volume for the instance
3. Connect the volume to a temporary instance
4. Alter the config. file
5. Now, restart the original instance.

25. State a few important differences between EBS and AWS S3?

Characteristics	EBS	AWS S3
Redundancy	Within a data center	Across data centers
Paradigm	Filesystem	Object Store

26. Give details to set up CloudWatch to retrieve an EC2 instance?

Set an alarm using Amazon CloudWatch

In the alarm, go to Define Alarm -> Actions tab, choose recover this instance option.

27. How would you monitor S3 cross-region replication?

The CRR Monitor instinctively monitors the replication status of S3 objects throughout the accounts in a particular AWS Region.

28. How can Amazon VPC be monitored?

It can be monitored using the VPC Flow logs, CloudWatch and CloudWatch logs

29.  Is there a way to connect multiple sites to a VPC?

Yes, by creating a secured communication between the multiple sites using the AWS VPN CloudHub.

30. Mention some of the security products and features present with VPC?

1. Security groups 
2. Flow logs
3. Network Access Control

31. How would you fix a situation when the VPC is not being resolved to the server through DNS.

By enabling the DNS hostname resolution one can fix the situation when the VPC does not get resolved to the server through DNS.

32. State the process to add an existing instance to a new Auto Scaling group?

1. Open EC2 console
2. Select your instance under Instances
3. Choose Actions -> Instance Settings -> Attach to Auto Scaling Group
4. Select a new Auto Scaling group
5. Attach this group to the Instance
6. Edit the Instance if required
7. Now successfully add the instance to a new Auto Scaling group

33. State the components to be considered while migrating to Amazon Web Services?

• Operational Costs
• Workforce Productivity 
• Cost Prevention
• Operational Pliability
• Business Swiftness

34. List down the elements of an AWS CloudFormation template.

1. Template parameters
2. Output values
3. Data tables
4. Resources
5. File format version

35. Which is the best option to transfer a high volume of data?

The best option to transfer a high volume of date would be AWS Snowball.

36. State why is AWS CloudFormation different from AWS Elastic Beanstalk?

AWS CloudFormation identifies and describes all of the infrastructure resources that are in the cloud environment. However, AWS Elastic Beanstalk furnishes an environment that  makes running applications in the cloud easy.

37. Mention what do mean with RPO and RTO in AWS.

RPO is the Recovery Point Objective – is the maximum amount of data loss a company would be willing to take on as measured in time.

RTO is the Recovery Time Objective – is the maximum time the business or organization would be willing to wait for a recovery to be fixed in the wake of a breakdown. 

38. What would be the consequence if the resources in a stack are not generated successfully?

If the resources in the stack are not generated successfully, then the CloudFormation will automatically roll back and terminate.

39. Can one automate EC2 backup using EBS? How?

Yes, Capture the instances and connect to AWS through API to list the Amazon EBS volumes that are attached locally. Then, list the snapshots of each volume, allocate a retention period of the snapshot.

40. State the difference between Instance Store and EBS.

Instance Store is a temporary storage that is physically attached to a host machine. With an Instance Store, detaching and attaching instances with one another, cannot be done. EBS is a permanent storage where the data is restored later on.

41. How can you take a backup of EFS like EBS?

1. Sign in to the AWS Management Console
2. Click the launch EFS-to-EFS-restore button
3. Tap the region selector in the console navigation bar to tick region
4. Check if you have chosen the correct template on the Select Template page
5. Assign a name to your solution stack
6. Review the parameters for the template and modify them if required.

42.  Is there a way to auto-delete old snapshots?

Yes, Take snapshots of the EBS volumes on Amazon S3 and use AWS Ops Automator to handle all the snapshots automatically.

43. State the three load balancers in AWS?

1. Application Load Balancer
2. Classic Load Balancer
3. Network Load Balancer

44. State the uses of load balancers in AWS Elastic Load Balancing?

• Application Load Balancer – Used when a flexible application management and TLS termination is required.
• Network Load Balancer – Used when extreme performance and static IPs for your applications are required.
• Classic Load Balancer – Used when the application is built within the EC2 Classic network.

45. Can AWS WAF be used to monitor the different AWS applications?

Yes, AWS WAF or the AWS Web Application Firewall protects your web applications from web exploitations.

46. State the various AWS IAM categories that a user can control?

• Authenticate and run IAM users
• Authenticate and run policies to grant access to AWS services and resources

47. Mention a few of the policies that can be set for user passwords?

• A minimum length of the password could be fixed and set, or the user can be asked compulsorily to add at least one number or a special character.
• Automatic password expiration, prevent reuse of old passwords, and request for a password reset upon their next AWS sign in could be set.

48. State the distinction between an IAM role and an IAM user?

An IAM role is an IAM body that defines a number of permissions to make AWS service requests, whereas an IAM user has permanent long-term credentials and is used to interact with the AWS services directly.

49. State the two managed policies in AWS IAM?

Two managed policies in AWS IAM are; one that is managed by the user and one that is managed by AWS. They are IAM resources that give permissions using IAM policy language. One can create, edit, and manage them separately from the IAM users, groups, and roles to which they are attached.

50. How does AWS IAM help business?

Helps to manage IAM users and their access.

51. What can be included in the IAM policy?

IAM policy can be inclusive of granting access to add, update, and delete objects from a specific folder.

52. State the difference between Geo DNS and Latency Based Routing?

The Geo DNS routing takes decisions based on the geographic location of the request. However, the Latency Based Routing utilizes latency suspension between networks and AWS data centers.

53. State the difference between a Hosted Zone and a Domain?

Hosted zone is a repository that holds information on how to route traffic on the internet for a specific domain. While, a domain is a cluster of data.

54. Does Amazon Route 53 provide high availability and low latency? How?

Yes, here is how Amazon Route 53 provides high availability and low latency by using Optimal Locations, Globally Distributed Servers and Dependency.

55. How are AWS config and AWS CloudTrail integrated?

One can use a CI to ascertain what the AWS resource looks like at any given point in time. However, by using CloudTrail, one can quickly answer an API call to modify the resource.

 

56. Is AWS Config capable to build-up data across different AWS accounts?

Yes, one can install AWS Config to deliver configuration updates from different accounts to one S3 bucket, once necessary IAM policies are applied to the S3 bucket.

57. Examine the difference between reserved instances and on-demand DB instances?

Reserved instances and on-demand DB instances are at par as far as their functions are concerned. They diverge in the way they are billed.

58. Mention the types of scaling for RDS.

Vertical scaling and Horizontal scaling.

59. Explain the maintenance window in Amazon RDS?

RDS maintenance window lets the user decide if DB instance modifications, database engine version upgrades, and software patching have to occur. 

60. Which are the uniform models in DynamoDB?

Eventual Consistency Model and Strong Consistency Model.

61.  Which query functionality does DynamoDB support?

DynamoDB supports GET/PUT operations by using a user-defined primary key. It provides pliable querying by letting the query be on non-primary vitality, using global secondary indexes and local secondary indexes.

Multiple-choice AWS Interview Questions and Answers:

62. If you are a game designer and want to develop a game with single-digit millisecond latency, select the correct service.

1. Amazon RDS
2. Amazon Neptune
3. Amazon Snowball
4. Amazon DynamoDB

63. Which service would you use to perform real-time monitoring of AWS services and get actionable insights?

1. Amazon Firewall Manager
2. Amazon GuardDuty
3. Amazon CloudWatch
4. Amazon EBS

64. As a web developer, while developing a mobile app, which of the following will let you add user sign-up, sign-in, and access control?

1. AWS Shield
2. AWS Macie
3. AWS Inspector
4. Amazon Cognito

65. As a Machine Learning Engineer you are on the lookout for a solution that will discover sensitive information that your company stores in AWS and uses NLP to classify the data and provide business-related information. Which service would you choose?

1. AWS Firewall Manager
2. AWS IAM
3. AWS Macie
4. AWS CloudHSM

66. You are the system administrator in your company, which is running most of its infrastructure on AWS. You are assigned the job to track your users and keep tabs on how they are being verified. You need to create and manage AWS users and use permissions to monitor their access to AWS resources. Which service would you use?

1. AWS Firewall Manager
2. AWS Shield
3. Amazon API Gateway
4. AWS IAM

67. Which service amongst these would you use if you want to allocate various private and public IP addresses to make them communicate with the internet and other instances?

1. Amazon Route 53
2. Amazon VPC
3. Amazon API Gateway
4. Amazon CloudFront

68. Which service provides you with cost-efficient and resizable capacity while automating time-consuming administration tasks?

1. Amazon Relational Database Service
2. Amazon Elasticache
3. Amazon VPC
4. Amazon Glacier

69. Which is a way to access human researchers or consultants to help solve problems on a contractual or temporary basis?

1. Amazon Mechanical Turk
2. Amazon Elastic Mapreduce
3. Amazon DevPay
4. Multi-Factor Authentication

70. Which service is used to make it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS. 

1. Amazon Elastic Container Service
2. AWS Batch
3. AWS Elastic Beanstalk
4. Amazon Lightsail

71. Which service lets you run code without provisioning or managing servers?

1. Amazon EC2 Auto Scaling
2. AWS Lambda
3. AWS Batch
4. Amazon Inspector

72. As an AWS Developer which service will enable you to send, store, and receive messages between software components?

1. AWS Step Functions
2. Amazon MQ
3. Amazon Simple Queue Service
4. Amazon Simple Notification Service

73. Which service would you use if you would like to host a real-time audio and video conferencing application on AWS?

1. Amazon Chime
2. Amazon WorkSpaces
3. Amazon MQ
4. Amazon AppStream

74. Which service would you use in AWS to design thousands of similar individual jobs?

1. AWS EC2 Auto Scaling
2. AWS Snowball
3. AWS Fargate
4. AWS Batch

75. Which among the following would you choose if you were a Machine Learning engineer and are looking for a service that helps you build and train Machine Learning models in AWS?

1. Amazon SageMaker
2. AWS DeepLens
3. Amazon Comprehend
4. Device Farm

76. Imagine that you are working for your company’s IT team. What would you choose if you were assigned to adjust the capacity of AWS resources based on the incoming application and network traffic?

1. Amazon VPC
2. AWS IAM
3. Amazon Inspector
4. Amazon Elastic Load Balancing

77. Which amongst is the cross-platform video game development engine that supports PC, Xbox, Playstation, iOS, and Android platforms allows developers to build and host their games on Amazon’s servers.

1. Amazon GameLift
2. AWS Greengrass
3. Amazon Lumberyard
4. Amazon Sumerian

78. Which would you choose if you were a Project Manager of your company’s Cloud Architects team and are required to visualize, understand and manage your AWS costs and usage over time?

1. AWS Budgets
2. AWS Cost Explorer
3. Amazon WorkMail
4. Amazon Connect

80. A part of your marketing work requires you to push messages onto Google, Facebook, Windows, and Apple through APIs or AWS Management Console. Which of the following services do you use?

1. AWS CloudTrail
2. AWS Config
3. Amazon Chime
4. AWS Simple Notification Service

One-word AWS Interview Questions and Answers

81. If you are a game designer and want to develop a game with single-digit millisecond latency, which database service would you use?

Amazon DynamoDB

82. If you need to perform real-time monitoring of AWS services and get actionable insights, which service would you use?

Amazon CloudWatch

83. As a web developer, you are developing an app, targeted primarily for the mobile platform. Which function lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily?

Amazon Cognito

84. You are a Machine Learning Engineer who is on the lookout for a solution that will discover sensitive information that your enterprise stores in AWS and then use NLP to classify the data and provide business-related insights. Which service would you choose?

AWS Macie

85. You are the system administrator in your company, which is running most of its infrastructure on AWS. You are asked to track the users and keep tabs on how they are being authenticated. Which service would you use?

AWS IAM

86. Which service would you use if you want to allocate various private and public IP addresses to make them communicate with the internet and other instances?

Amazon VPC

87. Which service provides you with cost-efficient and resizable capacity while automating time-consuming administration tasks?

Amazon Relational Database Service

88. Which is a way to access human researchers or consultants to help solve problems on a contractual or temporary basis?

Amazon Mechanical Turk

89. Which service is used to make it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS.

Amazon Elastic Container Service

90. Which service lets you run code without provisioning or managing servers?

AWS Lambda

The above-mentioned AWS interview questions and answers are only samples of what you can come across while appearing for the AWS career interviews. If you are keen to learn AWS in detail, check out the AWS Solutions Architecht Training Course offered by Henry Harvin Education.