AWS Interview Question-5

Explain few points about AWS Availability Zones.

  • In AWS, each region has many availability zones
    (usually 3, min is 2, max is 6). Example:
    • ap-southeast-2a
    • ap-southeast-2b
    • ap-southeast-2c
  • Each availability zone (AZ) is one or more discrete data centers with redundant power,networking, and connectivity
  • They’re separate from each other
  • They’re isolated from disasters.
  • They’re connected with high bandwidth,ultra-low latency networking.

You have to retrieve some items from a DynamoDB table using the primary key. What API call will provide better performance?

​Ans: Query- In a Query operation, DynamoDB retrieves the items in sorted order, and then processes the items using KeyConditionExpression and any FilterExpression that might be present. Only then are the Query results sent back to the client. A Query operation always returns a result set.

GetItem- The GetItem operation returns a set of attributes for the item with the given primary key.

Your Team lead is developing a business intelligence application that performs analytics and your team lead wants to integrate it with a fully managed data warehouse service. What AWS DB platform is suitable for your case?

Redshift.Amazon Redshift is a fully-managed petabyte-scale cloud based data warehouse product designed for large scale data set storage and analysis.

Your Team lead want to run bash commands on your Linux EC2 Instance during its first launch. What option should he use to run the bash commands ?​

User Data.When we launch an instance in Amazon EC2, we have the option of passing user data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts. We can pass two types of user data to Amazon EC2: shell scripts and cloud-init directives.

What section is required in every CloudFormation template?​

Resources​ and Stacks must have unique names. AWS CloudFormation is a service that gives developers and businesses an easy way to create a collection of related AWS and third-party resources.
AWS CloudFormation recreates the resource during an update, which also generates a new physical ID.
AWS CloudFormation usually creates the replacement resource first, changes references from other dependent resources to point to the replacement resource, and then deletes the old resource.

We should have resource names unique across all active stacks. If you don’t specify a unique name, CloudFormation generates a unique physical ID to name the resource.

AWS Lambda is an important AWS service. Suppose You have a node.js lambda function that relies upon and external graphics library. What is the best way to include the external graphics library without consuming excessive lambda compute resources.

Ans:-Install the libraries with NPM before creating the deployment package

As part of AWS Big Data activity, we have to utilize AWS S3 services frequently. Consider You have given S3 bucket access to another AWS account. You are trying to change an object’s permissions but can’t. What do you need to do?

Ans:-Ask the object owner to change permissions

What will you use if you have to do automating deployments?

Ans: use the CLI. AWS CodeDeploy fully automates your software deployments, allowing you to deploy reliably and rapidly.

We use AWS Lambda function frequestly in AWS Big data technology. Suppose you have created a lambda function to insert information to an RDS database over 20 times per minute. You are finding that the execution time is excessive. How can you improve the performance?

Ans:-increase the size of the rds instance.

  1. Log into console.
  2. Go to Services -> Relational Database Service.
  3. Select Instances.
  4. Select your “reader” instance:
  5. Choose Instance Action -> Modify:
  6. Select the size you want to change it to:
  7. Click Continue:
  8. Select “Apply Immediately” then click “Modify DB Instance

You have created your own EC2 Instance and now you have got one requirement from client.As per requirement, Your team have to encrypt all data at rest. How to implement this policy on the EBS volumes attached to your EC2 instances without over-engineering?​

Ans- Enable KMS encryption for EBS volumes.

How to encrypt a new EBS volume

  1. In the AWS Management Console, select EC2.
  2. Under ‘Elastic Block Store’ select ‘Volumes
  3. Select ‘Create Volume
  4. Enter the required configuration for your Volume.
  5. Select the checkbox for ‘Encrypt this volume
  6. Select the KMS Customer Master Key (CMK) to be used under ‘Master Key’

In cloudformation,What option for Parameter is useful if you pass in a sensitive value like a password?

Ans:-NoEcho. You can mask your password using cloud formation template.All you need to is set “NoEcho” to “true” inside parameters 

When you update a stack, you modify the original stack template then AWS CloudFormation:

Ans:-updates only the resources that you modified

You have created one EC2 instance and your application is running on EC2 instance.You are using AWS X-ray to record trace data for requests to your application running on EC2. Unfortunately, the trace data is not appearing in the X-ray console. You are in the Sao Paulo region. What is the most probable cause?

Ans:-the ec2 instance does not have a role with permissions to send trace segments or telemetry records

We have multiple No SQL databses in AWS. Suppose you have created an e-commerce site using DynamoDB. When creating a primary key on a table which of the following would be the best attribute for the primary key?

Ans:-user_id where there are many users to few products

We can create IAM role and provide access to particular EC2 instance.How can you check an IAM role for permissions to a Kinesis stream is associated to an EC2 instance?

Ans:-Check the EC2 instance metadata at iam/security-credentials/role-name

The maintenance of EC2 instance and its storage consumes your development time. Your manager asks you to come up with a solution that will save in time spent managing the application on the EC2 instance. What do you suggest?​

​Ans- We can migrate to ECR.

In SQS, what is the default visibility timeout for a message?​

​Ans -30 seconds

 You have developed an application that calls the Amazon CloudWatch API. Your application receives ThrottlingException HTTP Status Code: 400 errors when making GetMetricData calls. How can you fix this problem?

Ans:-Implement exponential backoff algorithm for retries.In addition to simple retries, each AWS SDK implements exponential backoff algorithm for better flow control.

The ecommerce application accesses sensitive data and you would like to implement Multi Factor authentication. How would you achieve this?

Ans:-Use Cognito Multi Factor authentication (MFA)

You have created one EC2 Instance.You want to host multiple secure websites on a single EC2 server using multiple SSL certificates. How can you achieve this?

Ans:-Assign a secondary private IPv4 address to a second attached network interface. Associate an elastic IP address with the private IPv4 address.

Your AWS CodeBuild project keeps failing to compile your code. How can you identify what is happening?

Ans:-Check the build logs in the CodeBuild console

Your Lambda function integrates with other AWS serverless services. You would like to deploy this application and be able to rollback any deployments that are not successful. What will you do?

Ans:-Create a zip file containing your code and libraries. Upload the deployment package using the Lambda console or AWS CLI/SDKs CreateFunction.

You are AWS Solution architect or developer in your company. Now Your organisation would like to have clear separation of costs between departments. What is the best way to achieve this?

Ans:-Create separate AWS accounts for departments and use consolidated billing

Your lambda function throws an exception. Where should you investigate the issues?​

​Ans- In CloudWatch Logs

One of the instances is unhealthy and not receiving traffic. After the instance becomes healthy again you will need to:

Ans:-Do nothing, the ELB will automatically direct traffic to the instance when it becomes healthy.

You have created an alias in IAM for your company called cloudvikas-com. What will be the login address for your IAM users?


In AWS BIGDATA project we used to have streaming tool to consume records from application. Such as You have an Amazon Kinesis Stream that is consuming records from an application. The kinesis Stream consists of multiple shards. A Lambda function will process the records from the Kinesis Stream. What order will the records be processed.

Ans:-In the exact order it is received by each Kinesis shard on a FIFO basis. Order across shards is not guaranteed.

In SQS, what does long polling mean ?​
Ans – The worker will wait to receive a message until a message is available or until timeout

You provisioned five EC2 instances to process messages from an SQS queue. Most of the time, the majority of the EC2 instances are idle for certain reasons. How to reduce the cost of this solution while keeping the functionality as it is?​

Put the EC2 instances inside an Auto Scaling group and scale based on the queue size

You have created one S3 bucket. You have enabled server side encryption on an S3 bucket. How do you decrypt objects?

Ans:-S3 automatically decrypts objects when you download them.

You have developed an application and it is getting overloaded because of heavy workload. You would like to increase the capacity of an rds application for read heavy workloads. How would you do this?

Ans:-Add read replicas with multiple connection strings and use Route 53 Multivalue Answer Routing.

You have developed a HTML5 website with a custom domain name on S3. You have a public software library on another S3 bucket but your browser prevents it from loading. What do you need to do?

Ans:-enable CORS on the website bucket

You have created a lambda function that is failing when deployed due to the size of the deployment package zip file. What can you do?

Ans:-Create multiple Lambda functions and coordinate using AWS Step Functions

You would like to deploy an AWS lambda function using the AWS CLI. Before deploying what needs to be done?

Ans:-Package the local artefacts to S3 using cloudformation package CLI command

You would like to use Amazon API gateway to interface with an existing SOAP/XML backend. API Gateway will receive requests and forward them to the SOAP backend. How can you achieve this?

Ans:-Use API Gateway mapping templates to transform the data for the SOAP backend