A division of Amazon.com, Amazon Web Services provides the market with scalable, affordable, and trustworthy cloud computing services.
According to the report, Amazon Web Services has a market share of 41.43 percent, which means that there are many prospects for those who want to excel in AWS development
Here are a few interview questions to assist you ace the meeting and perform admirably.
The acronym for Amazon Web Services is AWS. It is a service offered by Amazon that makes use of a distributed IT infrastructure to deliver various IT resources as needed. It offers a variety of services, including platform as a service, infrastructure as a service, and software as a service.
The primary elements of AWS are as follows:
Simple Storage Service: Files are stored through the Simple Storage Service (S3), an AWS service. Since it is object-based storage, you can store things like word documents,
pdf files, and photos. Files can range in size from 0 bytes to 5 TB when stored in S3. You can store as much data on it as you want because it has unlimited storage capacity.
The files are kept in a bucket that is part of S3. Similar to a folder, a bucket holds the files. Because it is a universal namespace, the name must be distinctive everywhere.
The name of each bucket must be distinct in order to provide a distinctive DNS address.
Elastic Compute Cloud: A web service that offers scalable compute capacity in the cloud is called Elastic Compute Cloud. According to changes in computing needs, you can scale the compute capacity up or down. By allowing you to pay only for the resources that you really use, it transforms the economics of computing.
For usage with EC2 instances in the AWS cloud, the Elastic Block Store offers a persistent block storage volume. To avoid component failure, EBS volumes are automatically replicated within their availability zone. In order to operate your workloads, it provides high durability, availability, and low latency performance.
CloudWatch is a service used to continuously monitor all of your AWS resources and running applications. It gathers and keeps track of the metrics used to assess your apps and resources.
Identity Access Administration is an AWS service that controls who has access to the AWS management console and at what level. Users, permissions, and roles are set using it. It enables you to grant authorization to the various AWS platform components.
Amazon Simple Email Service is a cloud-based email sending service that enables mobile app developers and digital marketers to send transactional, marketing, and notification emails. Businesses of all sizes who wish to stay in touch with their consumers may do so with this service, which is very dependable and reasonably priced.
Route53: It is a DNS (Domain Name Service) service that offers high availability and scalability. By converting domain names into numeric IP addresses, it offers developers and enterprises a dependable and affordable way to direct end users to internet applications.
When there is a need, you can provision and launch new instances using the auto-scaling capability. You can automatically raise or lower resource capacity in response to demand.
The login information is encrypted and decrypted using public key cryptography on an Amazon EC2. In public key cryptography, the information is encrypted using the public key, and it is decrypted at the receiving end using a private key. Key pairs are made up of the public key and the private key. You can safely access the instances using key-pairs.
Various kinds of cloud services include:
Software as a Service (SaaS)
Data as a Service (DaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
AWS With Lambda, you can run code without having to manage servers. When necessary, a lambda function will execute your code. You need to pay just while your code is executing.
Depending on the user's location, the distributed servers that make up the CloudFront computer delivery network send web pages and other online content to the user.
A region is a physical location made up of two or more availability zones. A region is a group of data centres that are totally cut off from one another.
Data centres that are part of an availability zone can be found anywhere, including cities. Multiple servers, switches, firewalls, and load balancing are possible in a data centre.
The components that allow for cloud interaction are found inside the data centre.
For usage with EC2 instances in the AWS cloud, the Elastic Block Store service offers a persistent block storage volume. To guard against component failure, EBS volume automatically replicates within its availability zone. In order to operate your workloads, it provides high durability, availability, and low latency performance.
A DDoS attack involves accessing a website and setting up several sessions in order to prevent other authorised users from using the service. The following native tools can assist you in blocking DDoS attacks against your AWS services:
AWS Shield
AWS WAF
Amazon Route53
Amazon CloudFront
ELB
VPC
An EC2 instance offers the service of EIP (Elastic IP address). Basically, it is an EC2 instance's static IP address. This address belongs to your Amazon Web Services (AWS) account, not an EC2 instance. Additionally, you can transfer your EIP address to another EC2 instance in your AWS account and detach it from your current EC2 instance.
The different categories of instances are as follows:
Type of General Purpose Instance
The instances that businesses use the most are general-purpose ones. General Purpose instances come in two varieties: Fixed performance (like M3 and M4) and Burstable performance
(eg. T2). Sectors like development environments, build servers, code repositories, low traffic websites and web apps, micro-services, etc. use this type of instance.
The general-purpose instances are as follows:
T2 instances: When they are not in use, T2 instances receive CPU credits. When they are, they make use of the CPU credits. These instances don't regularly use the CPU, but it can
spike to a greater level if the workload calls for it.
The most recent iteration of general purpose instances is called an M4 instance. The best option for controlling memory and network resources is to use these instances. They are primarily employed in situations where there is a strong need for micro-servers.
M3 instances: An earlier version of M4 is known as M3 instances. The M4 instance is mostly used for memory-intensive data processing operations, fleet caching, and operating SAP and other enterprise applications' backend servers.
Type of compute-optimized instance
The C4 and C3 instance types make up the compute-optimized instance type.
C3 instance: C3 instances are mostly used for programmes that demand a lot of CPU power. These instances, which feature high-performing processors, are primarily advised for
applications that call for significant computing power.
The replacement for C3 instance is called C4 instance. The C4 instance is mostly used for programmes that demand a lot of processing power. Hardware virtualization is used, and the processor is an Intel E5-2666 v3 processor. C4 instances can operate at a speed of 2.9 GHz and can increase to 3.5 GHz, per the AWS standards.
GPU Instances
G2 instances, which are mostly used for gaming applications requiring powerful graphics and 3D application data streaming, make up GPU instances. It is equipped with a powerful NVIDIA GPU that works well with applications for streaming graphics, audio, and video. NVIDIA drivers must be installed in order to launch the GPU instances.
Memory Optimised Instances
R3 instances that are optimised for memory-intensive workloads make up Memory Optimized Instances. The newest Intel Xeon lvy Bridge processor is used in the R3 instance. 63000 MB/sec of memory bandwidth is supported by an R3 instance. High-performance databases, in-memory analytics, and distributed memory caches are available with R3 instances.
Storage Optimized Instances
I2 and D2 instances are the two types of instances that make up Storage Optimized Instances.
I2 instance: It offers a powerful SSD that is necessary for accessing huge data sets sequentially for both reading and writing. Additionally, it offers your programmes random I/O operations.
Applications like relational databases, NoSQL databases, cache for in-memory databases, data warehousing applications, and low latency ad-tech serving systems are best suited for it. It
is also well suited for high-frequency online transaction processing systems
Using secure appliances, Snowball is a petabyte-scale data transit solution that moves enormous volumes of data into and out of the AWS cloud.
An EC2 instance can be stopped, and stopping an instance means terminating it. You can restart the instance as well because the corresponding EBS volume is still
connected to an EC2 instance.
Termination: You have the option of terminating the EC2 instance, which entails removing it from your AWS account. An instance's corresponding EBS is also erased when it is terminated.
You are unable to restart the EC2 instance because of this.
AWS Service Tool Elastic Transcoder assists you in modifying a video's format and resolution to support a variety of devices, including tablets, smartphones, and laptops with varied resolutions.
Virtual Private Cloud is referred to as VPC. You can personalise your networking setup with it. A logical barrier separates a virtual private cloud (VPC) network from other cloud networks. It enables you to have your own personal subnet, security group, and IP address range.
Network address translation is referred to as NAT. An EC2 instance in a private subnet can be connected to the internet or other AWS services using this AWS service.
Simple Notification Service is referred to as SNS. It is a web service that offers the ability to publish messages from one application and send them to other apps in a way that is extremely scalable, economical, and customizable. It is a method of messaging.
Access includes two types:
Console Access: A user must generate a password to sign into their AWS account if they wish to use the Console Access.
Programmatic Access: An IAM user must perform an API call if you use the programmatic access. The AWS CLI can be used to make an API call. You must make a secret access key and access key ID before using the AWS CLI.
Each VPC may support 200 subnets.
As a REST service, Amazon S3 allows you to send requests using either the REST API directly or the AWS SDK wrapper libraries.
Your AWS account will receive a Virtual Private Cloud (VPC), which is a virtual network. You must specify the IPv4 addresses, which come in the form of CIDR blocks, while creating a virtual cloud. You must build the subnets for each availability zone after creating the VPC. Every subnet has its own ID. Your applications will be shielded from the failure of a single location when instances are launched in each availability zone.
AWS offers a function called "Connection Draining" that enables your servers, which are either being updated or withdrawn, to continue handling current requests.
If connection draining is turned on, the load balancer will permit an outgoing instance to finish its existing requests for a predetermined amount of time but won't send it any new ones. An outgoing instance will immediately terminate without connection draining, and any pending requests on that instance will fail.
No, an EC2 instance's private IP address cannot be altered. A private IP address is given to each newly started EC2 instance at the moment of boot. This private IP address is permanently assigned to the instance and cannot be modified.
To add an extra wait time to a scale-in or scale-out event, auto-scaling uses lifecycle hooks.
Yes, you may do it using AWS' Multipart Upload Utility. Larger files can be submitted in many, independent sections using the Multipart Upload Utility. By uploading these pieces simultaneously, you can also speed up the upload process. The original file from which the pieces were formed is created once the parts have been uploaded and combined into a single object or file.
A stateful firewall is one that keeps the set of rules in their current state. You must only set rules for inbound traffic. The outgoing traffic is automatically allowed to flow based on the set inbound rules. A Stateless Firewall, on the other hand, necessitates that you explicitly set rules for both inbound and outbound traffic. A Stateless Firewall will not let outgoing traffic to Port 80 if you permit inbound traffic from Port 80, but a Stateful Firewall will.
The majority of AWS services include logging options. Additionally, several of them, including AWS CloudTrail, AWS Config, and others, include account-level logging. Let's focus on these two services in particular:
AWS Cloudtrail
This service offers a record of each account's AWS API calls over time. You can use it to analyse security risks, keep track of resource changes, and audit compliance in your AWS environment. The best feature of this service is that you can set it up to notify you via AWS SNS when fresh logs are received.
AWS Config
This aids in your comprehension of environment-related configuration modifications. This service offers an AWS inventory that contains relationships between AWS resources, configuration history, and notification of configuration changes. When fresh logs are received, it can also be configured to disseminate information via AWS SNS.
The AWS services listed below are available worldwide:
IAM
Route 53
Web Application Firewall
CloudFront
Customers of Amazon migration services can stream data to Amazon S3, Aurora, DynamoDB, DocumentDB, or Redshift to create an exact copy of their data from their database system to Amazon's databases.
Amazon Database Migration Service (DMS): Data can be quickly transferred from an on-premises database to the cloud using Amazon Database Migration Service (DMS), a tool. RDBMS systems including Oracle, SQL Server, MySQL, and
PostgreSQL are supported by DMS both locally and in the cloud.
Amazon Server Migration Services (SMS): On-premises workloads can be transferred to the Amazon Web Services cloud with the aid of Amazon Server Migration Services (SMS). SMS switches a client's VMware server to an Amazon
Machine Image in the cloud (AMIs),
Amazon Snowball: In low connectivity areas, Amazon Snowball is a data transit solution for data gathering, machine learning, processing, and storage.
A load balancer is a virtual machine that evenly distributes the demand on your web application, which may be receiving HTTP or HTTPS traffic. It distributes the workload among several servers so that none of them overload.
Elastic Load Balancing is compatible with three different types of load balancers:
Application Load Balancer: when flexible application management and TLS termination are required.
Network Load Balancer: Used if your applications require exceptional performance and static IPs.
Classic Load Balancer: If your application was developed for the EC2 Classic network.
S3
It is a storage service with unlimited storage capacity.
It utilises secure HMAC-SHA1 authentication keys and has a REST interface.
EC2
A web service that hosts applications is what it is.
It is a virtual computer that can run Windows or Linux as well as programmes like PHP, Python, Apache, or other databases.