AWS Essential Ques and Ans

1. What is AWS ?

Answer: Amazon Web Services (AWS) is a comprehensive cloud

computing platform provided by Amazon. It offers services such as
computing power, storage, networking, and databases, which help
businesses scale their applications globally.

2. What are Availability Zones (AZs) in AWS?

Answer: Availability Zones are isolated locations within a region where

AWS data centers are located. Each region contains multiple AZs to
provide redundancy, reducing the chance of downtime due to outages
in one data center.

3. What is an AWS Region?

Answer: An AWS Region is a geographic area that consists of multiple

Availability Zones. Each region operates independently and contains
its own set of data centers, allowing for data redundancy and
compliance with local regulations.

4. What is Amazon EC2?

An EC2 instance is a service from AWS that lets you run apps,
websites, or other tasks in the cloud. Instead of using a physical
computer, AWS gives you a resource that acts like one, where you can
store and process data.
The best part about EC2 is that it’s flexible. You can choose how much
computing power, memory, or storage you need, depending on your
workload. If your app or website gets more traffic and needs more
resources, you can create a new, bigger instance to handle it. If traffic
goes down, you can switch to a smaller instance to save money.

5. What are the types of EC2 instances?

Answer: AWS offers different EC2 instance types optimized for various
tasks:

 General Purpose: For balanced compute, memory, and networking.

 Compute Optimized: For compute-intensive applications.

 Memory Optimized: For memory-intensive applications.

 Storage Optimized: For high-performance storage needs.

 Accelerated Computing: For hardware acceleration (e.g., GPUs).

6. What is S3 (Simple Storage Service) in AWS?

Answer: An S3 bucket is a storage container in Amazon S3 where you

store data as objects. Each bucket is globally unique and serves as a
namespace to organize and store files.

7. What is IAM in AWS?

IAM (Identity and Access Management) is a service in AWS that helps

you control who can access your AWS resources and what actions
they can perform. You can create users, groups, and roles, and set
permissions to ensure that only authorized people or services can
access specific resources in your AWS account.

8. Explain the concept of Security Groups in AWS.

Security Groups act as virtual firewalls at the instance level,

controlling inbound and outbound traffic, and are stateful, meaning
return traffic is automatically allowed. They support only allow rules
and are directly associated with EC2 instances.

9. What is an Elastic IP in AWS?

An Elastic IP in AWS is a static (fixed) public IP address that you can

assign to an EC2 instance. It ensures that your instance keeps the
same IP address even if it stops or restarts. This is useful for hosting
websites, applications, or services that need a consistent IP address.
10. What is Elastic Load Balancing (ELB) in AWS?

Elastic Load Balancing (ELB) in AWS automatically distributes

incoming traffic across multiple servers (EC2 instances) to ensure no
single server is overloaded. It improves application availability,
handles traffic spikes, and ensures smooth performance by routing
requests to healthy servers.

11. What are the types of load balancers in AWS?

Ans: AWS provides four types of Load Balancers under Elastic Load
Balancing (ELB):

1. Application Load Balancer (ALB) – Best for web applications. It

routes traffic based on the URL path or host (host-based and path-
based routing) and works at Layer 7. ALB supports HTTP and HTTPS
protocols.

2. Network Load Balancer (NLB) – Best for handling high traffic with
low latency. It routes traffic based on IP and ports at Layer 4 and
supports TCP, TLS, and UDP protocols.

3. Gateway Load Balancer (GWLB) – Used for managing third-party

security appliances like firewalls. It works at Layer 3 and supports the
GTP protocol for traffic management in security appliances.

4. Classic Load Balancer (CLB) – The older version that works at both
Layer 4 and Layer 7 but is less advanced than ALB and NLB. CLB
supports HTTP, HTTPS, TCP, and SSL protocols.

HTTP (HyperText Transfer Protocol) is the system used for

transferring web pages and other content over the internet. It’s the
protocol that allows your browser to communicate with websites,
asking for information (like a webpage or image) and receiving it. When
you type a web address, your browser uses HTTP to request the page,
and the server sends it back to you.

HTTPS (HyperText Transfer Protocol Secure) is the secure version of

HTTP. It encrypts the data transferred between your browser and a
website, ensuring that any information you share, like passwords or
credit card details, is kept private and safe from hackers. Websites
using HTTPS are safer, especially for activities like online shopping or
banking.

TCP (Transmission Control Protocol) ensures that data sent over the
internet arrives in the right order and without errors. It’s reliable,
meaning it checks for lost data and resends it if needed, making it
ideal for things like emails and web browsing.

UDP (User Datagram Protocol) is faster but less reliable than TCP. It
sends data without checking if it arrives correctly. It’s used for things
like streaming or online gaming, where speed matters more than
perfect accuracy.

TLS (Transport Layer Security) is a protocol that encrypts data to

keep it safe when sent over the internet. It’s used in HTTPS to protect
sensitive information, like passwords or credit card numbers, from
being intercepted by hackers.

12. What is Amazon RDS?

RDS (Relational Database Service) is a service from AWS that makes it

easy to set up, operate, and scale relational databases like MySQL,
PostgreSQL, and SQL Server. It handles tasks like database
management, backups, and software patching, so you don’t have to
worry about the technical details. RDS helps ensure your database is
reliable, secure, and scalable without needing to manage the
infrastructure yourself.

13. What is Amazon VPC?

VPC (Virtual Private Cloud) is a service in AWS that lets you create
your own private network in the cloud. You can control things like
which resources can communicate with each other and how they
connect to the internet. It allows you to have your own IP address
range, subnets, and routing tables, giving you full control over your
network setup. It’s like setting up your own secure space in the cloud
to run your applications and store data.

14. What is the purpose of AWS CloudFormation?

AWS CloudFormation is a tool that helps you set up and manage your
cloud resources, like servers, databases, and storage, in an organized
and automated way. Instead of manually creating and configuring
each resource one by one, you can use CloudFormation to write a
template that describes everything you need. AWS then uses that
template to automatically create and configure all the resources for
you.

15. What is AWS Lambda?

AWS Lambda is a serverless compute service that allows you to run

code in response to events without provisioning or managing servers.
You only pay for the compute time you use.

16. What is Amazon CloudWatch?

AWS CloudWatch is a service that helps you monitor and track the
performance of your AWS resources and applications. It collects data
like CPU usage, memory, and network activity, and shows you this
information in real-time. You can set alarms to get notified if
something goes wrong, helping you keep your systems running
smoothly.

17. What is AWS CloudTrail?

AWS CloudTrail is a service that records all the actions taken in your
AWS account. It tracks who did what and when, helping you monitor
and review activity for security, compliance, and troubleshooting
purposes. It’s like having a detailed log of everything that happens in
your AWS environment.

18. What are AWS Auto Scaling and its benefits?

Answer: AWS Auto Scaling automatically adjusts the number of EC2
instances based on demand. This ensures high availability and cost
savings by scaling resources up or down as needed.

19. What is Amazon Route 53?

Answer: Amazon Route 53 is a scalable DNS (Domain Name System)

service that translates domain names into IP addresses, helping users
connect to applications. It also lets you register domains, manage
DNS records, and route traffic using methods like latency-based and
geolocation routing. Route 53 includes health checks to monitor
resources and can automatically reroute traffic if a resource fails,
ensuring high availability and reliability.

20. What is Amazon EBS?

EBS (Elastic Block Store) volume is a storage service in AWS that

provides block-level storage for your EC2 instances. It’s like a hard
drive in the cloud that you can attach to your virtual server. You can
store data, files, or even run databases on EBS volumes, and they
remain intact even if your EC2 instance is stopped or terminated.

21. What are EBS Volume types?

Answer: EBS volume types include:

 General Purpose SSD (gp2, gp3): For balanced performance.

 Provisioned IOPS SSD (io1, io2): For high-performance needs.

 Throughput Optimized HDD (st1): For frequently accessed data.

 Cold HDD (sc1): For infrequent access, lower-cost storage.

22. What is an Amazon EC2 Reserved Instance?

Answer: Reserved Instances allow you to reserve EC2 instances for a

set term (1-3 years), providing a significant discount compared to On-
Demand instances.
23. What is the difference between RDS and DynamoDB?

Answer: RDS (Relational Database Service) is used for structured

data with tables, rows, and columns, like MySQL or PostgreSQL. It’s
good for applications that need complex queries and transactions.

DynamoDB is a NoSQL database that stores unstructured data in a

flexible way. It's fast, scalable, and works well for applications with
simple queries, like mobile apps or websites with high traffic.

24. What is Amazon CloudFront?

Amazon CloudFront is a content delivery network (CDN) that helps

deliver your website’s content, like images, videos, and web pages,
quickly to users around the world. It stores copies of your content in
multiple edge locations (servers located in different parts of the
world) so users can access it from the nearest one, improving speed
and performance.

25. Explain Multi-AZ deployments in RDS.

we used Multi-AZ deployment in RDS to ensure high availability. It

creates a standby copy of the database in another availability zone. If
the primary database fails, it automatically switches to the standby,
minimizing downtime and ensuring the application keeps running
smoothly.

26. What is the purpose of Amazon SNS?

Answer: AWS SNS (Simple Notification Service) is a service that helps

you send messages or notifications to multiple people or systems. You
can use it to send alerts, updates, or information via email, SMS, or
other messaging services. It’s simple to set up and allows you to
quickly notify users or trigger actions in your applications.

27. What are the storage classes in Amazon S3?

Amazon S3 offers different storage classes to help you choose the

best and most cost-effective way to store your data, depending on
how often you need to access it and how quickly you need it.

Standard: This is for data that you access frequently, like your active
files, databases, or applications. It provides fast access with high
durability, meaning your data is stored safely.

Intelligent-Tiering: This storage class automatically moves your data

between different classes based on how often it's accessed. If you
don't access data frequently, it will save you money by moving it to a
cheaper storage option, but still keep it readily available when
needed.

Standard-IA (Infrequent Access): This is for data that you don’t access
often but still need to retrieve quickly when required. It's cheaper
than Standard storage, but you pay a little more when you access the
data.

One Zone-IA: This class is similar to Standard-IA but stores your data
in just one availability zone (one location). It’s cheaper, but if that zone
goes down, your data could be lost. It’s good for data you don’t need
to access often and can tolerate some risk.

Glacier: Ideal for data that you need to archive and access only
occasionally. It’s very cheap for long-term storage, but retrieving your
data can take a few hours. Good for backups or old records.

Glacier Deep Archive: The cheapest option for storing data you rarely
need, like historical records or old backups. Retrieval can take up to 12
hours, so it’s best for data that’s unlikely to be needed quickly.

28. What is Amazon Aurora?

Answer: Amazon Aurora is a fast, fully managed relational database

service from AWS. It is compatible with MySQL and PostgreSQL, but it
is designed to be faster, more reliable, and scalable. Aurora
automatically scales storage, provides built-in backups, and ensures
high availability, making it a great choice for applications that require
a high-performance, secure database without the need for manual
management.

29. What is AWS CLI?

Answer: AWS CLI (Command Line Interface) is a tool that lets you
manage AWS services using simple commands in your terminal or
command prompt. Instead of using the AWS Management Console
(web interface), you can type commands to create, update, or delete
resources in AWS. It's useful for automating tasks and managing AWS
more quickly and efficiently.

30. What is a Lambda function timeout?

Answer: Lambda functions have a maximum timeout of 15 minutes,

after which the function execution is terminated automatically.

31. What is AWS WAF?

Answer: AWS WAF (Web Application Firewall) is a service that helps

protect your website or app from harmful traffic, like hackers or
malicious bots. You can set rules to block bad requests and only allow
safe ones, keeping your site secure.

32. What is a VPC Peering Connection?

Answer: VPC Peering is a service that lets you connect two Virtual
Private Clouds (VPCs) in AWS. It allows resources in one VPC to
communicate with resources in another VPC, even if they are in
different regions. This is useful when you want to share resources or
connect applications across different VPCs securely.

33. What is AWS IAM?

IAM (Identity and Access Management) is a service in AWS that helps

you control who can access your AWS resources and what actions
they can perform. You can create users, groups, and roles, and set
permissions to ensure that only authorized people or services can
access specific resources in your AWS account.
34. What are IAM Roles?

IAM Roles are a way to give permissions to AWS services or users to

perform specific actions. Instead of giving a user direct access to
resources, you assign them a role that defines what they can and can't
do. These roles can be used by AWS services (like EC2 or Lambda) or
users, allowing them to access only what’s necessary for their tasks.

35. What is IAM Policies?

Answer: IAM Policies are rules that define what actions a user, group,
or role can perform on AWS resources. These policies specify what is
allowed or denied, such as creating, deleting, or modifying resources.
They are written in a special format called JSON and are used to
control access to AWS services in a secure way.

36 What is AWS KMS?

AWS KMS (Key Management Service) is a service that helps you create
and manage encryption keys to protect your data. It allows you to
securely encrypt sensitive information, like files or database records,
and control who can access and use those encryption keys. This helps
keep your data safe and secure in the cloud.

37. What is Amazon ECR?

Answer: AWS ECR (Elastic Container Registry) is a service that stores

and manages Docker container images. It works like Docker Hub but is
integrated with AWS, allowing you to store, share, and deploy
container images securely.

38. What is Amazon S3 Bucket Versioning?

Answer: Amazon S3 Bucket Versioning is a feature that keeps multiple

versions of an object in a bucket. It helps protect against accidental
deletions or overwrites by allowing you to restore previous versions
of files.

39. What is Aws Codebuild?

AWS CodeBuild is a fully managed service that compiles code, runs
tests, and produces deployable software packages. It eliminates the
need to set up and manage your own build servers.

40. What is Aws Secret Manager ?

Answer: AWS Secrets Manager is a service that securely stores and

manages sensitive information like passwords, API keys, and database
credentials. It helps in automatically rotating and retrieving secrets
when needed.

41. What is Amazon RDS Read Replica?

Answer: Amazon RDS Read Replica is a copy of your database that

helps improve performance by handling read requests separately. It
reduces the load on the main database and ensures faster query
processing.

42. What is AWS Transit Gateway?

Answes: AWS Transit Gateway is a service that connects multiple VPCs

and on-premises networks through a single gateway. It simplifies
network management and improves communication between
different AWS resources.

43. What is Subnet?

A subnet is a smaller network within a larger network. It divides an IP

network into multiple parts to improve performance, security, and
organization. Each subnet can have its own range of IP addresses and
be isolated from other subnets.

44. What is Internet Gateway?

Answer: An Internet Gateway is a service in AWS that allows resources

in a public subnet to connect to the internet. It helps instances in
your VPC send and receive data from the internet. For example, if you
have a web server that needs to be accessed by users online, the
Internet Gateway makes that possible.
45. What is NAT Gateway?

A NAT (Network Address translation) Gateway is a service in AWS that

helps instances in a private subnet connect to the internet to
download updates or send data. However, it blocks any incoming
connections from the internet, keeping those instances secure.