1. Explain what S3 is?
Amazon S3, known as Simple Storage Service, is a scalable service for object storage offered by AWS. It allows users to store and retrieve data from anywhere on the web and is designed to provide 99.999999999% (11 nines) durability. S3 is commonly used for data backup, archiving, content distribution, and serving as a foundation for various AWS services.
2. How does Amazon Route 53 ensure both high availability and low latency in its services?
Amazon Route 53 achieves high availability and low latency through a global network of DNS servers. It uses anycast routing, enabling the DNS requests to be automatically routed to the nearest available DNS server. This minimises latency and enhances the overall performance of the service. Additionally, Route 53 supports health checks and automatic failover, directing traffic away from unhealthy or unavailable resources, and contributing to the service's reliability.
3. What is the process for initiating a request to Amazon S3?
To initiate a request to Amazon S3, users typically send an HTTP request to the S3 service endpoint. The request includes the necessary information such as the HTTP method (GET, PUT, POST, DELETE), the bucket name, the object key, and other optional parameters. Amazon S3 supports a RESTful API, allowing users to interact with the service programmatically. Additionally, AWS SDKs and command-line tools simplify the process of working with S3.
4. What does AMI include?
An Amazon Machine Image (AMI) includes a pre-configured virtual machine image, which includes an operating system, application server, and applications. It also includes launch permissions that control which AWS accounts can use the AMI to launch instances. AMIs serve as templates for creating Amazon EC2 instances, providing a consistent environment for applications.
5. What are the different types of Instances?
Amazon EC2 instances come in various types, including General Purpose (e.g., t3, m5), Compute Optimised (e.g., c5), Memory Optimised (e.g., r5), Storage Optimised (e.g., i3), and Accelerated Computing (e.g., p3). Each instance type is designed to cater to specific use cases, such as compute-intensive, memory-intensive, storage-intensive, or GPU-accelerated workloads.
6. Explain the correlation between an Availability Zone and a Region in the context of AWS.
In AWS, a Region is a geographical area consisting of multiple Availability Zones (AZs). Availability Zones are isolated locations within a Region, each with its own power, cooling, and networking. The correlation ensures high availability and fault tolerance. Resources deployed across multiple Availability Zones in a Region are designed to withstand failures in one zone, providing resilience and continuity of service.
7. How do you monitor Amazon VPC?
Amazon VPC (Virtual Private Cloud) can be monitored using AWS CloudWatch, which provides metrics and logs for VPC-related resources. Key metrics include data transfer, packet rates, and resource utilisation. Additionally, VPC Flow Logs capture information about IP traffic going to and from network interfaces in the VPC, aiding in traffic analysis and troubleshooting.
8. Enumerate the various types of EC2 instances categorised based on their associated costs.
EC2 instances can be categorised into On-Demand Instances (pay-as-you-go), Reserved Instances (reserved capacity for a fixed term with significant cost savings), and Spot Instances (bid for unused capacity, cost-effective but can be terminated with short notice). Each category offers flexibility in cost management based on different usage patterns.
9. Define the concepts of stopping and terminating an EC2 Instance and their implications.
Stopping an EC2 instance halts its execution, but the associated resources (such as storage and network interfaces) remain intact. It can be restarted later. Terminating an instance, however, permanently deletes the instance and its associated resources. Stopping is suitable for temporary pauses, while termination is a permanent action.
10. Outline the consistency models available for modern databases provided by AWS.
AWS provides two consistency models: eventual consistency and strong consistency. Eventual consistency allows for temporary inconsistencies but guarantees that, over time, all replicas will converge to a consistent state. Strong consistency ensures immediate and synchronised updates across all replicas, providing a consistent view of the data at all times.
11. What is Geo-Targeting in CloudFront?
Geo-targeting in Amazon CloudFront allows content delivery based on the geographical location of the viewer. By configuring CloudFront with Geo-Targeting, content providers can serve customised content or redirect users based on their geographic location, enhancing the user experience and optimising content delivery.
12. What are the advantages of AWS IAM?
AWS Identity and Access Management (IAM) provides centralised control over AWS account security. Advantages include the ability to manage user access, create and manage groups, define policies, enable multi-factor authentication, and integrate with AWS services for fine-grained access control. IAM enhances security by enforcing the principle of least privilege.
13. What do you understand about a Security Group?
In AWS, a Security Group acts as a virtual firewall for instances in a VPC. It controls inbound and outbound traffic by specifying rules that allow or deny traffic based on protocols, ports, and source or destination IP addresses. Security Groups are associated with instances and operate at the instance level, providing a layer of security for EC2 instances.
14. What are Spot Instances and On-Demand Instances?
Spot Instances in AWS are spare computing capacity instances available at a lower cost. Users bid for this capacity and can lose access on short notice if the capacity is needed elsewhere. On-demand instances, on the other hand, are instances available for immediate use at standard rates with no upfront commitment, providing flexibility and scalability.
15. Explain Connection Draining?
Connection Draining is a feature in AWS Elastic Load Balancing (ELB) that allows the load balancer to complete in-flight requests made to instances being taken out of service. It ensures a smooth transition during scale-in or maintenance activities, preventing disruption to the end-user experience.
16. Differentiate between a Stateful Firewall and a Stateless Firewall?
A Stateful Firewall monitors the status of ongoing connections and makes decisions by considering the context of the traffic. It understands the state of the connection and can enforce rules accordingly. In contrast, a Stateless Firewall filters traffic based solely on source and destination information, without considering the state of the connection.
17. What is Power User Access in AWS?
Power User Access is an AWS Identity and Access Management (IAM) user type with permissions to perform common actions required for daily tasks but without the ability to manage IAM users and groups, create policies, or access sensitive resources. It provides a balance between administrative control and restriction for users.
18. Define the characteristics of an Instance Store Volume and an EBS Volume?
An Instance Store Volume is ephemeral storage directly attached to an EC2 instance, offering high I/O performance but data is lost if the instance is stopped or terminated. An EBS (Elastic Block Store) Volume is persistent storage that can be attached to EC2 instances and persists independently of the instance's lifecycle. EBS volumes are suitable for critical data and can be detached and reattached to different instances.
19. What are the Recovery Time Objective and Recovery Point Objective in AWS?
Recovery Time Objective (RTO) is the targeted duration within which a system should be restored after a disruption to meet business continuity requirements. Recovery Point Objective (RPO) is the acceptable amount of data loss, representing the point in time to which systems and data must be recovered after an outage. Both metrics are crucial for designing resilient and effective disaster recovery strategies in AWS.
20. Can a file larger than 100 Megabytes be uploaded to Amazon S3?
Yes, Amazon S3 supports the multipart upload feature, which allows users to upload large files in parts. This feature enables parallelization of uploads, better resilience to network issues, and the ability to resume uploads from where they left off. Once all parts are uploaded, they can be combined into a single object.
21. Is it possible to alter the Private IP Address of an EC2 instance while it is operational or in a halted state?
No, it is not possible to alter the private IP address of an EC2 instance while it is operational. The private IP address is assigned during the instance launch and remains associated with the instance until termination. If an alteration is required, the instance needs to be stopped, the private IP address changed in the configuration, and then the instance restarted.
22. What is the use of lifecycle hooks in Autoscaling?
Lifecycle hooks in AWS Autoscaling allow users to perform custom actions before instances are launched or terminated. These hooks provide a way to control the instance's state during the scaling process, allowing for additional setup or validation. For example, an instance can be paused for further configuration before being fully in service.
23. What are the configurable policies for managing user passwords within AWS?
AWS IAM provides password policies that can be configured to enforce security standards. These policies include settings for password length, complexity, expiration, and the ability to prevent password reuse. By configuring these policies, AWS users can enhance the overall security of their accounts and comply with organisational password requirements.