AWS Interview Questions 6
- Which of the following use cases are suitable for Amazon DynamoDB? Choose 2 answers
- Managing web sessions.
- Storing JSON documents.
- Storing metadata for Amazon S3 objects.
- Running relational joins and complex updates.
Explanation: If all your JSON data have the same fields eg [id,name,age] then it would be better to store it in a relational database, the metadata on the other hand is unstructured, also running relational joins or complex updates would work on DynamoDB as well.
- How can I load my data to Amazon Redshift from different data sources like Amazon RDS, Amazon DynamoDB and Amazon EC2?
You can load the data in the following two ways:
- You can use the COPY command to load data in parallel directly to Amazon Redshift from Amazon EMR, Amazon DynamoDB, or any SSH-enabled host.
- AWS Data Pipeline provides a high performance, reliable, fault tolerant solution to load data from a variety of AWS data sources. You can use AWS Data Pipeline to specify the data source, desired data transformations, and then execute a pre-written import script to load your data into Amazon Redshift.
- Your application has to retrieve data from your user’s mobile every 5 minutes and the data is stored in DynamoDB, later every day at a particular time the data is extracted into S3 on a per user basis and then your application is later used to visualize the data to the user. You are asked to optimize the architecture of the backend system to lower cost, what would you recommend?
- Create a new Amazon DynamoDB (able each day and drop the one for the previous day after its data is on Amazon S3.
- Introduce an Amazon SQS queue to buffer writes to the Amazon DynamoDB table and reduce provisioned write throughput.
- Introduce Amazon Elasticache to cache reads from the Amazon DynamoDB table and reduce provisioned read throughput.
- Write data directly into an Amazon Redshift cluster replacing both Amazon DynamoDB and Amazon S3.
Explanation: Since our work requires the data to be extracted and analyzed, to optimize this process a person would use provisioned IO, but since it is expensive, using a ElastiCache memoryinsread to cache the results in the memory can reduce the provisioned read throughput and hence reduce cost without affecting the performance.
- You are running a website on EC2 instances deployed across multiple Availability Zones with a Multi-AZ RDS MySQL Extra Large DB Instance. The site performs a high number of small reads and writes per second and relies on an eventual consistency model. After comprehensive tests you discover that there is read contention on RDS MySQL. Which are the best approaches to meet these requirements? (Choose 2 answers)
Explanation: Since it does a lot of read writes, provisioned IO may become expensive. But we need high performance as well, therefore the data can be cached using ElastiCache which can be used for frequently reading the data. As for RDS since read contention is happening, the instance size should be increased and provisioned IO should be introduced to increase the performance.
- A startup is running a pilot deployment of around 100 sensors to measure street noise and air quality in urban areas for 3 months. It was noted that every month around 4GB of sensor data is generated. The company uses a load balanced auto scaled layer of EC2 instances and a RDS database with 500 GB standard storage. The pilot was a success and now they want to deploy at
least 100K sensors which need to be supported by the backend. You need to store the data for at least 2 years to analyze it. Which setup of the following would you prefer?
- Add an SQS queue to the ingestion layer to buffer writes to the RDS instance
- Ingest data into a DynamoDB table and move old data to a Redshift cluster
- Replace the RDS instance with a 6 node Redshift cluster with 96TB of storage
- Keep the current architecture but upgrade RDS storage to 3TB and 10K provisioned IOPS
Explanation: A Redshift cluster would be preferred because it easy to scale, also the work would be done in parallel through the nodes, therefore is perfect for a bigger workload like our use case. Since each month 4 GB of data is generated, therefore in 2 year, it should be around 96 GB. And since the
servers will be increased to 100K in number, 96 GB will approximately become 96TB. Hence option C is the right answer.
46. Suppose you have an application where you have to render images and also do some general computing. From the following services which service will best fit your need?
- Classic Load Balancer
- Application Load Balancer
- Both of them
- None of these
Explanation: You will choose an application load balancer, since it supports path based routing, which means it can take decisions based on the URL, therefore if your task needs image rendering it will route it to a different instance, and for general computing it will route it to a different instance.
47. What is the difference between Scalability and Elasticity?
Scalability is the ability of a system to increase its hardware resources to handle the increase in demand.
It can be done by increasing the hardware specifications or increasing the processing nodes.
Elasticity is the ability of a system to handle increase in the workload by adding additional hardware resources when the demand increases(same as scaling) but also rolling back the scaled resources, when the resources are no longer needed. This is particularly helpful in Cloud environments, where a pay per use model is followed.
- How will you change the instance type for instances which are running in your application tier and are using Auto Scaling. Where will you change it from the following areas?
- Auto Scaling policy configuration
- Auto Scaling group
- Auto Scaling tags configuration
- Auto Scaling launch configuration
Explanation: Auto scaling tags configuration, is used to attach metadata to your instances, to change the instance type you have to use auto scaling launch configuration.
- You have a content management system running on an Amazon EC2 instance that is approaching 100% CPU utilization. Which option will reduce load on the Amazon EC2 instance?
- Create a load balancer, and register the Amazon EC2 instance with it
- Create a CloudFront distribution, and configure the Amazon EC2 instance as the origin
- Create an Auto Scaling group from the instance using the CreateAutoScalingGroup action
- Create a launch configuration from the instance using the CreateLaunchConfigurationAction
Explanation:Creating alone an autoscaling group will not solve the issue, until you attach a load balancer to it. Once you attach a load balancer to an autoscaling group, it will efficiently distribute the load among all the instances. Option B – CloudFront is a CDN, it is a data transfer tool therefore will not help reduce load on the EC2 instance. Similarly the other option – Launch configuration is a template for configuration which has no connection with reducing loads.
- When should I use a Classic Load Balancer and when should I use an Application load balancer?
A Classic Load Balancer is ideal for simple load balancing of traffic across multiple EC2 instances, while an Application Load Balancer is ideal for microservices or container-based architectures where there is a need to route traffic to multiple services or load balance across multiple ports on the same EC2 instance.
- What does Connection draining do?
- Terminates instances which are not in use.
- Re-routes traffic from instances which are to be updated or failed a health check.
- Re-routes traffic from instances which have more workload to instances which have less workload.
- Drains all the connections from an instance, with one click.
Explanation: Connection draining is a service under ELB which constantly monitors the health of the instances. If any instance fails a health check or if any instance has to be patched with a software update, it pulls all the traffic from that instance and re routes them to other instances.
- When an instance is unhealthy, it is terminated and replaced with a new one, which of the following services does that?
- Sticky Sessions
- Fault Tolerance
- Connection Draining
Explanation: When ELB detects that an instance is unhealthy, it starts routing incoming traffic to other healthy instances in the region. If all the instances in a region becomes unhealthy, and if you have instances in some other availability zone/region, your traffic is directed to them. Once your instances become healthy again, they are re routed back to the original instances.
- What are lifecycle hooks used for in AutoScaling?
- They are used to do health checks on instances
- They are used to put an additional wait time to a scale in or scale out event.
- They are used to shorten the wait time to a scale in or scale out event
- None of these
Explanation: Lifecycle hooks are used for putting wait time before any lifecycle action i.e launching or terminating an instance happens. The purpose of this wait time, can be anything from extracting log files before terminating an instance or installing the necessary softwares in an instance before launching it.
- A user has setup an Auto Scaling group. Due to some issue the group has failed to launch a single instance for more than 24 hours. What will happen to Auto Scaling in this condition?
- Auto Scaling will keep trying to launch the instance for 72 hours
- Auto Scaling will suspend the scaling process
- Auto Scaling will start an instance in a separate region
- The Auto Scaling group will be terminated automatically
Explanation: Auto Scaling allows you to suspend and then resume one or more of the Auto Scaling processes in your Auto Scaling group. This can be very useful when you want to investigate a configuration problem or other issue with your web application, and then make changes to your application, without triggering the Auto Scaling process.
- You have an EC2 Security Group with several running EC2 instances. You changed the Security Group rules to allow inbound traffic on a new port and protocol, and then launched several new instances in the same Security Group. The new rules apply:
- Immediately to all instances in the security group.
- Immediately to the new instances only.
- Immediately to the new instances, but old instances must be stopped and restarted before the new rules apply.
- To all instances, but it may take several minutes for old instances to see the changes.
Explanation: Any rule specified in an EC2 Security Group applies immediately to all the instances, irrespective of when they are launched before or after adding a rule.
- To create a mirror image of your environment in another region for disaster recovery, which of the following AWS resources do not need to be recreated in the second region? ( Choose 2 answers )
- Route 53 Record Sets
- Elastic IP Addresses (EIP)
- EC2 Key Pairs
- Launch configurations
- Security Groups
Explanation: Elastic IPs and Route 53 record sets are common assets therefore there is no need to replicate them, since Elastic IPs and Route 53 are valid across regions
- A customer wants to capture all client connection information from his load balancer at an interval of 5 minutes, which of the following options should he choose for his application?
- Enable AWS CloudTrail for the loadbalancer.
- Enable access logs on the load balancer.
- Install the Amazon CloudWatch Logs agent on the load balancer.
- Enable Amazon CloudWatch metrics on the load balancer.
Explanation: AWS CloudTrail provides inexpensive logging information for load balancer and other AWS resources This logging information can be used for analyses and other administrative work, therefore is perfect for this use case.
- A customer wants to track access to their Amazon Simple Storage Service (S3) buckets and also use this information for their internal security and access audits. Which of the following will meet the Customer requirement?
- Enable AWS CloudTrail to audit all Amazon S3 bucket access.
- Enable server access logging for all required Amazon S3 buckets.
- Enable the Requester Pays option to track access via AWS Billing
- Enable Amazon S3 event notifications for Put and Post.
Explanation: AWS CloudTrail has been designed for logging and tracking API calls. Also this service is available for storage, therefore should be used in this use case.
- Which of the following are true regarding AWS CloudTrail? (Choose 2 answers)
- CloudTrail is enabled globally
- CloudTrail is enabled on a per-region and service basis
- Logs can be delivered to a single Amazon S3 bucket for aggregation.
- CloudTrail is enabled for all available services within a region.
Explanation: Cloudtrail is not enabled for all the services and is also not available for all the regions.
Therefore option B is correct, also the logs can be delivered to your S3 bucket, hence C is also correct.
- What happens if CloudTrail is turned on for my account but my Amazon S3 bucket is not configured with the correct policy?
CloudTrail files are delivered according to S3 bucket policies. If the bucket is not configured or is misconfigured, CloudTrail might not be able to deliver the log files.