AWS IAM Interview Questions for Experienced/AWS IAM Interview Questions and Answers for Freshers & Experienced

How does AWS IAM help your business?

It helps business by managing IAM users and their access & it also manages access for federated users.

Posted Date:- 2022-02-08 14:23:15

What are the consistency models in DynamoDB?

Eventual Consistency Model and Strong Consistency Model are the two models in DynamoDB.
Eventual Consistency Model, it maximizes read throughput but it doesn’t display the output of a recently completed write.
Strong Consistency Model, it delays in writing the data, however it shows the updated data every time you read it.

Posted Date:- 2022-02-08 14:20:42

What are the common types of AMI designs?

The types are completely baked AMI which are Slightly baked AMI (JeOS AMI) & Hybrid AMI.

Posted Date:- 2022-02-08 14:20:13

What services can be used to create a centralized logging solution?

The below mentioned services can be used for centralized logging solution.
Amazon CloudWatch Logs, this can be stored in Amazon S3.
Amazon Elastic Search can be used to visualize them.
Amazon Kinesis Firehouse can be used to move data from Amazon S3 to Amazon ElasticSearch.

Posted Date:- 2022-02-08 14:19:42

How many AWS services are there in 2020?

The AWS Serverless Application repository is available in the AWS GovCloud (US-East) region. Hence, the availability of the services has increased to a total of 18 AWS regions i.e. across North America, South America, the EU & the Asia Pacific.

Posted Date:- 2022-02-08 14:17:38

Relationship between an instance and AMI?

A single AMI is capable of launching multiple types of instances. The hardware of the host computer used for your instances is defined by the instance type. Each instances type has different computer and memory capabilities. After the launch of the instance, it looks like a traditional host and one can interact with it.

Posted Date:- 2022-02-08 14:16:58

Comparison between AWS and Openstack?

License in AWS is Amazon proprietary and in Openstack it is open source. The operating system in AWS depends on what the cloud administrators provides and in Openstack the OS is whatever AMIs provided by AWS.

Posted Date:- 2022-02-08 14:16:39

What type of query functionality does DynamoDB support?

DynamoDB supports GET/PUT operations by using a user-defined primary key. It provides flexible querying by letting you query on non-primary vital attributes using global secondary indexes and local secondary indexes.

Posted Date:- 2022-02-08 12:11:15

What is a maintenance window in Amazon RDS? Will your DB instance be available during maintenance events?

RDS maintenance window lets you decide when DB instance modifications, database engine version upgrades, and software patching have to occur. The automatic scheduling is done only for patches that are related to security and durability. By default, there is a 30-minute value assigned as the maintenance window and the DB instance will still be available during these events though you might observe a minimal effect on performance.

Posted Date:- 2022-02-08 12:10:45

Which type of scaling would you recommend for RDS and why?

There are two types of scaling - vertical scaling and horizontal scaling. Vertical scaling lets you vertically scale up your master database with the press of a button. A database can only be scaled vertically, and there are 18 different instances in which you can resize the RDS. On the other hand, horizontal scaling is good for replicas. These are read-only replicas that can only be done through Amazon Aurora.

Posted Date:- 2022-02-08 12:10:23

How are reserved instances different from on-demand DB instances?

Reserved instances and on-demand instances are the same when it comes to function. They only differ in how they are billed.

Reserved instances are purchased as one-year or three-year reservations, and in return, you get very low hourly based pricing when compared to the on-demand cases that are billed on an hourly basis.

Posted Date:- 2022-02-08 12:10:04

Can AWS Config aggregate data across different AWS accounts?

Yes, you can set up AWS Config to deliver configuration updates from different accounts to one S3 bucket, once the appropriate IAM policies are applied to the S3 bucket.

Posted Date:- 2022-02-08 12:09:46

How does Amazon Route 53 provide high availability and low latency?

Here’s how Amazon Route 53 provides the resources in question:

Globally Distributed Servers
Amazon is a global service and consequently has DNS services globally. Any customer creating a query from any part of the world gets to reach a DNS server local to them that provides low latency.

Route 53 provides a high level of dependability required by critical applications

Optimal Locations
Route 53 uses a global anycast network to answer queries from the optimal position automatically.

Posted Date:- 2022-02-08 12:09:25

What is the difference between a Domain and a Hosted Zone?


A domain is a collection of data describing a self-contained administrative and technical unit. For example, is a domain and a general DNS concept.

Hosted zone

A hosted zone is a container that holds information about how you want to route traffic on the internet for a specific domain. For example, is a hosted zone.

Posted Date:- 2022-02-08 12:08:49

What is the difference between Latency Based Routing and Geo DNS?

The Geo Based DNS routing takes decisions based on the geographic location of the request. Whereas, the Latency Based Routing utilizes latency measurements between networks and AWS data centers. Latency Based Routing is used when you want to give your customers the lowest latency possible. On the other hand, Geo Based routing is used when you want to direct the customer to different websites based on the country or region they are browsing from.

Posted Date:- 2022-02-08 12:07:14

How does AWS IAM help your business?

IAM enables to:

Manage IAM users and their access - AWS IAM provides secure resource access to multiple users.

Manage access for federated users – AWS allows you to provide secure . access to resources in your AWS account to your employees and applications without creating IAM roles.

Posted Date:- 2022-02-08 12:05:58

What are the managed policies in AWS IAM?

There are two types of managed policies; one that is managed by you and one that is managed by AWS. They are IAM resources that express permissions using IAM policy language. You can create, edit, and manage them separately from the IAM users, groups, and roles to which they are attached.

Posted Date:- 2022-02-08 12:05:08

What is the difference between an IAM role and an IAM user?

The two key differences between the IAM role and IAM user are:

An IAM role is an IAM entity that defines a set of permissions for making AWS service requests, while an IAM user has permanent long-term credentials and is used to interact with the AWS services directly.
In the IAM role, trusted entities, like IAM users, applications, or an AWS service, assume roles whereas the IAM user has full access to all the AWS IAM functionalities.

Posted Date:- 2022-02-08 12:04:49

How can you use AWS WAF in monitoring your AWS applications?

AWS WAF or AWS Web Application Firewall protects your web applications from web exploitations. It helps you control the traffic flow to your applications. With WAF, you can also create custom rules that block common attack patterns. It can be used for three cases: allow all requests, prevent all requests, and count all requests for a new policy.

Posted Date:- 2022-02-08 12:04:03

What are the different uses of the various load balancers in AWS Elastic Load Balancing?

Application Load Balancer
Used if you need flexible application management and TLS termination.

Network Load Balancer
Used if you require extreme performance and static IPs for your applications.

Classic Load Balancer
Used if your application is built within the EC2 Classic network

Posted Date:- 2022-02-08 12:03:42

How do you auto-delete old snapshots?

Here’s the procedure for auto-deleting old snapshots:

<> As per procedure and best practices, take snapshots of the EBS volumes on Amazon S3.
<> Use AWS Ops Automator to handle all the snapshots automatically.
<> This allows you to create, copy, and delete Amazon EBS snapshots.

Posted Date:- 2022-02-08 12:03:17

What is the difference between EBS and Instance Store?

EBS is a kind of permanent storage in which the data can be restored at a later point. When you save data in the EBS, it stays even after the lifetime of the EC2 instance. On the other hand, Instance Store is temporary storage that is physically attached to a host machine. With an Instance Store, you cannot detach one instance and attach it to another. Unlike in EBS, data in an Instance Store is lost if any instance is stopped or terminated.

Posted Date:- 2022-02-08 12:02:27

What happens when one of the resources in a stack cannot be created successfully?

If the resource in the stack cannot be created, then the CloudFormation automatically rolls back and terminates all the resources that were created in the CloudFormation template. This is a handy feature when you accidentally exceed your limit of Elastic IP addresses or don’t have access to an EC2 AMI.

Posted Date:- 2022-02-08 12:01:53

How is AWS CloudFormation different from AWS Elastic Beanstalk?

Here are some differences between AWS CloudFormation and AWS Elastic Beanstalk:

<. AWS CloudFormation helps you provision and describe all of the infrastructure resources that are present in your cloud environment. On the other hand, AWS Elastic Beanstalk provides an environment that makes it easy to deploy and run applications in the cloud.

<. AWS CloudFormation supports the infrastructure needs of various types of applications, like legacy applications and existing enterprise applications. On the other hand, AWS Elastic Beanstalk is combined with the developer tools to help you manage the lifecycle of your applications.

Posted Date:- 2022-02-08 12:01:24

What is Power User Access in AWS?

The AWS Resources owner is identical to an Administrator User. The Administrator User can build, change, delete, and inspect resources, as well as grant permissions to other AWS users.

Administrator Access without the ability to control users and permissions is provided to a Power User. A Power User Access user cannot provide permissions to other users but has the ability to modify, remove, view, and create resources.

Posted Date:- 2022-02-08 12:00:51

What is Connection Draining

Connection Draining is an AWS service that allows us to serve current requests on the servers that are either being decommissioned or updated.

By enabling this Connection Draining, we let the Load Balancer make an outgoing instance finish its existing requests for a set length of time before sending it any new requests. A departing instance will immediately go off if Connection Draining is not enabled, and all pending requests will fail.

Posted Date:- 2022-02-08 12:00:25

What T2 instances are?

The T2 Instances are intended to give the ability to burst to a higher performance whenever the workload demands it and also provide a moderate baseline performance to the CPU.

The T2 instances are General Purpose instance types and are low in cost as well. They are usually used wherever workloads do not consistently or often use the CPU.

Posted Date:- 2022-02-08 12:00:02

If you would like to transfer vast amounts of data, which is the best option among Snowball, Snowball Edge, and Snowmobile?

AWS Snowball is basically a data transport solution for moving high volumes of data into and out of a specified AWS region. On the other hand, AWS Snowball Edge adds additional computing functions apart from providing a data transport solution. The snowmobile is an exabyte-scale migration service that allows you to transfer data up to 100 PB.

Posted Date:- 2022-02-08 11:59:37

What is RTO and RPO in AWS?

RTO or Recovery Time Objective is the maximum time your business or organization is willing to wait for a recovery to complete in the wake of an outage. On the other hand, RPO or Recovery Point Objective is the maximum amount of data loss your company is willing to accept as measured in time.

Posted Date:- 2022-02-08 11:59:16

How can you add an existing instance to a new Auto Scaling group?

Here’s how you can add an existing instance to a new Auto Scaling group:

* Open EC2 console
* Select your instance under Instances
* Choose Actions -> Instance Settings -> Attach to Auto Scaling Group
* Select a new Auto Scaling group
* Attach this group to the Instance
* Edit the Instance if needed
* Once done, you can successfully add the instance to a new Auto Scaling group

Posted Date:- 2022-02-08 11:58:57

How many Subnets can you have per VPC?

We can have up to 200 Subnets per Amazon Virtual Private Cloud (VPC).

Posted Date:- 2022-02-08 11:58:00

Name and explain some security products and features available in VPC?

Here is a selection of security products and features:

<> Security groups - This acts as a firewall for the EC2 instances, controlling inbound and outbound traffic at the instance level.

<> Network access control lists - It acts as a firewall for the subnets, controlling inbound and outbound traffic at the subnet level.

<> Flow logs - These capture the inbound and outbound traffic from the network interfaces in your VPC.

Posted Date:- 2022-02-08 11:57:34

VPC is not resolving the server through DNS. What might be the issue, and how can you fix it?

To fix this problem, you need to enable the DNS hostname resolution, so that the problem resolves itself.

Posted Date:- 2022-02-08 11:55:49

What are the storage class available in Amazon s3?

Storage classes available with Amazon s3 are:

<> Amazon S3 standard
<> Amazon S3 standard-infrequent Access
<> Amazon S3 Reduced Redundancy Storage
<> Amazon Glacier

Posted Date:- 2022-02-08 11:01:01

How do you allow a user to gain access to a specific bucket?

You need to follow the four steps provided below to allow access. They are:

1. Categorize your instances
2. Define how authorized users can manage specific servers.
3. Lockdown your tags
4. Attach your policies to IAM users

Posted Date:- 2022-02-08 11:00:07

What is the use of lifecycle hooks in Autoscaling?

Lifecycle hooks are used for autoscaling to put an additional wait time to a scale in or scale out event.

Posted Date:- 2022-02-08 10:57:29

Can you change the Private IP Address of an EC2 instance while it is running or in a stopped state?

No, a Private IP Address of an EC2 instance cannot be changed. When an EC2 instance is launched, a private IP Address is assigned to that instance at the boot time. This private IP Address is attached to the instance for its entire lifetime and can never be changed.

Posted Date:- 2022-02-08 10:54:49

Is there a way to upload a file that is greater than 100 Megabytes in Amazon S3?

Yes, it is possible by using the Multipart Upload Utility from AWS. With the Multipart Upload Utility, larger files can be uploaded in multiple parts that are uploaded independently. You can also decrease upload time by uploading these parts in parallel. After the upload is done, the parts are merged into a single object or file to create the original file from which the parts were created.

Posted Date:- 2022-02-08 10:49:03

What are Recovery Time Objective and Recovery Point Objective in AWS?

Recovery Time Objective - It is the maximum acceptable delay between the interruption of service and restoration of service. This translates to an acceptable time window when the service can be unavailable.

Recover Point Objective - It is the maximum acceptable amount of time since the last data restore point. It translates to the acceptable amount of data loss which lies between the last recovery point and the interruption of service.

Posted Date:- 2022-02-08 10:48:42

What is an Instance Store Volume and an EBS Volume?

An Instance Store Volume is temporary storage that is used to store the temporary data required by an instance to function. The data is available as long as the instance is running. As soon as the instance is turned off, the Instance Store Volume gets removed and the data gets deleted.

On the other hand, an EBS Volume represents a persistent storage disk. The data stored in an EBS Volume will be available even after the instance is turned off.

Posted Date:- 2022-02-08 10:47:41

What is a Power User Access in AWS?

An Administrator User will be similar to the owner of the AWS Resources. He can create, delete, modify or view the resources and also grant permissions to other users for the AWS Resources.

A Power User Access provides Administrator Access without the capability to manage the users and permissions. In other words, a user with Power User Access can create, delete, modify or see the resources, but he cannot grant permissions to other users.

Posted Date:- 2022-02-08 10:47:13

How can you recover/login to an EC2 instance for which you have lost the key?

Follow the steps provided below to recover an EC2 instance if you have lost the key:

1. Verify that the EC2Config service is running
2. Detach the root volume for the instance
3. Attach the volume to a temporary instance
4. Modify the configuration file
5. Restart the original instance

Posted Date:- 2022-02-08 10:46:49

What are Key-Pairs in AWS?

The Key-Pairs are password-protected login credentials for the Virtual Machines that are used to prove our identity while connecting the Amazon EC2 instances. The Key-Pairs are made up of a Private Key and a Public Key which lets us connect to the instances.

Posted Date:- 2022-02-08 10:46:07

What are the common types of AMI designs?

There are many types of AMIs, but some of the common AMIs are:

Fully Baked AMI
Just Enough Baked AMI (JeOS AMI)
Hybrid AMI

Posted Date:- 2022-02-08 10:45:06

How do you configure CloudWatch to recover an EC2 instance?

Here’s how you can configure them:

Create an Alarm using Amazon CloudWatch
In the Alarm, go to Define Alarm -> Actions tab
Choose Recover this instance option

Posted Date:- 2022-02-08 10:44:43

What are Solaris and AIX operating systems? Are they available with AWS?

Solaris is an operating system that uses SPARC processor architecture, which is not supported by the public cloud currently.

AIX is an operating system that runs only on Power CPU and not on Intel, which means that you cannot create AIX instances in EC2.

Since both the operating systems have their limitations, they are not currently available with AWS.

Posted Date:- 2022-02-08 10:44:10

How do you set up SSH agent forwarding so that you do not have to copy the key every time you log in?

Here’s how you accomplish this:

1. Go to your PuTTY Configuration

2. Go to the category SSH -> Auth

3. Enable SSH agent forwarding to your instance

Posted Date:- 2022-02-08 10:43:52

What is the difference between stopping and terminating an EC2 instance?

While you may think that both stopping and terminating are the same, there is a difference. When you stop an EC2 instance, it performs a normal shutdown on the instance and moves to a stopped state. However, when you terminate the instance, it is transferred to a stopped state, and the EBS volumes attached to it are deleted and can never be recovered.

Posted Date:- 2022-02-08 10:43:13

What is a Stateful and a Stateless Firewall?

A Stateful Firewall is the one that maintains the state of the rules defined. It requires you to define only inbound rules. Based on the inbound rules defined, it automatically allows the outbound traffic to flow.

On the other hand, a Stateless Firewall requires you to explicitly define rules for inbound as well as outbound traffic.

For example, if you allow inbound traffic from Port 80, a Stateful Firewall will allow outbound traffic to Port 80, but a Stateless Firewall will not do so.

Posted Date:- 2022-02-08 10:42:37

What are Spot Instances and On-Demand Instances?

When AWS creates EC2 instances, there are some blocks of computing capacity and processing power left unused. AWS releases these blocks as Spot Instances. Spot Instances run whenever capacity is available. These are a good option if you are flexible about when your applications can run and if your applications can be interrupted.

On the other hand, On-Demand Instances can be created as and when needed. The prices of such instances are static. Such instances will always be available unless you explicitly terminate them.

Posted Date:- 2022-02-08 10:42:04

R4R Team
R4R provides AWS IAM Freshers questions and answers (AWS IAM Interview Questions and Answers) .The questions on website is done by expert team! Mock Tests and Practice Papers for prepare yourself.. Mock Tests, Practice Papers,AWS IAM Interview Questions for Experienced,AWS IAM Freshers & Experienced Interview Questions and Answers,AWS IAM Objetive choice questions and answers,AWS IAM Multiple choice questions and answers,AWS IAM objective, AWS IAM questions , AWS IAM answers,AWS IAM MCQs questions and answers R4r provides Python,General knowledge(GK),Computer,PHP,SQL,Java,JSP,Android,CSS,Hibernate,Servlets,Spring etc Interview tips for Freshers and Experienced for AWS IAM fresher interview questions ,AWS IAM Experienced interview questions,AWS IAM fresher interview questions and answers ,AWS IAM Experienced interview questions and answers,tricky AWS IAM queries for interview pdf,complex AWS IAM for practice with answers,AWS IAM for practice with answers You can search job and get offer latters by studing .learn in easy ways .