Top 50 AWS Interview Questions and Answers for 2018

 “I would like to become an AWS Solution Architect, what do you think are the most commonly asked AWS Architect Interview questions that I will have to answer during my interview?” 

We often get asked this question from professionals who enrol for DeZyre’s AWS Solution Architect Certification training. If you are looking for a cloud computing job, you will need to prepare for a battery of questions that can help you excel at the job interview. DeZyre brings you list of top AWS interview questions created by a panel of AWS cloud experts.

AWS Architect Interview Questions and Answers for 2018


AWS Solution Architect Interview Questions and Answers

  1. Compare AWS with OpenStack




User Interface



CLI -Available



CLI -Available




File Storage



Block Storage




IP addressing Egress, Load Balancing Firewall (DNS) , VPC

IP addressing load balancing firewall (DNS)

Big Data

Elastic MapReduce


  1. What type of performance can you expect from Elastic Block Storage? How do you back it up and enhance the performance ?

Performance of an elastic block storage varies i.e. it can go above the SLA performance level and after that drop below it. SLA provides an average disk I/O rate  which can at times frustrate performance experts who yearn for reliable and consistent disk throughput on a server. Virtual AWS instances do not behave this way. One can backup EBS volumes through a graphical user interface like elasticfox or use the snapshot facility through an API call. Also, the performance can be improved by using Linux software raid and striping across four volumes.

  1. Imagine that you have an AWS application that requires 24x7 availability and can be down only for a maximum of 15 minutes. How will you ensure that the database hosted on your EBS volume is backed up?

Automated backup are the key processes here as they work in the background without requiring any manual intervention. Whenever there is a need to back up the data, AWS API and AWS CLI play a vital role in automating the process through scripts. The best way is to prepare for a timely backup of EBS of the EC2 instance. The EBS snapshot should be stored on Amazon S3 and can be used for recovery of the database instance in case of any failure or downtime.

  1. You create a Route 53 latency record set from your domain to a system in Singapore and a similar record to a machine in Oregon. When a user located in India visits your domain, to which location will he be routed to?

Assuming that the application is hosted on Amazon EC2 instance and multiple instances of the applications are deployed on different EC2 regions. The request is most likely to go to Singapore because Amazon Route 53 is based on latency and it routes the requests based on the location that is likely to give the fastest response possible.

  1. Differentiate between on-demand instance and spot instance.

Spot Instances  are spare unused EC2 instances which one can bid for. Once the bid exceeds the existing spot price (which changes in real-time based on demand and supply) the spot instance will be launched. If the spot price becomes more than the bid price then the instance can go away anytime and terminated within 2 minutes of notice. The best way to decide on the optimal bid price for a spot instance is to check the price history of last 90 days that is available on AWS console. The advantage of spot instances is that they are cost-effective and the drawback is that they can be terminated anytime. Spot instances are ideal to use when –

  • There are optional nice to have tasks.
  • You have flexible workloads which can be run when there is enough compute capacity.
  • Tasks that require extra computing capacity to improve performance.

On-demand instances are made available whenever you require them and you need to pay for the time you use them on an hourly basis. These instances can be released when they are no longer required and do not require any upfront commitment. The availability fo these instances is guaranteed by AWS unlike spot instances.

The best practice is to launch couple of on-demand instances which can maintain minimum level of guaranteed compute resources for the application and add-on few spot instances whenever there is an opportunity.

  1.  How will you access the data on EBS in AWS ?

Elastic block storage as the name indicates provides persistent, highly avaialble and high performance block level storage that can be attached to a running EC2 instance. The storage can formatted and mounted as a file system or the raw storage can be accessed directly.

  1.  What is the boot time for an instance store backed instance ?

The boot time for an Amazon Instance Store -Backed AMI is usually less than 5 minutes.

  1. Is it possible to vertically scale on an Amazon Instance?  If yes, how ?

Following are the steps to scale an Amazon Instance vertically –

  • Spin up a larger Amazon instance than the existing one.
  • Pause the exisiting instance to remove the root ebs volume from the server  and discard.
  • Stop the live running instance and detach its root volume.
  • Make a note of the unique device ID and attach that root volume to the new server.
  • Start the instance again.
  1.  Differentiate between vertical and horizontal scaling in AWS.

The main difference between vertical and horizontal scaling is the way in which you add compute resources to your infrastructure. In vertical scaling, more power is added to the existing machine while in horizontal scaling additional resources are added into the system with the addition of more machines into the network so that the workload and processing is shared among multiple devices. The best way to understand the difference is imagine that you are retiring your Toyota and buying a Ferrari because you need more horsepower. This is vertical scaling. Another way to get that added horsepower is not to ditch the Toyota for the Ferrari but buy another car. This can be related to horizontal scaling where you drive several cars all at once.

When the users are up to 100, an EC2 instance alone is enough to run the entire web application or the database until the traffic ramps up. Under such circumstances when the traffic ramps up, it is better to scale vertically by increasing the capacity of the EC2 instance to meet the increasing demands of the application. AWS supports instances up to 128 virtual cores or 488GB RAM.

When the users for your application grow up to 1000 or more, vertical cannot handle requests and there is need for horizontal scaling which is achieved through distributed file system, clustering, and load balancing.

  1. What is the total number of buckets that can be created in AWS by default ?

100 buckets can be created in each of the AWS accounts. If additional buckets are required, increase the bucket limit by submitting a service limit increase.

  1. Differentiate between Amazon RDS, Redshift and Dynamo DB.



Amazon RDS


Dynamo DB

Computing Resources

Instances with 64 vCPU and 244 GB RAM


Nodes with vCPU and 244 GB RAM

Not specified, SaaS-Software as a Service.

Maintenance Window

30 minutes every week.

30 minutes every week.

No impact

Database Engine

MySQL, Oracle DB, SQL Server,Amazon Aurora, Postgre SQL



Primary Usage Feature

Conventional Databases


Database for dynamically modified data

Multi A-Z Replication

Additional Service




  1. An organization wants to deploy a two-tier web applications on AWS.  The application requires complex query processing and table joins. However, the company has limited resources and requires high availability. Which is the best configuration that company can opt for based on the requirements ?

DynamoDB deals with core problems of database scalability, management, reliability, and performance but does not have the functionalities of a RDBMS. DynamoDB does not render support for complex joins or query processing or complex transactions.  You can run a relational engine on Amazon RDS or EC2 for this kind of a functionality.

  1.  If you have half of the workload on public cloud while the other half is on local storage, what kind of architecture will you use for this ?

Hybrid Cloud Architecture

  1.  Is it possible to cast-off S3 with EC2 instances ? If yes, how ?

It is possible to cast-off S3 with EC2 instances using root approaches backed by native occurrence storage.

  1.   How will you configure an instance with the application and its dependencies , and make it ready to serve traffic?

You can acheive this with the use of lifecycle hooks. They are powerful as they let you pause the creation or termination of an instance so that you can sneak peak in and perform custom actions like configuring the instance, downloading the required files, and any other steps that are required to make the instance ready.Every auto scaling group can have multiple lifecycle hooks.

  1.  How can you safeguard EC2 instances running on a VPC ?

AWS Security groups associated with EC2 instances can help you safeguard EC2 instances running in a VPC by providing security at the protocol and port access level. You can configure both INBOUND and OUTBOUND traffic to enables secured access for the EC2 instance.AWS security groups are much similar to a firewall-they contain set of rules which filter the traffic coming into and out of an EC2 instance and deny any kind of unauthorized access to EC2 instances.

  1. How many EC2 instances can be used in a VPC ?

There is a limit of running up to a total of 20 on-demand instances across the instance family , you can purchase 20 reserved instances and request spot instances as per your dynamic spot limit region.

  1. What are some of the key best practices for security in Amazon EC2?
  • Create individual IAM (Identity and Access Management) users to control access to your AWS recourses. Creating separate IAM user provides separate credentials for every user making it possible to assign different permissions to each user based on the access requirements.
  • Secure the AWS Root account and its access keys.
  • Harden EC2  instances by disabling unnecessary services and applications by installing only necessary software and tools on EC2 instances.
  • Grant least privileges by opening up permissions that are required to perform a specific task and not more than that. Additional permissions can be granted as required.
  • Define and review the security group rules on a regular basis.
  • Have a well-defined strong password policy for all the users.
  • Deploy anti-virus software on the AWS network to protect it from Trojans, Viruses, etc.
  1. What should be the instance’s tenancy attribute for running it on a single tenant hardware ?

The instance tenancy attribute must be set to a dedicated instance and other values might not be appropriate for this operation.

  1. There is a distributed application that processes huge amounts of data across various EC2 instances.  Application is designed in such a way that it can recover gracefully from EC2 instance failures. How will you accomplish this in a cost effective manner ?

On-demand or reserved instance will not be ideal in this case as the task here is not continuous. Moreover. It does not make sense to launch an on-demand instance whenever work comes up because on-demand instances are expensive.In this case, the ideal choice would be to opt for a spot instance owing to its cost effectiveness and no long term commitments.

  1.  What are the important features of a classic load balancer in EC2 ?
  • The high availability feature ensures that the traffic is distributed among EC2 instances in single or multiple availability zones.This ensures high scale of availability for incoming traffic.
  • Classic load balancer can decide whether to route the traffic or not based on the results of health check.
  • You can implement secure load balancing within a network  by creating security groups in a VPC.
  • Classic load balancer supports sticky sessions which ensure that the traffic from a user is always routed to the same instance for a seamless experience.
  1. What parameters will you take into consideration when choosing the availability zone ?

Performance, pricing, latency, and response time are some of the factors to consider when selecting the availability zone.

  1.  Which instance will you use for deploying a 4-node Hadoop cluster in AWS ?

We can use a c4.8x large instance or i2.large for this, but using a c4.8x will require a better configuration on PC.

  1.  Will you use encryption for S3 ?

It is better to consider encryption for sensitive data on S3 as it is a proprietary technology.

  1. How can you send request to Amazon S3 ?

Using the REST API or the AWS SDK wrapper libraries which wrap the underlying Amazon S3 REST API.

  1. How will you bind the user session with a specific instance in ELB (Elastic Load Balancer) ?

This can be achieved by enabling Sticky Session.

  1.  What are the possible connection issues you encounter when connecting to an EC2 instance ?
  • Unprotected private key file
  • Server refused key
  • Connection timed out
  • No supported authentication method available
  • Host key not found,permission denied.
  • User key not recognized by the server, permission denied.
  1. What is the difference between Amazon S3 and EBS ?


Amazon S3



Object Store



Private Key or Public Key

Visible only to your EC2


Across data centers

Within the data center





  1. Can you run multiple websites on an EC2 server using a single IP address?

More than one elastic IP is required to run multiple websites on EC2.

  1. What happens when you reboot an EC2 instance?

Rebooting an instance is just similar to rebooting a PC. You do not return to image’s original state, however, the contents of the hard disk are same as before the reboot.

  1. A content management system running on EC2 instance is approaching 100% CPU utilization. How will you reduce the load on EC2 instance ?

This can be done by attaching a load balancer to an autoscaling group to efficiently distribute load among all instances.

  1. What happens when you launch instances in Amazon VPC ?

Each instance has a default IP address when the instance is launched in Amazon VPC. This approach is considered ideal when you need to connect cloud resources with the data centers.

  1. Can you modify the private IP address of an EC2 instance while it is running in a VPC ?

It is not possible to change the primary private IP addresses. However, secondary IP addresses can be assigned, unassigned or moved between instances at any given point.

  1.  You are launching an instance under the free usage tier from AMI having a snapshot size of 50GB. How will you launch the instance under the free usage tier ?

It is not possible to launch this instance under the free usage tier.

  1. Which load balancer will you use to make routing decisions at the application layer or transport layer that  supports either VPC or EC2?

Classic Load Balancer

Scenario-Based AWS Architect Interview Questions

  1. You have a webserver on EC2 instance . Your instance can get to the web but nobody on the internet can get to your webserver. How will you troubleshoot this issue ?
  2. What steps will you perform to enable a server in private subnet of a VPC to download updates from the web?
  3. How will you build a self-healing AWS architecture ?
  4. How will you design an AWS architecture for failure ?
  5. As a AWS solution architect, how will you implement disaster recovery on AWS ?
  6. You run a news website in eu-west-1 region which updates every 15 minutes. The website is accessed by audience across the globe and uses an auto scaling group begind an Elastic load balancer and Amazon relation database service. Static content for the application is on S3 and is distributed using CloudFront. The auto scaling group is set to trigger a scale up event with 60% CPU utilization. You use extra large DB instance with 10.000 Provisioned IOPS that gives CPU Utilization around 80% with freeable memory in the 2GB range. The web analytics report shows that the load time for the webpages is an average of 2 seconds but the SEO consultant suggests that you bring the average load time of your pages to less than 0.5 seconds. What will you do improve the page load time of the website for your users.
  7. How will you right size a system for a normal and peak traffic situations ?
  8. Tell us about a situation where you were given feedback that made you change your architectural design strategy.
  9. What challenges are you looking forward to for the position as an AWS solutions architect ?
  10.  Describe a successful AWS project which reflects your design and implementation experience about AWS Solutions Architecture.
  11.  How will you design an e-commerce application using AWS services ?
  12. What characteristics will you take into consideration when desgining an Amazon Cloud solution?
  13. When would you prefer to use provisioned IOPS over Standard RDS storage ?
  14. What do you think AWS is missing from a solutions architect perspective?
  15. What if Google decides to host on AWS, how will you design the solution architecture ?

If you really love AWS and want to push forward on AWS certifications for sure, these AWS solutions architect interview questions will help you get through the door. However, you will also need to some hands-on and real-life exposure to AWS projects through a comprehensive AWS training to be successful.