Skip to content

Aws General

← Back to all decks

70 cards — 🟢 19 easy | 🟡 25 medium | 🔴 11 hard

🟢 Easy (19)

1. What is Amazon Connect?

Show answer Amazon definition: "Amazon Connect is an easy to use omnichannel cloud contact center that helps companies provide superior customer service at a lower cost."

Learn more [here](https://aws.amazon.com/connect)

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

2. What is the Trusted Advisor?

Show answer Amazon definition: "AWS Trusted Advisor provides recommendations that help you follow AWS best practices. Trusted Advisor evaluates your account by using checks. These checks identify ways to optimize your AWS infrastructure, improve security and performance, reduce costs, and monitor service quotas."

Learn more [here](https://aws.amazon.com/premiumsupport/technology/trusted-advisor/)

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

3. What is AWS EMR (Elastic MapReduce) and when would you use it?

Show answer AWS definition: "big data platform for processing vast amounts of data using open source tools such as Apache Spark, Apache Hive, Apache HBase, Apache Flink, Apache Hudi, and Presto."

Learn more [here](https://aws.amazon.com/emr)

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

4. Which of the following are AWS accounts types (and are sorted by order)?

Show answer - Basic, Developer, Business, Enterprise

Remember: AWS services follow a naming pattern. Learn the core 20 services first: EC2, S3, RDS, Lambda, VPC, IAM, CloudWatch, CloudFormation, Route 53, ELB, ECS/EKS, DynamoDB, SNS, SQS, API Gateway.

Gotcha: AWS free tier has limits. Set up billing alerts immediately to avoid surprise charges. Even small misconfigurations (e.g., forgotten NAT Gateway) can cost money.

5. What is AWS Application Discovery Service?

Show answer Amazon definition: "AWS Application Discovery Service helps enterprise customers plan migration projects by gathering information about their on-premises data centers."

Learn more [here](https://aws.amazon.com/application-discovery)

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

6. What is "Visibility Timeout?"

Show answer The time in seconds for a message to not be visible for consumers.

The limit as of today is 12 hours

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

7. What is an AWS Region and Availability Zone?

Show answer An AWS Region is a geographic location with multiple isolated data centers. Each Region contains multiple Availability Zones (AZs), which are physically separated data centers with independent power/networking. This design allows high availability and fault tolerance by distributing resources across AZs.

Remember: Region = geographic area (us-east-1). AZ = isolated datacenter(s) within a region (us-east-1a). Edge Location = CDN cache point.

Gotcha: not all services are available in all regions. us-east-1 (N. Virginia) always gets new services first.

8. What is the purpose of "Amazon SNS"?

Show answer A messaging service for sending notifications to subscribers.

Remember: AWS services follow a naming pattern. Learn the core 20 services first: EC2, S3, RDS, Lambda, VPC, IAM, CloudWatch, CloudFormation, Route 53, ELB, ECS/EKS, DynamoDB, SNS, SQS, API Gateway.

Gotcha: AWS free tier has limits. Set up billing alerts immediately to avoid surprise charges. Even small misconfigurations (e.g., forgotten NAT Gateway) can cost money.

9. What basic support in AWS includes?

Show answer * 24x7 customer service
* Trusted Advisor
* AWS personal Health Dashoard

Remember: AWS support tiers: Basic (free), Developer ($29/mo), Business ($100/mo, production workloads), Enterprise ($15K/mo, TAM + concierge). Business is the minimum for production.

10. What is AWS Rekognition?

Show answer AWS definition: "Amazon Rekognition makes it easy to add image and video analysis to your applications using proven, highly scalable, deep learning technology that requires no machine learning expertise to use."

Learn more [here](https://aws.amazon.com/rekognition)

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

11. What is "AWS Infrastructure Event Management"?

Show answer AWS Definition: "AWS Infrastructure Event Management is a structured program available to Enterprise Support customers (and Business Support customers for an additional fee) that helps you plan for large-scale events such as product or application launches, infrastructure migrations, and marketing events."

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

12. What is AWS Cloud9 and what development capabilities does it offer?

Show answer AWS: "AWS Cloud9 is a cloud-based integrated development environment (IDE) that lets you write, run, and debug your code with just a browser"

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

13. What is the AWS well-architected framework and what pillars it's based on?

Show answer AWS definition: "The Well-Architected Framework has been developed to help cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications. Based on five pillars — operational excellence, security, reliability, performance efficiency, and cost optimization"

Learn more [here](https://aws.amazon.com/architecture/well-architected)

Remember: the 6 pillars — OSRCPS: Operational excellence, Security, Reliability, Cost optimization, Performance efficiency, Sustainability.

14. What is AWS CloudShell?

Show answer AWS: "AWS CloudShell is a browser-based shell that makes it easy to securely manage, explore, and interact with your AWS resources."

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

15. What is AWS SWF (Simple Workflow Service)?

Show answer Amazon definition: "Amazon SWF helps developers build, run, and scale background jobs that have parallel or sequential steps. You can think of Amazon SWF as a fully-managed state tracker and task coordinator in the Cloud."

Learn more on Amazon Simple Workflow Service [here](https://aws.amazon.com/swf)

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

16. What is "Delay Queue" in regards to SQS?

Show answer It's the time in seconds to delay the delivery of new messages (when they reached the queue already).

The limit as of today is 15 minutes.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

17. What is an "Availability Zone" (AZ)?

Show answer One or more discrete data centers with redundant power and networking.

Remember: AZs are physically separate data centers with independent power, cooling, and networking. Connected via low-latency links within a region.

Gotcha: AZ names are randomized per account — us-east-1a in your account might be a different physical AZ than in another account. Use AZ IDs for consistency.

18. What is AWS Quick Starts?

Show answer AWS definition: "Quick Starts are built by AWS solutions architects and partners to help you deploy popular technologies on AWS, based on AWS best practices for security and high availability."

Read more [here](https://aws.amazon.com/quickstart)

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

19. In regards to disaster recovery, what is RTO and RPO?

Show answer RTO - The maximum acceptable length of time that your application can be offline.

RPO - The maximum acceptable length of time during which data might be lost from your application due to an incident.

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

🟡 Medium (25)

1. What would you use for adding image and video analysis to your application?

Show answer AWS Rekognition

Remember: AWS services follow a naming pattern. Learn the core 20 services first: EC2, S3, RDS, Lambda, VPC, IAM, CloudWatch, CloudFormation, Route 53, ELB, ECS/EKS, DynamoDB, SNS, SQS, API Gateway.

Gotcha: AWS free tier has limits. Set up billing alerts immediately to avoid surprise charges. Even small misconfigurations (e.g., forgotten NAT Gateway) can cost money.

2. True or False? Each AWS region is designed to be completely isolated from the other AWS regions

Show answer True. AWS regions are geographically isolated and fully independent. Data is never automatically replicated across regions unless you explicitly configure it.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

3. Which service is often referred to as "used for decoupling applications"?

Show answer AWS SQS. Since it's a messaging queue so it allows applications to switch from synchronous communication to asynchronous one.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

4. Explain the following in regards to SNS:

Show answer * Topics - used for grouping multiple endpoints
* Subscribers - the endpoints where topics send messages to
* Publishers - the provider of the message (event, person, ...)

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

5. Explain Availability zones.

Show answer Availability zones are like different neighborhoods within a city. Each zone is in a separate area, making it less likely for a single event, like a power outage or a storm, to affect all the zones. So, if something happens in one zone, your services in other zones remain unaffected.
In context with cloud environment, these are distinct locations within a region, designed to be isolated from failures in other zones. They provide high availability and redundancy.

Remember: AZs are physically separate data centers with independent power, cooling, and networking. Connected via low-latency links within a region.

Gotcha: AZ names are randomized per account — us-east-1a in your account might be a different physical AZ than in another account. Use AZ IDs for consistency.

6. What it means "best effort ordering" in regards to SQS?

Show answer It means messages in the queue can be out of order.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

7. True or False? Each AWS account can store up to 500 PetaByte of data. Any additional storage will cost double

Show answer False. Unlimited capacity.

Remember: AWS cost management: Cost Explorer (visualize), Budgets (alerts), Trusted Advisor (optimization), Savings Plans (commit for discounts), Reserved Instances (specific instance savings).

8. What is an ARN (Amazon Resource Name) and how is it structured?

Show answer ARN (Amazon Resources Names) are used for uniquely identifying different AWS resources.
It is used when you would like to identify resource uniqely across all AWS infrastructures.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

9. Describe AWS Data Pipeline and its functionalities.

Show answer Data Pipeline: It's a web service for processing and moving data between different AWS services and on-premises data sources.
Functionalities: ETL (Extract, Transform, Load), scheduling, and data transformation are significant capabilities. projects/knowledge/interview/aws/446-describe-aws-data-pipeline-and-its-functionalities.txt

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

10. Which (free) tool would you use to get information on cost savings?

Show answer Trusted Advisor

Remember: AWS cost management: Cost Explorer (visualize), Budgets (alerts), Trusted Advisor (optimization), Savings Plans (commit for discounts), Reserved Instances (specific instance savings).

11. Explain the following policy:

Show answer This policy permits to perform any action on any resource. It happens to be the "AdministratorAccess" policy.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

12. Explain the following

Show answer AWS regions are data centers hosted across different geographical locations worldwide.

Within each region, there are multiple isolated locations known as Availability Zones. Each availability zone is one or more data-centers with redundant network and connectivity and power supply. Multiple availability zones ensure high availability in case one of them goes down.

Edge locations are basically content delivery network which caches data and insures lower latency and faster delivery to the users in any location. They are located in major cities in the world.

13. What prefix do custom AWS HTTP headers use?

Show answer AWS custom HTTP headers start with `x-amz-`. Examples: `x-amz-request-id` (unique request identifier), `x-amz-server-side-encryption` (S3 encryption status), `x-amz-meta-*` (user-defined S3 object metadata). These headers are used across AWS services for authentication (Signature V4), metadata, and request tracking.

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

14. Which service would you use for data or events streaming?

Show answer Amazon Kinesis. It ingests and processes real-time streaming data (clickstreams, IoT telemetry, logs) at scale, with options for Data Streams, Firehose, and Analytics.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

15. True or False? Each region has a minimum number of 1 availability zones and the maximum is 4

Show answer False. The minimum is 2 while the maximum is 6.

Remember: Region = geographic area (us-east-1). AZ = isolated datacenter(s) within a region (us-east-1a). Edge Location = CDN cache point.

Gotcha: not all services are available in all regions. us-east-1 (N. Virginia) always gets new services first.

Remember: 'RAE' — Region > Availability Zone > Edge Location. Like Country > City > Neighborhood.

16. What would you use for preparing and combining data for analytics or ML?

Show answer AWS Glue. It's a serverless ETL service that discovers, catalogues, and transforms data so it's ready for analytics or ML pipelines (works with S3, Redshift, RDS, etc.).

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

17. Which service would you use if you need messaging queue?

Show answer Simple Queue Service (SQS)

Remember: AWS services follow a naming pattern. Learn the core 20 services first: EC2, S3, RDS, Lambda, VPC, IAM, CloudWatch, CloudFormation, Route 53, ELB, ECS/EKS, DynamoDB, SNS, SQS, API Gateway.

Gotcha: AWS free tier has limits. Set up billing alerts immediately to avoid surprise charges. Even small misconfigurations (e.g., forgotten NAT Gateway) can cost money.

18. What "default retention of messages" means?

Show answer It refers to a retention period in which a message has to consumed/processed and deleted from the queue.

As of today, the retention of a message is 4 days by default and the maximum allows is 14 days.

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

19. What's the limitation on message size in SQS?

Show answer 256 KB per message. For larger payloads, use the Extended Client Library to store the body in S3 and send a pointer through SQS.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

20. What should you use to grant access between two AWS services?

Show answer Use an IAM Role with an attached IAM Policy. The role defines who can assume it (trust policy), and the policy defines what actions are allowed. Example: an EC2 instance assumes a role with an S3 read policy to access a bucket — no hardcoded credentials needed. This follows the principle of least privilege from the AWS Well-Architected Framework.

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

21. What ways are there to access AWS?

Show answer * AWS Management Console
* AWS CLI
* AWS SDK

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

22. What is the maximum size of an SNS notification payload?

Show answer 256 KB. If you need to send larger payloads, store the data in S3 and include the S3 reference in the notification.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

23. What AWS Resource Groups used for?

Show answer Amazon definition: "You can use resource groups to organize your AWS resources. Resource groups make it easier to manage and automate tasks on large numbers of resources at one time. "

Learn more [here](https://docs.aws.amazon.com/ARG/latest/userguide/welcome.html)

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

24. True or False? Processes/Applications use from the SDK the SendMessage API in order to send messages to the queue

Show answer True. Applications use the SendMessage API from the AWS SDK to publish messages to SQS queues. Messages remain in the queue until a consumer processes and deletes them.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

25. What are "APN Consulting Partners"?

Show answer Amazon definition: "APN Consulting Partners are professional services firms that help customers of all types and sizes design, architect, build, migrate, and manage their workloads and applications on AWS, accelerating their journey to the cloud."

Learn more [here](https://aws.amazon.com/partners/consulting)

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

🔴 Hard (11)

1. How do you estimate AWS costs?

Show answer * TCO calculator
* AWS simple calculator
* Cost Explorer
* AWS Budgets
* Cost Allocation Tags

Remember: AWS cost management: Cost Explorer (visualize), Budgets (alerts), Trusted Advisor (optimization), Savings Plans (commit for discounts), Reserved Instances (specific instance savings).

2. What high availability means from AWS perspective?

Show answer * Application/Service is running in at least 2 availability zones
* Application/Service should survive (= operate as usual) a data center disaster

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

3. Which disaster recovery option has the highest downtime and which has the lowest?

Show answer Lowest - Multi-site
Highest - The cold method

Remember: AWS services follow a naming pattern. Learn the core 20 services first: EC2, S3, RDS, Lambda, VPC, IAM, CloudWatch, CloudFormation, Route 53, ELB, ECS/EKS, DynamoDB, SNS, SQS, API Gateway.

Gotcha: AWS free tier has limits. Set up billing alerts immediately to avoid surprise charges. Even small misconfigurations (e.g., forgotten NAT Gateway) can cost money.

4. Your hosts scale down and then back up quite often. What's your take on that?

Show answer Often circular scaling (scale down, up and vice versa) is not a sign that the threshold set for scaling down and up are met quite often. In most cases that's a sign for you to adjust the threshold so scaling down doesn't happen as often.

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

5. You have two applications who communicate synchronously. It worked fine until there suddenly a spike of traffic. What change you might apply in this case?

Show answer More details are missing to determine for sure but it might be better to decouple the applications by introducing one of the following:

* Queue model with SQS
* Publisher/Subscriber model with SNS

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

6. Explain "producer" and "consumer" in regards to messaging queue

Show answer Producer is the application or in general, the source that sends messages to the queue.

Consumer is the process or application that pulls the messages from the queue.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

7. What is AWS SNS and how is it different from SQS?

Show answer * SNS (Simple Notification Service): It's a publish-subscribe service allowing message broadcasting to various recipients.
* SQS (Simple Queue Service): It's a message queue service for decoupling services and handling asynchronous communication between distributed systems.

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

8. What's a Fan-Out pattern?

Show answer A messaging pattern where a single message is send to multiple destinations (often simultaneously). So one-to-many broadcast message.

Remember: the AWS Well-Architected Framework's 6 pillars (OSRCPS) should guide every architecture decision: Operational Excellence, Security, Reliability, Cost, Performance, Sustainability.

9. How SNS is different from SQS?

Show answer SNS, as opposed to SQS, works in a publisher/subscriber model. Where's SQS works in Producer/Consumer model.

SQS delivers the message to one consumer where's SNS will send a message to multiple subscribers.

Gotcha: AWS service limits (now called 'quotas') can silently block deployments. Check Service Quotas dashboard and request increases proactively before launch.

10. What types of disaster recovery techniques AWS supports?

Show answer * The Cold Method - Periodically backups and sending the backups off-site
* Pilot Light - Data is mirrored to an environment which is always running
* Warm Standby - Running scaled down version of production environment
* Multi-site - Duplicated environment that is always running

Remember: AWS support tiers: Basic (free), Developer ($29/mo), Business ($100/mo, production workloads), Enterprise ($15K/mo, TAM + concierge). Business is the minimum for production.

11. True or False? It's possible to have duplicated messages in the queue

Show answer True. It's referred to as "at least once delivery".

Remember: AWS services follow a naming pattern. Learn the core 20 services first: EC2, S3, RDS, Lambda, VPC, IAM, CloudWatch, CloudFormation, Route 53, ELB, ECS/EKS, DynamoDB, SNS, SQS, API Gateway.

Gotcha: AWS free tier has limits. Set up billing alerts immediately to avoid surprise charges. Even small misconfigurations (e.g., forgotten NAT Gateway) can cost money.