AWS Interview

Questions
AWS IAM | AWS
EC2 | AWS VPC
1 What is AWS IAM, and
why is it important?
AWS Identity and Access
Management (IAM) is a service for
securely controlling access to AWS
resources. It enables you to
manage users, groups, and
permissions. IAM is crucial for
maintaining security by granting
the least privilege necessary.

Follow to learn more

@rajankfl
2 How does IAM differ from
resource-based policies
and identity-based
policies?
Identity-based policies are
attached to IAM users, groups, and
roles, while resource-based
policies are attached to AWS
resources. IAM policies define what
actions are allowed or denied on
resources, whereas resource-
based policies are used to grant
permissions to other accounts.

Follow to learn more

@rajankfl
3 What is the purpose of
IAM roles, and how are
they beneficial?
IAM roles are used to delegate
permissions to entities that you
trust. They are beneficial in
scenarios like EC2 instances
needing access to other AWS
services, allowing temporary
access without the need for long-
term security credentials.

Follow to learn more

@rajankfl
4 Explain the difference
between On-Demand
Instances and Reserved
Instances.
On-Demand Instances are billed
per hour without any upfront
payment, while Reserved Instances
involve an upfront payment to
reserve capacity for a specific
term, offering cost savings over
On-Demand Instances.

Follow to learn more

@rajankfl
5 How can you enhance
the security of your EC2
instances?
You can enhance EC2 instance
security by using security groups,
Network ACLs, IAM roles, and key
pairs for SSH access. Additionally,
enabling features like AWS Systems
Manager (SSM) for secure
management.

Follow to learn more

@rajankfl
6 What is an Amazon
Machine Image (AMI),
and how is it used with
EC2 instances?
An AMI is a pre-configured
template used to create EC2
instances. It includes the necessary
information to launch an instance,
such as the operating system,
application server, and
applications.

Follow to learn more

@rajankfl
7 What is Amazon VPC,
and why is it used?
Amazon VPC is a virtual network
dedicated to your AWS account. It
provides isolation for resources,
allowing you to launch AWS
resources in a logically isolated
section of the AWS Cloud.

Follow to learn more

@rajankfl
8 How does subnetting
work in Amazon VPC?
Subnetting in VPC involves dividing
the IP address range of your VPC
into subnets. Each subnet must be
associated with a specific
Availability Zone, providing fault
tolerance.

Follow to learn more

@rajankfl
9 What is the purpose of a
Network Access Control
List (NACL) in VPC?
A NACL is a stateless, numbered set
of rules that control traffic at the
subnet level. It acts as a firewall,
allowing or denying traffic based
on rules defined for inbound and
outbound traffic.

Follow to learn more

@rajankfl
10 How can you secure
access to your EC2
instances using IAM
roles?
By attaching an IAM role to an EC2
instance, you can grant it specific
permissions. The EC2 instance can
then securely access other AWS
resources without the need for
long-term credentials.

Follow to learn more

@rajankfl
11 Explain the
significance of the
default VPC in AWS.
The default VPC is created for every
AWS account in each region. It
simplifies the deployment of
instances by providing default
configurations, including subnets,
route tables, and security groups.

Follow to learn more

@rajankfl
12 What are EC2 instance
types, and how do
they differ?
EC2 instance types determine the
hardware of the host computer
used for the instance. Different
types offer varying amounts of
compute, memory, storage, and
networking capacity to meet
diverse workload requirements.

Follow to learn more

@rajankfl
13 How can you implement
cross-account access
using IAM roles, and what
are the security best
practices associated with
it?
Cross-account access involves
creating IAM roles in one AWS
account that another account can
assume. Security best practices
include using strict trust policies,
minimizing permissions in the role,
and regularly reviewing and auditing
cross-account access.

Follow to learn more

@rajankfl
14 Explain the process of
creating and managing EC2
instances in an Auto Scaling
group. How does it
contribute to high
availability and scalability?
Auto Scaling groups automatically
adjust the number of EC2 instances
in response to changes in demand. It
enhances availability by distributing
instances across multiple Availability
Zones, and it contributes to
scalability by dynamically adding or
removing instances based on
configured policies.

Follow to learn more

@rajankfl
15 Describe the use of VPC
Peering and its limitations.
How can you overcome
these limitations for more
complex networking
scenarios?
VPC Peering allows communication
between VPCs, but it has limitations
such as transitive peering and
overlapping CIDR blocks. For more
complex scenarios, you might use a
combination of VPC Peering, AWS
Transit Gateway, and/or VPN
connections to create a more flexible
and scalable network architecture.

Follow to learn more

@rajankfl
Thanks for
Reading
Follow me for more
Guides