AWS Devops Engineer
100+ AWS Devops Engineer Interview Questions and Answers
Q1. how do you troubleshoot a docker container that is going to die?
To troubleshoot a dying docker container, we can use logs, inspect the container, and check resource usage.
Check container logs using 'docker logs
' command Inspect the container using 'docker inspect
' command to check its status and configuration Check resource usage using 'docker stats
' command to see if it's running out of memory or CPU Restart the container using 'docker restart
' command if necessary
Q2. If i delete an instance on the console and then i deploy the same instance terraform template how will terraform behave?
Terraform will recreate the instance as per the template
Terraform will detect that the instance is missing and recreate it based on the template
The new instance will have the same configuration as defined in the template
Any changes made to the instance outside of Terraform will be lost
AWS Devops Engineer Interview Questions and Answers for Freshers
Q3. how do you take a backup of Linux logs to was S3 bucket?
Use AWS CLI to sync Linux logs to S3 bucket
Install AWS CLI on the Linux machine
Create an S3 bucket and configure IAM role with S3 permissions
Use AWS CLI command 'aws s3 sync' to sync logs to S3 bucket
Schedule a cron job to run the backup regularly
Q4. In how many ways we can create a role in aws?
There are multiple ways to create a role in AWS.
Using AWS Management Console
Using AWS CLI
Using AWS SDKs
Using AWS CloudFormation
Using AWS Identity and Access Management (IAM) APIs
Q5. What if I delete EC2 Machine from AWS Console and then apply Terraform, it will create a new machine or giving some error:?
Terraform will recreate the EC2 machine if it is deleted from AWS Console.
Terraform will detect that the EC2 machine is missing and recreate it according to the defined configuration in the Terraform script.
Deleting the EC2 machine from the AWS Console will not affect the Terraform configuration, as Terraform maintains its own state file.
Running Terraform apply after deleting the EC2 machine will result in the creation of a new machine with the specified configuration.
Q6. How can we set a automation job at evry friday to transfer data from dynamo db tables to s3 and which services are to be used..?
Use AWS Lambda and CloudWatch Events to automate data transfer from DynamoDB to S3 every Friday.
Create an AWS Lambda function to read data from DynamoDB tables and write to S3 bucket
Create a CloudWatch Events rule to trigger the Lambda function every Friday
Ensure that the Lambda function has the necessary permissions to access DynamoDB and S3
Test the automation job to ensure that data is transferred correctly
Share interview questions and help millions of jobseekers 🌟
Q7. how do you give executable permissions of a file only to the user?
To give executable permissions of a file only to the user, use the chmod command with the u+x option.
Open the terminal and navigate to the directory where the file is located.
Use the command 'chmod u+x filename' to give executable permissions to the user only.
Verify the permissions using the 'ls -l' command.
Q8. Manage projects with Repositories Clone a project to work on a local copy Control and track changes with Staging and Committing Branch and Merge to allow for work on different parts and versions of a project Pu...
read moreManaging projects with repositories involves cloning, staging, committing, branching, merging, pulling, and pushing changes.
Clone a project to work on a local copy: Use 'git clone
' to create a local copy of the project. Control and track changes with Staging and Committing: Use 'git add' to stage changes and 'git commit' to commit them.
Branch and Merge to allow for work on different parts and versions of a project: Use 'git branch' to create branches and 'git merge' to merge ...read more
AWS Devops Engineer Jobs
Q9. What have you used to check the quality of the code written to deploy
I have used code reviews, automated testing, static code analysis tools, and continuous integration to check the quality of code.
Code reviews by peers to catch bugs and ensure best practices
Automated testing using tools like Selenium for functional testing and JUnit for unit testing
Static code analysis tools like SonarQube to identify code smells and potential bugs
Continuous integration with tools like Jenkins to automate testing and deployment processes
Q10. What are the health checks after creating instances - 2/2? What do they mean?
Health checks after creating instances ensure the instances are functioning properly.
Instance status checks ensure the instance is reachable and responding to traffic.
System status checks ensure the underlying hardware is functioning properly.
Example: If an instance fails the system status check, it may indicate a problem with the underlying host hardware.
Q11. How to create soft link and hardlink How to create empty file in Linux?
To create a soft link, use the 'ln -s' command. To create a hard link, use the 'ln' command. To create an empty file, use the 'touch' command.
To create a soft link: ln -s
To create a hard link: ln
To create an empty file: touch
Q12. How do you use blue green deployment and what it is
Blue green deployment is a deployment strategy where two identical production environments are used to minimize downtime and risk.
Blue green deployment involves running two identical production environments, one 'blue' and one 'green'.
Traffic is routed to the 'blue' environment while the 'green' environment is updated and tested.
Once the 'green' environment is deemed stable, traffic is switched to it and the 'blue' environment becomes the new staging environment.
This strategy...read more
Q13. What is the use of chmod and chown command? give me one example?
chmod and chown commands are used to change file permissions and ownership respectively.
chmod command is used to change the permissions of a file or directory
chown command is used to change the ownership of a file or directory
Example: chmod 755 file.txt - This command gives read, write and execute permissions to the owner and read and execute permissions to group and others
Example: chown user1 file.txt - This command changes the ownership of file.txt to user1
Q14. What will be the IP range if i need 500 IPs?
The IP range for 500 IPs would typically be a /23 subnet.
For 500 IPs, you would need at least a /23 subnet.
A /23 subnet provides 512 IP addresses (2^9 = 512), with 510 usable IPs after subtracting network and broadcast addresses.
The IP range for a /23 subnet would be from x.x.x.0 to x.x.x.255.
Q15. what is the difference between a NAT gateway and an internet gateway
NAT gateway is used to provide internet access to private subnets while internet gateway is used to provide internet access to public subnets.
NAT gateway is used for outbound traffic while internet gateway is used for inbound and outbound traffic.
NAT gateway is associated with a private subnet while internet gateway is associated with a public subnet.
NAT gateway performs network address translation while internet gateway does not.
Example: NAT gateway is used to allow EC2 inst...read more
Q16. How can we do data extraction from Azure blob storage to anazon S3..?
Data extraction from Azure blob storage to Amazon S3 can be done using AWS Data Pipeline or Azure Data Factory.
Create a pipeline in AWS Data Pipeline or a data factory in Azure Data Factory
Add a copy activity to the pipeline or data factory
Configure the source as Azure Blob Storage and the destination as Amazon S3
Provide the necessary credentials and permissions for both sources
Run the pipeline or data factory to extract the data from Azure Blob Storage to Amazon S3
Q17. How to create the sub directories using mkdir command?
To create sub directories using mkdir command, use the -p option followed by the directory path.
Use the command 'mkdir -p directory/subdirectory'
The -p option creates parent directories if they don't exist
Multiple subdirectories can be created at once using 'mkdir -p directory/subdirectory1/subdirectory2'
Use 'mkdir -m' option to set permissions for the directory
Q18. on what basis you have implemented autoscaling in your project?
Autoscaling was implemented based on CPU utilization and network traffic.
Autoscaling was implemented to ensure that the application can handle sudden spikes in traffic.
CPU utilization and network traffic were used as metrics to trigger autoscaling.
The minimum and maximum number of instances were set based on the expected traffic.
Load testing was done to determine the optimal scaling thresholds.
Autoscaling policies were set to gradually add or remove instances to avoid sudden ...read more
Q19. DIFFERENCE NACL & SECURITY GROUPS DOCKERS SWARM, HOW DO WE INSTALL JENKINS,
Explanation of NACL, Security Groups, Docker Swarm, and Jenkins installation process.
NACL is a stateless firewall that controls inbound and outbound traffic at the subnet level.
Security Groups are stateful firewalls that control inbound and outbound traffic at the instance level.
Docker Swarm is a container orchestration tool that manages a cluster of Docker hosts.
Jenkins can be installed on a server using a package manager or by downloading and running the Jenkins WAR file.
Je...read more
Q20. how do you build and push a docker image to ECR?
To build and push a docker image to ECR, we need to create a Dockerfile, build the image, tag it, login to ECR, push the image to ECR.
Create a Dockerfile with necessary configurations
Build the image using docker build command
Tag the image using docker tag command
Login to ECR using AWS CLI command aws ecr get-login-password
Push the image to ECR using docker push command
Q21. What issues did you face while deploying the application
I faced issues with network connectivity, configuration errors, and dependency mismatches while deploying the application.
Network connectivity issues causing deployment failures
Configuration errors leading to incorrect application setup
Dependency mismatches causing compatibility issues
Resource constraints impacting deployment performance
Q22. Write terraform code to launch an ec2 instance in a vpc and attach a role to it
Launch an EC2 instance in a VPC and attach a role using Terraform
Define a VPC resource in Terraform
Define a subnet resource within the VPC
Create a security group for the EC2 instance
Define an IAM role for the EC2 instance
Launch an EC2 instance within the subnet and attach the IAM role
Q23. Terraform - - Null in terraform, provisionsers, most complex problem in terraform - want to deploy a new application in VPC, but ips are exhausted - route 53 - static website hosting on private S3 bucket - laun...
read moreAnswering questions related to Terraform, VPC, Route 53, S3 bucket, launch templates, and load balancer setup.
Use Terraform's null_resource and provisioners to handle complex problems
For deploying a new application in a VPC with exhausted IPs, consider using Elastic Load Balancing to distribute traffic
Utilize Route 53 for DNS management and routing traffic to the application
Host a static website on a private S3 bucket by configuring bucket policies and enabling static website...read more
Q24. how did you integrate Jenkins and Docker?
Jenkins and Docker can be integrated using Jenkins Docker plugin.
Install Docker plugin in Jenkins
Configure Docker Cloud in Jenkins
Create a Jenkins pipeline job and specify Docker image to be used
Use Docker commands in Jenkinsfile to build and push Docker images
Q25. what is ingress controller and how it is used in kubernetes networking
Ingress controller is a Kubernetes resource that manages external access to services within a cluster.
Ingress controller acts as a traffic manager, routing incoming traffic to the appropriate services based on rules defined in the Ingress resource.
It allows for the configuration of HTTP and HTTPS routing, load balancing, SSL termination, and more.
Popular Ingress controllers include Nginx Ingress Controller, Traefik, and HAProxy.
Ingress controllers can be used to expose multip...read more
Q26. Have you got any issues in pod, while creating or monitoring pods in the kubernetes cluster?
Yes, I have faced issues while creating or monitoring pods in a Kubernetes cluster.
One common issue is pods getting stuck in a pending state due to resource constraints or scheduling issues.
Another issue is pods crashing frequently due to misconfigured settings or incompatible container images.
Monitoring pods can be challenging, especially when dealing with a large number of pods and trying to track their health and performance.
Troubleshooting networking issues within the clu...read more
Q27. How to take backup of particular table from AWS RDS instance?
To take a backup of a particular table from AWS RDS instance, you can use the AWS Database Migration Service (DMS) or AWS Data Pipeline.
Use AWS Database Migration Service (DMS) to create a task that includes the specific table you want to backup.
Alternatively, you can use AWS Data Pipeline to schedule regular backups of the table to Amazon S3.
Ensure that you have the necessary IAM permissions to perform backup operations on the RDS instance.
Q28. What are branching strategies in GIT
Branching strategies in GIT are ways to manage code changes and collaboration among team members.
Gitflow - a popular branching model that uses a master branch for production-ready code and a develop branch for ongoing development
Trunk-based development - a strategy where all changes are made directly to the main branch, with frequent merges to keep the codebase up-to-date
Feature branching - a method where each feature or task is developed on a separate branch, then merged bac...read more
Q29. How to run the script in bash?
To run a script in bash, use the command 'bash scriptname.sh' or './scriptname.sh' if the script is executable.
Open the terminal or command prompt
Navigate to the directory where the script is located
Use the 'bash' command followed by the script name with the '.sh' extension
Alternatively, if the script is executable, use './scriptname.sh'
Ensure the script has the necessary permissions to be executed
Q30. what are use of Versioning in S3? Have you got any issues in working using S3?
Versioning in S3 allows for preserving, retrieving, and restoring every version of an object stored in a bucket.
Enables recovery from unintended user actions or application failures
Helps in maintaining different versions of objects for audit or compliance purposes
Prevents accidental deletion or overwriting of objects
Useful for tracking changes and rolling back to previous versions if needed
Q31. how does autoscaling work in AWS?
Autoscaling in AWS automatically adjusts the number of EC2 instances in a group based on demand.
Autoscaling groups are created and configured with minimum and maximum number of instances.
Scaling policies can be defined to adjust the number of instances based on metrics like CPU utilization or network traffic.
Autoscaling can be triggered manually or automatically based on CloudWatch alarms or scheduled events.
Autoscaling can also integrate with Elastic Load Balancing to distri...read more
Q32. What is maven What is maven default port no
Maven is a build automation tool used primarily for Java projects. It manages project dependencies and builds the project.
Maven is based on the concept of a Project Object Model (POM) file, which describes the project structure and dependencies.
It uses a centralized repository called Maven Central to download dependencies.
Maven can be used to compile, test, package, and deploy Java applications.
It provides a consistent and repeatable build process, making it easier to manage ...read more
Q33. how to give access of s3 bucket to user in a secure way?
Grant access to S3 bucket securely by using IAM policies and roles.
Create an IAM policy with specific permissions for the S3 bucket
Attach the IAM policy to an IAM role
Assign the IAM role to the user or group that needs access
Use bucket policies for more granular control if needed
Q34. how to push local repo to the github, explain steps with command.
Pushing a local repo to GitHub
Navigate to the local repository in the command line
Add the files to the staging area using 'git add .'
Commit the changes using 'git commit -m 'Your commit message''
Link the local repository to the GitHub repository using 'git remote add origin
' Push the changes to GitHub using 'git push origin master'
Q35. What is VPC? Explain in detail
VPC stands for Virtual Private Cloud, a virtual network dedicated to your AWS account.
VPC allows you to create a logically isolated section of the AWS Cloud where you can launch AWS resources.
You can define your own IP address range, create subnets, configure route tables, and network gateways within a VPC.
VPC provides security by allowing you to control inbound and outbound traffic to and from your AWS resources.
You can connect your VPC to your corporate data center using a ...read more
Q36. What is AWS IAM In-line Policy?
AWS IAM In-line Policy is a policy that is embedded directly into an IAM identity (user, group, or role) rather than being attached separately.
In-line policies are defined within the IAM identity itself.
They are useful for granting specific permissions to individual identities without creating separate policies.
In-line policies are not shared across multiple identities and are managed directly within the identity they are attached to.
Q37. What is VPC and define flow of VCP?
VPC stands for Virtual Private Cloud, a virtual network dedicated to your AWS account.
VPC allows you to create a logically isolated section of the AWS Cloud where you can launch resources in a virtual network.
It helps in controlling your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways.
The flow of VPC involves creating a VPC, defining subnets within the VPC, setting up...read more
Q38. how to automatically start/stop an instance at particular time?
Use AWS Lambda functions with CloudWatch Events to automatically start/stop instances at specific times.
Create a Lambda function to start/stop instances
Set up CloudWatch Events to trigger the Lambda function at specific times
Use IAM roles to grant necessary permissions to the Lambda function
Test the setup by scheduling a start/stop event for an instance
Q39. How many types of regions can be explained briefly?
There are 24 AWS regions globally, each consisting of multiple availability zones.
AWS has 24 regions worldwide
Each region consists of multiple availability zones
Regions are geographically dispersed to provide low latency and high availability
Examples of regions include us-east-1, eu-west-1, ap-southeast-2
Q40. what is AWS config and define it
AWS Config is a service that provides a detailed inventory of AWS resources and their configuration history.
AWS Config continuously monitors and records changes to resources and their configurations.
It provides a detailed view of resource inventory, configuration history, and configuration change notifications.
It helps in compliance auditing, security analysis, and resource change tracking.
AWS Config rules can be used to evaluate resource configurations against best practices...read more
Q41. Share Your experience on Creating AWS resources. GUI or using IAC tool?
I primarily use IAC tools like Terraform to create AWS resources for consistency, version control, and automation.
I prefer using IAC tools like Terraform for creating AWS resources as it allows for infrastructure as code, version control, and automation.
Using IAC tools ensures consistency in resource creation across environments.
GUI can be useful for quick prototyping or exploring AWS services, but IAC is more efficient for managing infrastructure at scale.
Examples of IAC too...read more
Q42. What is a pod in K8s?
A pod in K8s is the smallest deployable unit in Kubernetes, consisting of one or more containers that share resources.
Pods are used to group containers that need to work together, such as a web server and a database.
Pods share the same network namespace and can communicate with each other using localhost.
Pods can be managed, scaled, and monitored as a single unit in Kubernetes.
Each pod has a unique IP address within the Kubernetes cluster.
Q43. How does a pod communicate with other pods
Pods communicate with other pods through network communication within the same Kubernetes cluster.
Pods can communicate with each other using services, which provide a stable endpoint for communication.
Pods can use DNS names to communicate with other pods within the same cluster.
Pods can also communicate directly using IP addresses within the cluster network.
Communication between pods can be secured using network policies.
Examples: Using Kubernetes services to allow pods to co...read more
Q44. What is ECS and EKS. If code is paused state, how to troubleshoot in ECS How to troubleshoot if ingress controller is not working What is ALB?
ECS is Elastic Container Service and EKS is Elastic Kubernetes Service. Troubleshoot code in paused state by checking logs and restarting tasks. Troubleshoot ingress controller by checking configuration and logs. ALB is Application Load Balancer.
ECS is a managed container orchestration service by AWS
EKS is a managed Kubernetes service by AWS
To troubleshoot code in paused state in ECS, check CloudWatch logs, task definition, and restart tasks if needed
To troubleshoot ingress c...read more
Q45. what is Kubernetes networking and how does it work
Kubernetes networking is the way in which different pods and services communicate with each other within a Kubernetes cluster.
Kubernetes networking allows pods to communicate with each other across nodes in the cluster.
It uses a flat network model where each pod gets its own IP address.
Kubernetes networking can be implemented using various plugins like Calico, Flannel, or Cilium.
Network policies can be defined to control traffic flow between pods.
Services in Kubernetes provid...read more
Q46. what is the difference between ingress and service
Ingress controls the external access to services in a cluster, while service defines a set of pods and how they can be accessed.
Ingress manages external access to services in a cluster
Service defines a set of pods and how they can be accessed
Ingress can provide load balancing, SSL termination, and routing based on hostnames or paths
Service can be of type ClusterIP, NodePort, LoadBalancer, or ExternalName
Q47. How to deploy microservices?
Microservices can be deployed using containerization tools like Docker and orchestration tools like Kubernetes.
Use containerization tools like Docker to package each microservice along with its dependencies into a container image.
Leverage orchestration tools like Kubernetes to manage and deploy multiple microservices across a cluster of machines.
Implement continuous integration and continuous deployment (CI/CD) pipelines to automate the deployment process and ensure smooth up...read more
Q48. What are S3 life cycle rules
S3 life cycle rules automate the management of objects in S3 buckets based on predefined criteria.
Automate the transition of objects to different storage classes based on age or other criteria
Automatically delete objects after a certain period of time
Reduce storage costs by moving less frequently accessed data to cheaper storage options
Q49. What are the Devops tools, you have experience on?
I have experience with various DevOps tools including Jenkins, Docker, Ansible, and Terraform.
Jenkins
Docker
Ansible
Terraform
Q50. What is docker attached and detached mode how to get out of docker exec without closing the terminal of docker exec
Docker attached mode runs a container in the foreground, while detached mode runs it in the background.
In attached mode, you can see the container's output in the terminal where it was started.
In detached mode, the container runs in the background and you can continue using the terminal.
To exit a Docker exec session without closing the terminal, press Ctrl + P, Ctrl + Q.
You can also use the command 'exit' or 'Ctrl + D' to exit the Docker exec session.
Interview Questions of Similar Designations
Top Interview Questions for AWS Devops Engineer Related Skills
Interview experiences of popular companies
Calculate your in-hand salary
Confused about how your in-hand salary is calculated? Enter your annual salary (CTC) and get your in-hand salary
Reviews
Interviews
Salaries
Users/Month