11 S3 - gannurohith/devops-interview-wiki GitHub Wiki

Amazon Route 53:

  1. What is Amazon Route 53? A scalable and highly available Domain Name System (DNS) web service.

  2. What routing policies are supported in Route 53?

    • Simple
    • Weighted
    • Latency-based
    • Failover
    • Geolocation
    • Geoproximity
    • Multi-value answer
  3. What is a hosted zone? A container for DNS records associated with a domain.

  4. What is the difference between public and private hosted zones?

    • Public: accessible over the internet.
    • Private: used within one or more VPCs.
  5. What is a health check in Route 53? Monitors the health of endpoints to determine DNS response behavior.

Amazon CloudFront (CDN):

  1. What is CloudFront? A Content Delivery Network (CDN) that caches content at edge locations to reduce latency.

  2. What are edge locations in CloudFront? Global data centers that serve cached copies of content to users.

  3. What is an origin in CloudFront? The source of content, such as an S3 bucket or an EC2 instance.

  4. How can CloudFront restrict access to S3 content? Use signed URLs or signed cookies with Origin Access Control (OAC).

  5. How do you invalidate CloudFront cache? Submit an invalidation request using the AWS Console or CLI.

  6. What is Field-Level Encryption in CloudFront? Encrypts sensitive data at the application layer before it is sent to the origin.

  7. How does CloudFront integrate with WAF? AWS WAF can be associated with CloudFront to protect against common web exploits.

Amazon S3:

  1. What is Amazon S3? An object storage service that offers scalability, data availability, security, and performance.

  2. What are S3 storage classes?

  • Standard
  • Intelligent-Tiering
  • One Zone-IA
  • Glacier
  • Glacier Deep Archive
  1. How do you secure access to S3 buckets? Use bucket policies, IAM policies, ACLs, and block public access settings.

  2. What is bucket versioning? Allows you to preserve, retrieve, and restore every version of every object stored in your bucket.

  3. How can you serve static websites from S3? Enable static website hosting and point Route 53 alias record to the S3 website endpoint.

  4. What is an S3 lifecycle rule? A policy to automatically transition objects to different storage classes or delete them.

  5. What is a pre-signed URL in S3? A URL that grants temporary access to a private object.

  6. How do you enable encryption in S3?

  • Server-Side Encryption with S3-Managed Keys (SSE-S3)
  • SSE with KMS-Managed Keys (SSE-KMS)
  • SSE with Customer-Provided Keys (SSE-C)
  1. What is S3 Transfer Acceleration? Speeds up uploads using CloudFront edge locations.

  2. What is a multipart upload in S3? Uploads large objects in parts for improved performance and reliability.

  3. What is S3 Event Notification? Automatically triggers workflows using Lambda, SNS, or SQS when objects are uploaded or deleted.

  4. How do you log access requests in S3? Enable server access logging or CloudTrail data event logging.

  5. What happens when you delete a versioned object? A delete marker is added; object data still exists until the version is deleted.

  6. Can S3 be mounted as a file system? Yes, using tools like s3fs-fuse or AWS Storage Gateway.

  7. What are common reasons for Access Denied (403) errors in S3?

  • Block Public Access enabled
  • Insufficient bucket or IAM policy
  • Missing permissions on object
  1. How do S3 and CloudFront work together? S3 serves as the origin; CloudFront caches and distributes content with lower latency.

  2. What is Intelligent-Tiering in S3? Automatically moves data between access tiers based on usage patterns.

  3. How do you delete all objects in an S3 bucket? Use AWS CLI: aws s3 rm s3://bucket-name --recursive