Google News
AWS Interview Questions
Amazon VPC is known as Amazon Virtual Private Cloud (VPC), allowing you to control your virtual private cloud. Using this service, you can design your VPC right from resource placement and connectivity to security. And you can add Amazon EC2 instances and Amazon Relational Database Service (RDS) instances according to your needs. Also, you can define the communication between other VPCs, regions, and availability zones in the cloud.
Amazon Simple Queuing Service (SQS) is a fully managed message queuing service. Using this service, you can send, receive and store any quantity of messages between the applications. This service helps to reduce complexity and eliminate administrative overhead. In addition to that, it provides high protection to messages through the encryption method and delivers them to destinations without losing any message.
There are two types of queues known :
Standard Queues : It is a default queue type. It provides an unlimited number of transactions per second and at least one message delivery option. 
FIFO Queues : FIFO queues are designed to ensure that the order of messages is received and sent is strictly preserved as in the exact order that they sent.
The Storage Classes that are available in the Amazon S3 are the following :
* Amazon S3 Glacier Instant Retrieval storage class
* Amazon S3 Glacier Flexible Retrieval (Formerly S3 Glacier) storage class
* Amazon S3 Glacier Deep Archive (S3 Glacier Deep Archive)
* S3 Outposts storage class
* Amazon S3 Standard-Infrequent Access (S3 Standard-IA)
* Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA)
* Amazon S3 Standard (S3 Standard)
* Amazon S3 Reduced Redundancy Storage
* Amazon S3 Intelligent-Tiering (S3 Intelligent-Tiering)
Amazon Redshift helps analyze data stored in data warehouses, databases, and data lakes using Machine Learning (ML) and AWS-designed hardware. It uses SQL to analyze structured and semi-structured data to yield the best performance from the analysis. This service automatically creates, trains, and deploys Machine Learning models to create predictive insights.
Both Spot Instance and On-demand Instance are models for pricing.
Spot Instance On-demand Instance
With Spot Instance, customers can purchase compute capacity with no upfront commitment at all. With On-demand Instance, users can launch instances at any time based on the demand.
Spot Instances are spare Amazon instances that you can bid for. On-demand Instances are suitable for the high-availability needs of applications.
When the bidding price exceeds the spot price, the instance is automatically launched, and the spot price fluctuates based on supply and demand for instances. On-demand Instances are launched by users only with the pay-as-you-go model.
When the bidding price is less than the spot price, the instance is immediately taken away by Amazon. On-demand Instances will remain persistent without any automatic termination from Amazon.
Spot Instances are charged on an hourly basis. On-demand Instances are charged on a per-second basis
* Cross Region Replication is a feature that replicates the data from one bucket to another bucket which could be in a different region.

* It provides asynchronous copying of objects across buckets. Suppose X is a source bucket and Y is a destination bucket. If X wants to copy its objects to Y bucket, then the objects are not copied immediately.

Some points to be remembered for Cross Region Replication
Create two buckets : Create two buckets within AWS Management Console, where one bucket is a source bucket, and other is a destination bucket.

Enable versioning : Cross Region Replication can be implemented only when the versioning of both the buckets is enabled.

Amazon S3 encrypts the data in transit across AWS regions using SSL : It also provides security when data traverse across the different regions.

Already uploaded objects will not be replicated : If any kind of data already exists in the bucket, then that data will not be replicated when you perform the cross region replication.

Use cases of Cross Region Replication
Compliance Requirements : By default, Amazon S3 stores the data across different geographical regions or availability zone to have the availability of data. Sometimes there could be compliance requirements that you want to store the data in some specific region. Cross Region Replication allows you to replicate the data at some specific region to satisfy the requirements.

Minimize Latency : Suppose your customers are in two geographical regions. To minimize latency, you need to maintain the copies of data in AWS region that are geographically closer to your users.

Maintain object copies under different ownership: Regardless of who owns the source bucket, you can tell to Amazon S3 to change the ownership to AWS account user that owns the destination bucket. This is referred to as an owner override option.
Elastic Block Store is a service that provides a persistent block storage volume for use with EC2 instances in aws cloud. EBS volume is automatically replicated within its availability zone to prevent from the component failure. It offers high durability, availability, and low-latency performance required to run your workloads.
S3 bucket can be secured in two ways:
ACL (Access Control List) : ACL is used to manage the access of resources to buckets and objects. An object of each bucket is associated with ACL. It defines which AWS accounts have granted access and the type of access. When a user sends the request for a resource, then its corresponding ACL will be checked to verify whether the user has granted access to the resource or not.
When you create a bucket, then Amazon S3 creates a default ACL which provides a full control over the AWS resources.

Bucket Policies : Bucket policies are only applied to S3 bucket. Bucket policies define what actions are allowed or denied. Bucket policies are attached to the bucket not to an S3 object but the permissions define in the bucket policy are applied to all the objects in S3 bucket.

The following are the main elements of Bucket policy :
Sid : A Sid determines what the policy will do. For example, if an action that needs to be performed is adding a new user to an Access Control List (ACL), then the Sid would be AddCannedAcl. If the policy is defined to evaluate IP addresses, then the Sid would be IPAllow.

Effect : An effect defines an action after applying the policy. The action could be either to allow an action or to deny an action.

Principal : A Principal is a string that determines to whom the policy is applied. If we set the principal string as '*', then the policy is applied to everyone, but it is also possible that you can specify individual AWS account.

Action : An Action is what happens when the policy is applied. For example, s3:Getobject is an action that allows to read object data.

Resource : The Resource is a S3 bucket to which the statement is applied. You cannot enter a simply bucket name, you need to specify the bucket name in a specific format.
For example, the bucket name is freetimelearn-bucket, then the resource would be written as "arn:aws:s3""freetimelearn-bucket/*".
Stopping : You can stop an EC2 instance and stopping an instance means shutting down the instance. Its corresponding EBS volume is still attached to an EC2 instance, so you can restart the instance as well.
Terminating : You can also terminate the EC2 instance and terminating an instance means you are removing the instance from your AWS account. When you terminate an instance, then its corresponding EBS is also removed. Due to this reason, you cannot restart the EC2 instance.