Question 1
Difficulty: medium
How would you design a highly available and secure AWS environment for a new application?
Sample answer
I’d start by separating the environment into clearly defined layers: networking, compute, data, and access control. For availability, I’d deploy across at least two Availability Zones, put the application behind an Application Load Balancer, and use Auto Scaling so capacity adjusts with demand. For security, I’d keep resources private where possible, use security groups with least-privilege rules, and control outbound traffic through network ACLs or routing design if needed. I’d also make sure IAM roles are used instead of long-lived credentials, and I’d store secrets in AWS Secrets Manager or Parameter Store. For data protection, I’d enable encryption at rest with KMS and enforce TLS in transit. I’d also set up logging early with CloudTrail, CloudWatch, and centralized log storage so we can audit changes and troubleshoot quickly. My goal is always to build something resilient, secure, and easy to operate from day one rather than patching it later.
Question 2
Difficulty: medium
Describe a time you had to troubleshoot an AWS performance issue in production. What did you do?
Sample answer
In a previous role, we had an application that started timing out under normal traffic, but only during peak business hours. I began by checking CloudWatch metrics for CPU, memory, load balancer latency, and target response time, which showed the issue wasn’t just compute saturation. I then reviewed application logs and noticed a pattern of slow database queries. After that, I looked at RDS metrics and found high read latency and connection spikes. The fix involved a combination of indexing the most expensive queries, adding a read replica for read-heavy traffic, and adjusting the application’s connection pooling settings. I also updated alarms so we’d catch the problem earlier if latency began climbing again. What I learned from that situation is that AWS issues are often multi-layered, so I try to isolate whether the bottleneck is in the app, the network, compute, or database before making changes. That approach saves time and reduces guesswork.
Question 3
Difficulty: easy
How do you implement Infrastructure as Code in AWS, and why is it important?
Sample answer
I treat Infrastructure as Code as the default way to build and manage AWS environments because it gives us repeatability, auditability, and faster recovery. In practice, I’ve used Terraform and CloudFormation depending on the team’s standards. I usually break infrastructure into reusable modules or nested stacks so networking, compute, security, and observability are defined cleanly and can be versioned in Git. I also make sure changes go through pull requests and automated validation, because infrastructure should be reviewed like application code. The biggest benefit is consistency: if we need to recreate an environment, scale a project, or fix a drift issue, we can do it reliably instead of relying on manual console changes. It also helps with compliance, since every change has a history and can be tied back to a pipeline. In my experience, teams move faster long-term when infrastructure is treated as code instead of a one-off setup task.
Question 4
Difficulty: medium
How would you secure IAM in AWS for a team that manages multiple environments?
Sample answer
My approach is to make IAM as simple as possible while still enforcing least privilege. I would start by defining roles based on job function and environment, rather than giving broad access to services or accounts. For example, developers might have read-only access in production but fuller access in non-production, while operations staff could have more targeted permissions for deployment and support. I prefer role-based access with federated identity, so users authenticate through a central identity provider and assume temporary roles rather than using static IAM users. I also use permission boundaries or SCPs where appropriate to prevent accidental privilege escalation in an organization. For sensitive actions, I’d protect them with MFA and log everything through CloudTrail. I like to review IAM regularly because permissions tend to grow over time if nobody cleans them up. A good IAM model should reduce risk without slowing down the team.
Question 5
Difficulty: medium
What steps would you take if an EC2-based application suddenly became unreachable?
Sample answer
First, I’d narrow down whether the issue is network, instance, load balancer, or application related. I’d check the instance health status in EC2, then verify security groups, route tables, NACLs, and any changes to the load balancer or target group. If the instance itself looks healthy, I’d test whether the application process is running and whether the service is listening on the expected port. I’d also review CloudWatch logs and metrics for clues like high CPU, disk exhaustion, or memory pressure. If the app sits behind an ALB, I’d inspect target health and listener rules because a misrouted path or failing health check can make a healthy instance appear unreachable. If needed, I’d use Systems Manager Session Manager or a temporary bastion path to inspect the box without opening unnecessary inbound ports. My priority is to restore service quickly, but I also want to identify the root cause so we don’t repeat the incident.
Question 6
Difficulty: easy
Tell me about a time you improved cloud cost efficiency without hurting performance.
Sample answer
I worked on an environment where we were paying for far more capacity than our usage justified, especially outside business hours. I started by analyzing CloudWatch metrics, Cost Explorer, and instance utilization patterns to see where we were consistently overprovisioned. We found that several EC2 instances were running at very low CPU and memory usage for most of the month, so I right-sized those workloads and introduced Auto Scaling for the services that could handle it. I also moved some non-critical workloads to a schedule so they only ran when needed, and I reviewed storage usage to remove old snapshots and unused EBS volumes. For databases, I checked whether reserved capacity made sense based on the steady-state usage. The important part was making sure we didn’t optimize blindly; I validated each change against performance metrics and user experience. In the end, we lowered monthly spend meaningfully while keeping response times stable, which made the changes easy to justify to the business.
Question 7
Difficulty: medium
How do you approach deploying an application in AWS with minimal downtime?
Sample answer
I usually aim for deployment strategies that decouple release from risk. If the application supports it, I prefer blue/green or canary deployments because they let us validate a new version before fully shifting traffic. With an ALB in front, I can route traffic gradually and monitor key metrics like error rate, latency, and request success before proceeding. I also make sure the deployment pipeline includes health checks, rollback logic, and clear approval gates for production. For data changes, I’m careful to make them backward compatible so the new and old versions can run safely during the transition. If downtime is unavoidable, I plan it during the lowest traffic window and communicate clearly with stakeholders ahead of time. The biggest thing I’ve learned is that successful deployments are mostly about preparation: automation, testing, and observability. If those pieces are in place, releases become routine instead of stressful.
Question 8
Difficulty: easy
How would you set up monitoring and alerting for a multi-tier AWS application?
Sample answer
I’d build monitoring around the user experience and the components that can fail independently. At the infrastructure level, I’d track EC2, ALB, RDS, Lambda, or container metrics depending on the architecture. At the application level, I’d monitor response time, error rate, throughput, and business-specific signals like failed orders or login failures. CloudWatch is usually my starting point, but I also like centralized dashboards and log aggregation so operators can correlate metrics with logs quickly. For alerting, I try to avoid noisy alerts by focusing on actionable thresholds and anomaly patterns rather than every small fluctuation. I’d create alerts for things like unhealthy targets, elevated 5xx responses, database connection exhaustion, or sudden latency spikes. If the environment is production, I’d route critical alerts to the on-call channel and make sure every alert has a clear owner and response expectation. Good monitoring should tell us what is broken, how bad it is, and where to look next.
Question 9
Difficulty: easy
A developer wants broad access to AWS resources to move faster. How would you handle that request?
Sample answer
I’d start by understanding what the developer actually needs to do, because broad access is often a symptom of unclear requirements rather than a real necessity. I’d ask for the specific services, actions, and environments involved, then design a permission set that supports those tasks without opening unnecessary risk. My goal would be to make access easy to use but constrained enough to protect production and sensitive data. In practice, that might mean separate roles for development, deployment, and production read access, with temporary elevation only when required. I’d also suggest using automation and self-service tooling so the developer can work efficiently without asking for manual exceptions every time. If they truly need something unusual, I’d time-box the access and document the reason. I find that most teams are happy to accept least privilege when it doesn’t slow them down, so I focus on making secure access practical rather than restrictive.
Question 10
Difficulty: hard
How do you handle an AWS incident when you are the first engineer on call?
Sample answer
When I’m first on call, I focus on stabilizing the situation before trying to solve everything at once. I’ll quickly confirm the scope of the issue, identify what users are seeing, and check the most likely failure points such as alarms, load balancers, application logs, and recent deployments. If there’s a clear rollback path, I’ll use it early rather than waiting too long, because restoring service is the priority. At the same time, I’ll keep a simple incident timeline so I know what changed and what actions were taken. I also make sure communication is happening: updates to stakeholders, support teams, and anyone else who needs to know the current status. Once the service is stable, I shift into root cause analysis and capture follow-up tasks, such as better alerts, stronger automation, or improved deployment controls. I think a strong on-call engineer stays calm, communicates clearly, and avoids making the situation worse by changing too many variables at once.
