10个重要的AWS面试问题 *
Toptal sourced essential questions that the best AWS developers and engineers can answer. Driven from our community, we encourage experts to submit questions and offer feedback.
立即聘请一名顶级AWS开发人员
是顶级自由软件开发人员的专属网络吗, designers, finance experts, product managers, 和世界上的项目经理. Top companies hire Toptal freelancers for their most important projects.Interview Questions
EC2 instance metadata is a service accessible from within EC2 instances, 哪个允许查询或管理关于给定运行实例的数据.
It is possible to retrieve an instance’s IAM access key by accessing the 我/安全凭证/角色名 metadata category. This returns a temporary set of credentials that the EC2 instance automatically uses for communicating with AWS services.
SQS是Amazon的完全托管分布式队列服务. Queues are useful for handling communication between different services or other components in distributed systems.
A DLQ is a special queue for messages that could not be processed properly. These queues are specially used for debugging and troubleshooting applications.
AWS CodeCommit本质上是一个托管服务.e. Amazon manages and scales it behind the scenes for you, just like S3—for Git-based source control.
AWS CodeBuild用于构建, test, and generate artifacts—files that are generated from successful build steps—for deployment. This, too, is a managed service, doing provisioning and scaling automatically.
AWS CodeDeploy自动将应用程序部署到几种类型 compute resources 例如EC2实例或ECS集群.
AWS CodePipeline is a continuous delivery service that allows automating and integrating build, test, and deploy processes.
申请加入Toptal的发展网络
并享受可靠、稳定、远程 自由AWS开发人员职位
EKS, or 用于Kubernetes的Amazon弹性容器服务是亚马逊的托管Kubernetes服务. 此服务提供托管的 Kubernetes控制平面 这是很容易得到的,我.e. 它们为您运行多个主节点.
ECS, or 弹性货柜服务是亚马逊的容器编排服务. This service is used to manage containers and their lifecycle within clusters.
Fargate is an ECS launch type which allows you to run containers in serverless clusters. In other words, it allows you to run containers without needing to manage the underlying cluster infrastructure.
Suppose you have hired a team of DevOps freelancers to set up your infrastructure. You create an IAM group called “devops” and add the team to that group. After the team finishes setting your infrastructure up, they leave your project. 你应该采取什么行动?
You should delete only the user accounts from the developers, and keep the IAM group. It is possible that, in the future, you will want to hire more DevOps freelancers to change your infrastructure.
Keeping the IAM group will mean you kept the underlying set of policies, and therefore, 未来的用户可以重用这些策略.
Explain the following CloudFormation template and what is wrong with it:
Mappings:
RegionMap:
us-east-1:
:“HVM64 ami-0ff8a91507f77f867”
us-west-1:
:“HVM64 ami-0bdb828fd58c52235”
eu-west-1:
:“HVM64 ami - 047 bb4163c506cd98”
ap-southeast-1:
:“HVM64 ami - 08569 b978cc4dfa10”
ap-northeast-1:
:“HVM64 ami-06cd52961ce9f0d85”
Resources:
myEC2Instance:
类型:“EC2 AWS::::实例”
Properties:
ImageId: !FindInMap [RegionMap, !参考“AWS::Region”,HVM64]
InstanceType: !Ref InstanceType
这个CloudFormation模板包含一个 Mappings section, which is useful for defining key-value pairs to be used in other parts of the template. In this case, the RegionMap is defining a mapping between region names and the respective AMI IDs of a virtual machine image in each of those regions.
In the Resources section, the RegionMap 然后使用正确的 ImageId. However, the InstanceType 属性尝试使用名为 InstanceType, which is missing. 参数对于重用模板很有用, by allowing for those to be customized during stack updates or creations.
要修复这个模板,可以添加以下部分. 它将允许输入一个实例类型并提供一个默认类型:
Parameters:
InstanceType:
Type: String
Default: t2.micro
There are currently three types of managed load balancers offered by AWS.
应用程序负载均衡器:此负载均衡器在OSI模型的第7层工作. It can be used to load-balance HTTP and HTTPS applications and can invoke Lambda functions, 在其他几个特性中.
Network Load Balancer: Used for extreme performance, this load balancer operates at Layer 4 of the OSI model. It can, therefore, load-balance any kind of TCP traffic and can handle large amounts of requests with low latency.
Classic Load Balancer:此负载均衡器在OSI模型的第4层或第7层工作. It is now mostly used for legacy applications that run on EC2-Classic since application load balancers provide more features.
All at once这是最快的模式. In this case, Elastic Beanstalk will simply stop all the running instances and then will deploy the new version to these instances.
Immutable: In this mode, Elastic Beanstalk will create a new Auto Scaling Group and deploy the new instances there. Then, 如果部署成功, it will replace the old Auto Scaling Group with the newly created one.
Rolling: During the deployment, Elastic Beanstalk will deploy the new application version to some of the currently running instances, and repeat that process until all instances are running the same version. Using this mode, 应用程序将低于容量运行, 但是零停机时间,没有额外的成本.
与其他批次一起轧制: In this mode, Elastic Beanstalk will make sure there is no capacity reduction. It does so by first starting new instances with the new version of the application, 然后才将新版本部署到旧实例.
AWS S3服务提供读写后一致性 PUTs of new objects, meaning that as soon as an object is written to an S3 bucket, it can be retrieved.
However, suppose we tried retrieving an object and received a “Not Found” response. 因为找不到它,我们马上加上去. 只有一小段时间, we’ll be unable to retrieve it because the Not Found response will be cached. 因此,在这种情况下,S3只是 eventually consistent. Deleting or updating existing objects are also eventually consistent operations.
解释IAM Policy的作用:
{
“版本”:“2012-10-17”,
"Statement": [
{
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
“资源”:“在攻击:aws: s3:::公司数据”
},
{
"Action": [
"ecs:RunTask"
],
"Effect": "Allow",
"Condition": {
"ArnEquals": {
:“ecs:集群攻击:aws: ecs: us-east-1:123456789012:集群/刺激”
}
},
"Resource": "arn:aws:ecs:us-east-1:123456789012:task-definition/update-tables:*"
}
]
}
This IAM policy allows any IAM identity or AWS resource that has it attached to list all objects from the company-data bucket.
的任何版本都可以运行 update-tables task definition on the prod ECS cluster.
面试不仅仅是棘手的技术问题, 所以这些只是作为一个指南. 并不是每一个值得雇佣的“A”候选人都能回答所有的问题, 回答所有问题也不能保证成为A级考生. At the end of the day, 招聘仍然是一门艺术,一门科学,需要大量的工作.
Why Toptal
提出面试问题
提交的问题和答案将被审查和编辑, 并可能会或可能不会选择张贴, 由Toptal全权决定, LLC.
寻找AWS开发人员?
Looking for AWS Developers? 查看Toptal的AWS开发人员.
David Reay
David is an AWS expert, 敏捷和安全专业, 拥有超过14年经验的注册建筑师和工程师. 他专攻系统工程, solutions architecture, continuous integration, 自动化部署工具, serverless development, and DevOps. David喜欢在快节奏的团队中工作.
Show More
Alex VKO
Alex is a passionate technologist and successful startup executive with nine years of professional experience in engineering. 作为一个有商业头脑的科技宅男, he likes to architect and deliver high-quality implementation that meets business needs. 他曾与银行和抵押机构合作, advised CTOs, 领导软件和数据科学团队, 并持续交付高绩效的客户项目.
Show More
Dmitry Kireev
Dmitry is a cloud architect and site reliability engineer with over a decade of intense professional experience strictly adhering to the DevOps methodology. He has architected and built multiple platform-agnostic infrastructures from scratch for modern cloud systems. Dmitry has a proven track record of hands-on operations in high-scale environments. He is also proficient with IaC, automation, and scripting, as well as monitoring and observability.
Show MoreToptal Connects the Top 3% 世界各地的自由职业人才.
加入Toptal社区.