Assignment 1

1. What is AWS, and how does it differ from traditional on-

premise infrastructure?
What is AWS?

Amazon Web Services (AWS) is a cloud computing platform provided by Amazon that offers
on-demand computing resources such as servers, storage, databases, networking, security,
analytics, and application services over the internet.

Instead of buying and maintaining physical hardware, users can rent resources from AWS and
pay only for what they use.
Traditional On-Premise Infrastructure

In on-premise infrastructure:

Servers, storage, and networking equipment are physically located in an organization’s

data center.
Organizations must purchase hardware upfront
Maintenance, power, cooling, security, and upgrades are the company’s responsibility.

Key Differences Between AWS and On-Premise Infrastructure

 Aspect AWS (Cloud) Traditional On-Premise

Cost Model Pay-as-you-go (OPEX) High upfront cost (CAPEX)

Scalability Elastic, auto-scaling Limited by hardware

Deployment Speed Minutes Weeks or months

Maintenance Managed by AWS Managed by organization

Availability Global data centers Single physical location

Disaster Recovery Built-in Expensive and complex

Conclusion

AWS removes the burden of infrastructure management, provides high availability, scalability,
and flexibility, and allows organizations to focus on application development rather than
hardware management.

2. Explain the different types of cloud computing models

offered by AWS
(Public Cloud, Private Cloud, Hybrid Cloud)

1. Public Cloud

Resources are shared among multiple users

Owned and managed by AWS
Accessed over the internet
Example: EC2, S3, RDS

Advantages

Low cost
Highly scalable
No infrastructure management

Use Case

Startups, web applications, mobile apps

2. Private Cloud
 Dedicated infrastructure for a single organization
Can be hosted on-premise or on AWS using isolated services
More control and security

AWS Example

Amazon VPC with dedicated resources

AWS Outposts

Advantages

Higher security
Better compliance

Use Case

Banking, healthcare, government systems

3. Hybrid Cloud

Combination of on-premise infrastructure and AWS cloud

Data and applications can move between environments

AWS Services Used

AWS Direct Connect

VPN
Storage Gateway

Advantages

Flexibility
Gradual cloud migration
Data sovereignty

Use Case

Enterprises migrating legacy systems to cloud

3. What is the AWS Free Tier? What services are available

under the AWS Free Tier?
What is AWS Free Tier?

The AWS Free Tier allows new users to explore and use AWS services at no cost within
specified limits.

It is designed to help users learn, test, and experiment with AWS before moving to paid
usage.
Types of AWS Free Tier

1. 12-Months Free
Free for 12 months after account creation
2. Always Free
Free with monthly usage limits
3. Trials
Free for a limited time or usage

Popular Services in AWS Free Tier

Service Free Tier Limit

Amazon EC2 750 hours/month ([Link] or [Link])

Amazon S3 5 GB standard storage

Amazon RDS 750 hours [Link]

AWS Lambda 1M requests/month

Amazon CloudWatch Basic metrics free

Benefits

Zero cost learning

Risk-free experimentation
Ideal for students and beginners

4. Define the term ‘Availability Zone’ in AWS. Why are

multiple availability zones important for high availability?
What is an Availability Zone (AZ)?

An Availability Zone is one or more physically separate data centers within an AWS Region,
each having:

Independent power
Networking
Cooling
Physical security

AWS Region vs Availability Zone

 Region → Geographical area (e.g., Mumbai, Virginia)
Availability Zone → Isolated data centers within a region

Example:
Asia Pacific (Mumbai) region has multiple AZs like ap-south-1a, ap-south-1b.

Why Multiple Availability Zones Are Important

1. High Availability
If one AZ fails, others continue serving traffic
2. Fault Tolerance
Hardware or power failure in one AZ does not affect others
3. Disaster Recovery
Applications can be replicated across AZs
4. Load Distribution
Traffic is spread across AZs using Load Balancers

Conclusion

By deploying applications across multiple Availability Zones, AWS ensures reliability, fault
tolerance, and uninterrupted service, which is critical for modern cloud applications.

1. What is AWS, and how does it differ from traditional on-

premise infrastructure?
What is AWS?

Amazon Web Services (AWS) is a cloud computing platform provided by Amazon that offers
on-demand computing resources such as servers, storage, databases, networking, security,
analytics, and application services over the internet.

Instead of buying and maintaining physical hardware, users can rent resources from AWS and
pay only for what they use.
Traditional On-Premise Infrastructure

In on-premise infrastructure:

Servers, storage, and networking equipment are physically located in an organization’s

data center.
Organizations must purchase hardware upfront
Maintenance, power, cooling, security, and upgrades are the company’s responsibility.

Key Differences Between AWS and On-Premise Infrastructure

 Aspect AWS (Cloud) Traditional On-Premise

Cost Model Pay-as-you-go (OPEX) High upfront cost (CAPEX)

Scalability Elastic, auto-scaling Limited by hardware

Deployment Speed Minutes Weeks or months

Maintenance Managed by AWS Managed by organization

Availability Global data centers Single physical location

Disaster Recovery Built-in Expensive and complex

Conclusion

AWS removes the burden of infrastructure management, provides high availability, scalability,
and flexibility, and allows organizations to focus on application development rather than
hardware management.

2. Explain the different types of cloud computing models

offered by AWS
(Public Cloud, Private Cloud, Hybrid Cloud)

1. Public Cloud

Resources are shared among multiple users

Owned and managed by AWS
Accessed over the internet
Example: EC2, S3, RDS

Advantages

Low cost
Highly scalable
No infrastructure management

Use Case

Startups, web applications, mobile apps

2. Private Cloud
 Dedicated infrastructure for a single organization
Can be hosted on-premise or on AWS using isolated services
More control and security

AWS Example

Amazon VPC with dedicated resources

AWS Outposts

Advantages

Higher security
Better compliance

Use Case

Banking, healthcare, government systems

3. Hybrid Cloud

Combination of on-premise infrastructure and AWS cloud

Data and applications can move between environments

AWS Services Used

AWS Direct Connect

VPN
Storage Gateway

Advantages

Flexibility
Gradual cloud migration
Data sovereignty

Use Case

Enterprises migrating legacy systems to cloud

3. What is the AWS Free Tier? What services are available

under the AWS Free Tier?
What is AWS Free Tier?

The AWS Free Tier allows new users to explore and use AWS services at no cost within
specified limits.

It is designed to help users learn, test, and experiment with AWS before moving to paid
usage.
Types of AWS Free Tier

1. 12-Months Free
Free for 12 months after account creation
2. Always Free
Free with monthly usage limits
3. Trials
Free for a limited time or usage

Popular Services in AWS Free Tier

Service Free Tier Limit

Amazon EC2 750 hours/month ([Link] or [Link])

Amazon S3 5 GB standard storage

Amazon RDS 750 hours [Link]

AWS Lambda 1M requests/month

Amazon CloudWatch Basic metrics free

Benefits

Zero cost learning

Risk-free experimentation
Ideal for students and beginners

4. Define the term ‘Availability Zone’ in AWS. Why are

multiple availability zones important for high availability?
What is an Availability Zone (AZ)?

An Availability Zone is one or more physically separate data centers within an AWS Region,
each having:

Independent power
Networking
Cooling
Physical security

AWS Region vs Availability Zone

 Region → Geographical area (e.g., Mumbai, Virginia)
Availability Zone → Isolated data centers within a region

Example:
Asia Pacific (Mumbai) region has multiple AZs like ap-south-1a, ap-south-1b.

Why Multiple Availability Zones Are Important

1. High Availability
If one AZ fails, others continue serving traffic
2. Fault Tolerance
Hardware or power failure in one AZ does not affect others
3. Disaster Recovery
Applications can be replicated across AZs
4. Load Distribution
Traffic is spread across AZs using Load Balancers

Conclusion

By deploying applications across multiple Availability Zones, AWS ensures reliability, fault
tolerance, and uninterrupted service, which is critical for modern cloud applications.

5. What is an Amazon Machine Image (AMI), and how is it used

in AWS EC2 instances?
What is an AMI?

An Amazon Machine Image (AMI) is a pre-configured template used to create Amazon EC2
instances.
It contains everything required to launch a virtual server.
Components of an AMI

An AMI includes:

1. Operating System (Linux, Windows, etc.)

2. Application Software
3. Configuration Settings
4. Block Device Mapping (EBS volumes)

Types of AMIs

AWS Provided AMIs – Official images by AWS

Marketplace AMIs – Preconfigured software stacks
Custom AMIs – Created by users for reuse
Community AMIs – Shared by other users

How AMI Is Used

1. User selects an AMI

2. AWS launches an EC2 instance based on that AMI
3. Instance boots with pre-installed OS and applications

Advantages

Faster deployment
Standardized environments
Easy backup and replication
Supports scaling

6. What are security groups in AWS, and how do they differ

from Network Access Control Lists (NACLs)?
Security Groups

A security group acts as a virtual firewall for EC2 instances.

Key Features

Operates at instance level

Supports allow rules only
Stateful (response traffic is automatically allowed)

Network Access Control Lists (NACLs)

NACLs act as a firewall at the subnet level.

Key Features

Operates at subnet level

Supports allow and deny rules
Stateless (return traffic must be explicitly allowed)

Difference Between Security Groups and NACLs

 Feature Security Group NACL

Level Instance Subnet

Rules Allow only Allow & Deny

Stateful Yes No

Default Behavior Deny all inbound Allow all inbound

Conclusion

Security groups provide fine-grained control, while NACLs offer network-level protection.
Both together enhance VPC security.

7. Explain the concept of Elastic Load Balancer (ELB) in AWS.

How does it help distribute incoming application traffic?
What is ELB?

Elastic Load Balancer (ELB) automatically distributes incoming traffic across multiple EC2
instances to ensure high availability and fault tolerance.

How ELB Works

1. Receives incoming requests

2. Checks instance health
3. Routes traffic only to healthy instances
4. Automatically adjusts as instances scale

Types of Load Balancers

Application Load Balancer (ALB) – Layer 7 (HTTP/HTTPS)

Network Load Balancer (NLB) – Layer 4 (TCP/UDP)
Classic Load Balancer – Legacy

Benefits of ELB

Fault tolerance
Scalability
Improved performance
Zero downtime deployments
Use Case

Web applications, microservices, high-traffic systems

8. What is Amazon S3, and what are the different storage

classes available in S3?
What is Amazon S3?

Amazon S3 is a highly scalable object storage service used to store and retrieve any amount
of data at any time.

Key Features

Object-based storage
99.999999999% durability
Secure and scalable
Global access

S3 Storage Classes

Storage Class Use Case

S3 Standard Frequently accessed data

S3 Intelligent-Tiering Unknown access patterns

S3 Standard-IA Infrequent access

S3 One Zone-IA Cost-sensitive backups

S3 Glacier Archival data

S3 Glacier Deep Archive Long-term storage

Conclusion

Amazon S3 offers cost-effective, durable, and scalable storage, making it ideal for backups,
static websites, big data, and media storage.
9. How does AWS Auto Scaling work, and what is the role of
scaling policies in it?
What is AWS Auto Scaling?

AWS Auto Scaling automatically adds or removes compute resources (such as EC2 instances)
based on demand, ensuring high availability and cost optimization.
How Auto Scaling Works

1. Resources are grouped into an Auto Scaling Group (ASG)

2. Minimum, maximum, and desired capacity are defined
3. CloudWatch monitors metrics (CPU, memory, requests)
4. Auto Scaling adjusts capacity automatically

Scaling Policies

Scaling policies define when and how scaling occurs.

Types of Scaling Policies

Target Tracking Scaling – Maintains a target metric (e.g., CPU at 60%)

Step Scaling – Scales based on thresholds
Scheduled Scaling – Scales at predefined times
Predictive Scaling – Uses machine learning to forecast demand

Benefits

Automatic resource management

High availability
Cost efficiency
Better performance

10. What are the differences between EC2 instances and

Lambda functions in AWS? Which one would you use for a
serverless application and why?
EC2 vs Lambda

Feature EC2 Lambda

Server Management Required Not required

Pricing Per hour/second Per request

Scaling Manual / Auto Scaling Automatic

Execution Long-running Short-lived

Use Case Full control apps Event-driven apps

Which Is Used for Serverless?

AWS Lambda is used for serverless applications because:

No server management
Automatic scaling
Pay only for execution time
Event-driven architecture

Conclusion

EC2 is ideal for traditional applications, while Lambda is best for serverless and
microservices-based applications.

11. Explain the purpose and functionality of Amazon RDS

(Relational Database Service) in AWS.
What is Amazon RDS?

Amazon RDS is a managed database service that simplifies setup, operation, and scaling of
relational databases.

Supported Database Engines

MySQL
PostgreSQL
MariaDB
 Oracle
SQL Server
Amazon Aurora

Key Features

Automated backups
Multi-AZ deployment
Automatic patching
Read replicas
High availability

Use Case

Web applications, enterprise systems, transactional workloads

12. What is Amazon CloudWatch, and how would you use it to

monitor AWS resources and applications?
What is Amazon CloudWatch?

Amazon CloudWatch is a monitoring and observability service that collects metrics, logs,
and events from AWS resources.

What Can CloudWatch Monitor?

EC2 CPU utilization

Memory usage
Disk I/O
Application logs
Network traffic

Key Components

Metrics – Performance data

Logs – Application/system logs
Alarms – Notifications on thresholds
Dashboards – Visual monitoring

Benefits

Real-time monitoring
Automated alerts
Improved reliability
Troubleshooting support
13. What is IAM (Identity and Access Management) in AWS?
Explain the concept of roles, policies, and groups in IAM.
What is IAM?

AWS Identity and Access Management (IAM) is a service that enables you to securely control
access to AWS services and resources.

It answers:

Who can access AWS?

What actions they can perform?
On which resources?

Core Components of IAM

1. Users

Individual identities (human or application)

Each user gets credentials (username/password, access keys)

2. Policies

JSON documents that define permissions

Specify:
Actions (e.g., s3:GetObject)
 Resources
Conditions

Types

Managed policies (AWS-managed or customer-managed)

Inline policies

3. Groups

Collection of IAM users

Permissions assigned to group apply to all users
Simplifies management

Example:
Admin group, Developer group, ReadOnly group

4. Roles

Temporary credentials
No permanent username/password
Used by:
EC2 instances
Lambda functions
Cross-account access

Conclusion

IAM ensures least privilege access, improves security, and provides centralized identity
management in AWS.

14. What is the purpose of AWS Elastic Beanstalk, and how

does it simplify application deployment?
What is Elastic Beanstalk?

AWS Elastic Beanstalk is a Platform-as-a-Service (PaaS) that allows developers to deploy

applications without managing infrastructure.

How Elastic Beanstalk Works

1. Upload application code

2. Select platform (Java, Python, [Link], .NET, etc.)
3. AWS automatically provisions:
EC2
Load Balancer
Auto Scaling
Monitoring
Key Features

Automatic scaling
Health monitoring
Managed updates
Supports multiple programming languages

Benefits

Faster deployment
No server management
Easy rollback
Cost-efficient

Use Case

Web applications, APIs, startup projects

15. How can you secure an S3 bucket in AWS? Explain the

different methods available.
Why S3 Security Is Important

S3 buckets store sensitive data such as:

Backups
Logs
Media
Documents

Methods to Secure an S3 Bucket

1. Bucket Policies

JSON-based access control

Define who can access the bucket and actions allowed

2. IAM Policies

Grant permissions to users or roles

Follows principle of least privilege

3. Access Control Lists (ACLs)

Object-level permissions
Legacy method (less recommended)

4. Block Public Access

 Prevents accidental public exposure
Highly recommended

5. Encryption

At Rest: SSE-S3, SSE-KMS

In Transit: HTTPS

6. Versioning

Protects against accidental deletion

Conclusion

Combining IAM, bucket policies, encryption, and block public access ensures maximum S3
security.

16. What is Amazon CloudFront, and how does it improve the

delivery of content to end users?
What is CloudFront?

Amazon CloudFront is a Content Delivery Network (CDN) that delivers data with low latency
and high transfer speeds.

How CloudFront Works

1. Content stored in origin (S3, EC2, Load Balancer)

2. Cached at edge locations worldwide
3. Users receive content from nearest location

Benefits

Reduced latency
Faster content delivery
Improved user experience
DDoS protection
SSL/TLS support

Use Case

Static websites
Video streaming
APIs
Global applications
17. Explain the different types of EC2 instance pricing models
available in AWS.
EC2 Pricing Models

Amazon EC2 offers multiple pricing options to optimize cost based on workload needs.
Types of EC2 Pricing Models

1. On-Demand Instances

Pay per second/hour

No long-term commitment

Use Case:
Short-term workloads, testing, unpredictable traffic

2. Reserved Instances (RI)

Commit for 1 or 3 years

Up to 75% cost savings

Types

Standard RI
Convertible RI
Use Case:
Steady, predictable workloads

3. Spot Instances

Use unused AWS capacity

Up to 90% cheaper
Can be interrupted by AWS

Use Case:
Batch processing, big data, fault-tolerant jobs

4. Savings Plans

Commit to consistent usage

Flexible across instance families

5. Dedicated Hosts

Physical servers dedicated to one customer

Use Case:
Compliance and licensing requirements

Conclusion

Choosing the right pricing model helps balance cost, flexibility, and reliability.

18. What is Amazon VPC (Virtual Private Cloud)? How would

you use it to create a secure and isolated network within
AWS?
What is Amazon VPC?

Amazon VPC allows you to create a logically isolated network within AWS where you control
IP addressing, routing, and security.
Key Components of VPC

CIDR block – Defines IP range

Subnets – Public and Private
Route Tables – Control traffic routing
Internet Gateway – Internet access
NAT Gateway – Outbound internet for private subnets
Security Groups & NACLs – Security

Creating a Secure and Isolated Network

1. Create a VPC with private IP range

2. Use private subnets for databases
3. Allow access via security groups
4. Restrict traffic using NACLs
5. Enable VPC Flow Logs for monitoring

Conclusion

Amazon VPC provides network isolation, security, and control, making it ideal for enterprise
workloads.

19. How do you design a highly available and fault-tolerant

architecture using AWS services?
Goal

Ensure application remains available even during failures.

Key Design Principles

1. Multi-Availability Zone Deployment

Distribute resources across AZs

2. Elastic Load Balancer

Distributes traffic across healthy instances

3. Auto Scaling

Automatically replaces failed instances

Handles traffic spikes

4. Managed Services

RDS Multi-AZ
DynamoDB (serverless HA)

5. Backup and Replication

S3 versioning
Cross-region replication

Conclusion

Combining AZs, Load Balancers, Auto Scaling, and managed services creates a robust, fault-
tolerant AWS architecture.

20. What is Amazon DynamoDB, and how does it differ from

Amazon RDS in terms of database design and use cases?
What is DynamoDB?

Amazon DynamoDB is a fully managed NoSQL database designed for high scalability and low
latency.

DynamoDB vs RDS
 Feature DynamoDB RDS

Database Type NoSQL Relational

Schema Flexible Fixed

Scalability Automatic Manual/limited

Performance Millisecond latency Slower

Management Fully serverless Partially managed

Use Cases

DynamoDB

IoT
Gaming
Real-time analytics
Mobile apps

RDS

Financial systems
ERP
Transactional apps

Conclusion

Use DynamoDB for massive scale and speed, and RDS for structured relational data.

21. What is AWS Direct Connect, and how does it benefit

organizations in terms of connectivity to AWS?
What is AWS Direct Connect?

AWS Direct Connect is a service that provides a dedicated private network connection
between an organization’s on-premise data center and AWS.

Unlike internet-based connections, Direct Connect offers consistent, secure, and high-
bandwidth connectivity.
How AWS Direct Connect Works

1. Organization connects its data center to an AWS Direct Connect location

2. A private virtual interface is established
3. Traffic bypasses the public internet
4. Data flows directly into Amazon VPC

Key Benefits

1. High Performance

Lower latency
Higher bandwidth (up to 100 Gbps)

2. Improved Security

Private connection
Reduced exposure to internet threats

3. Reliable Network

Consistent performance
Suitable for mission-critical workloads

4. Cost Efficiency

Lower data transfer costs compared to internet traffic

Use Cases

Hybrid cloud architectures

Large data transfers
Financial services
Enterprise workloads

Conclusion

AWS Direct Connect provides secure, reliable, and high-speed connectivity, making it ideal
for enterprises integrating on-premise infrastructure with AWS.

22. Explain the concept of AWS CloudFormation and how it

can be used to automate the deployment of AWS
infrastructure.
What is AWS CloudFormation?

AWS CloudFormation is a service that enables Infrastructure as Code (IaC)—allowing users to

define AWS resources using templates.
How CloudFormation Works

1. User writes a template (YAML or JSON)

2. Template describes required resources
3. CloudFormation creates a stack
4. AWS automatically provisions and configures resources

Key Components

Templates – Blueprint of infrastructure

Stacks – Running instance of template
Change Sets – Preview changes before applying

Advantages

1. Automation

Eliminates manual setup

Reduces human error

2. Consistency

Same infrastructure across environments

3. Version Control

Templates can be stored in Git

4. Easy Rollback

Automatically reverts on failure

Use Cases

DevOps pipelines
Multi-environment deployments
Disaster recovery setups

Conclusion

AWS CloudFormation simplifies cloud management by enabling repeatable, reliable, and

automated infrastructure deployment.