1. Can you explain the difference between IaaS, PaaS and SaaS?
Ans:
IaaS (Infrastructure as a Service) offers core cloud components like virtual machines, storage and networking while you manage the operating system and applications. PaaS gives developers an easy-to-use environment in which to create, test and launch programs without having to worry about infrastructure management. SaaS provides customers with fully working software via the internet eliminating the need for installation or upkeep of programs like email or CRM systems.
2. What are the steps to set up an EC2 instance in AWS?
Ans:
First, log into the AWS Management Console and choose an Amazon Machine Image (AMI). Select the instance type then configure networking, storage and assign a security group. For safe access generate a new key pair or choose an already-existing one. After launching the instance, connect via SSH or RDP to start using it.
3. Why is IAM important in cloud security?
Ans:
IAM (Identity and Access Management) controls who can access specific cloud resources. By assigning users and roles with only the permissions they need, IAM improves cloud infrastructures' overall security by preventing unauthorized access.
4. How do you implement auto-scaling in platforms like AWS or Azure?
Ans:
Depending on demand auto-scaling modifies the number of servers. In AWS, Auto Scaling Groups use CloudWatch to monitor metrics and scale instances. In Azure Virtual Machine Scale Sets provide a similar feature with predefined rules. This ensures cost savings during idle times and peak performance during traffic spikes.
5. What is your approach for migrating an on-premise application to the cloud?
Ans:
Begin by analyzing the application's architecture and dependencies. Based on its requirements, select the right cloud model and platform. After backing up data, provision cloud infrastructure and perform a phased migration to reduce downtime. I adjust the environment, switch production traffic and verify performance after migration.
6. How do public and private subnets differ in a VPC?
Ans:
A public subnet is accessible from the internet via an Internet Gateway and is ideal for hosting web-facing services. A private subnet has no direct internet access making it suitable for sensitive components like databases. This setup improves security and controls inbound/outbound traffic.
7. What is Azure Resource Manager (ARM) and how does it help?
Ans:
Azure Resource Manager is deployment and management service for Azure. It allows grouping, deploying, and managing related resources using templates (ARM templates). ARM supports infrastructure as code, role-based access control, and tagging to simplify administration and ensure consistent deployments.
8. Which tools have you used for cloud monitoring and logging?
Ans:
In AWS I use CloudWatch to track metrics and logs. For Azure I work with Azure Monitor and Log Analytics. In multi-cloud or open-source setups I prefer Prometheus for monitoring and Grafana for creating dashboards and alerts.
9. What strategies do you use to ensure high availability and fault tolerance?
Ans:
I deploy applications across multiple availability zones or regions to avoid single points of failure. Load balancers manage traffic distribution while auto-scaling adjusts resources as needed. Regular backups, health checks and failover mechanisms ensure continuous availability and quick recovery.
10. What is Infrastructure as Code (IaC), and how do you use Terraform?
Ans:
IaC is the process of using the code to manage cloud infrastructure. With Terraform, I write configuration files (.tf) to define resources like EC2 instances, S3 buckets, and VPCs. I use these files to deploy consistent, repeatable infrastructure quickly. Terraform helps version control, reduces errors, and simplifies updates across environments.