So I recently had a first phone interview for a senior SA role at AWS, I felt really good after the call but got the rejection this morning and was devastated.. The interview started with 2 behavioral questions then a small customer scenario (so was neither a role play or a system design but something in between) followed by rapid fire questions. I captured the questions below, hopefully this can help others prepare for SA interviews, there were only 2 questions that I told them I didn't know how to answer but all the rest were fine. Sorry about the format, not sure how to post a table on here. The location is in a different country which takes a long time for visa processing, not sure if this might have influenced the decision. Behavioral: Tell me about a time where you delivered a project that was not up to spec, how did you handle? Tell me about a time where you faced a crisis, how did you handle? Customer scenario: Customer has 3 tier web application on prem. App went viral, needs to scale ASAP. Rapid Fire: How would you troubleshoot a webserver that can download updates but is not reachable from the internet? What is a CDN? How would you diagnose slow storage drive? How would you handle storage deduplication? What is a CIDR block and slash notation? Tell me how you would use traceroute? What is the difference between a stateful and stateless FW? What AWS services map to which? How would you connect 2 EC2 instances in different regions? What is a Web Application FW and differences with a regular FW? How would you protect against a DDOS attack? What are the different types of DDOS attack? How would you protect against an internal threat? How would you respond to a compromised EC2 instance? What is the difference between a VM and a container? What are the advantages of a container? What is Infrastructure as code and why is it useful? How would you help a customer ensure GDPR compliance in different regions? How would you ensure a 0 downtime deployment of a new app version (DevOps)? My answers: Behavioral: Example about slow reporting on OLTP with user increase, created replica DB for offloading report reads Bug that caused issues with costing, wrote SQL query to identify lines and update ledger entries to value entries, communicated risks to stakeholders Customer Scenario: "Asked clarifying questions (Is the env virtualized, what kind of DB…) Approach: Use rehosting for App/Web on EC2 and refactoring (RDS) for DB Migrate DB using DMS Offload reads to a read replica Add an LB between tiers, place the servers in an ASG with target tracking. Use scheduled scaling for known peaks. Use Cognito with WIF for auth/zn Secure with HTTPS for in transit, KMS for at rest Place front facing LB in public subnet and all other servers in private Smaller apps can use a separate DB" Rapid Fire: Check NACL, check Sec group, check deamon instance on server Content Delivery Network + explanation Monitor read/write IOPS and throughput, identify which is the bottleneck and recommend a higher tier Not answered IP range use to delimit a subnet, slash notation is the subnet mask (example /24 id class C, /16 is class B, etc..) Go to cmd and tracert domainname, will give the hops that are used to reach the destination with the time in ms between each hop "Stateful remembers the inbound rule, stateless needs both in/out rule to be configures. NACL = stateless, Sec group = stateful" VPC peering if only 2, if more than 2 then use Transit GW WAF protects against common internet attacks such as SQL injection and known malicious IPs, can block requests from IP range. Use AWS Shield which comes in 2 tiers. DSN brute force attack and SYN flood attack to initiate fake TCP SYN/ACK responses Use least needed priveledge for each user, encrypt data, assign roles to services instead of credentials. Isolate th instance by taking it off the network, stop the instance, if cannot be cleaned then terminate the instance and start a fresh one from a known AMI VM = abstraction from hardware using hypervison, container = abstraction of the OS using namespaces (gave further explanation). Advantage are smaller footprint. Gave example of cloudformation, a template that can be used to deploy all the components in a new environment. Useful for speed of deployment and sharing designs (for POC, demos..) Not answered Place the old instance behind a ELB, Provision a new instance in the same target group. Start routing requests to the new instance while decomissioning the old one. EDIT: Got some feedback on the interview. Technically strong, no red flags, but behavioral answers could have been stronger. Marked as to be considered for other roles. #amazon #aws #interview #awssolutionsarchitect
You probably had an ahole that was going to fail you no matter what
Could be. The person doing the interview was a regular solutions architect (not senior) but with 18 YOE so it's possible they were miffed about AWS hiring externally instead of promoting them .
Why would they let a junior screen you.. weird
Did they even offer a reinterview for a down level? Would you have taken a down level?
Nope to both.. Just hope I won't have to wait an arbitrary 6 months for nothing before being eligible for another interview.
Wow, looks like you did great. Which country is this?
Thanks, I thought these answers would at least have given me a chance to get to the loop. But felt gutted by the "don't even bother with this candidate" outcome.. It was for a role in Australia.