AWS Gateways

Question 1

What are the three types of APIs supported by AWS API Gateway

Answer 1

REST APIs, HTTP APIs, WebSocket APIs.

Question 2

What is the default limit for API Gateway requests per second (RPS)?

Answer 2

10,000 RPS per account per region (soft limit, can request increase).

Question 3

How can API Gateway secure APIs?

Answer 3

Using IAM policies, Cognito User Pools, Lambda Authorizers, API keys, and usage plans.

Question 4

How can API Gateway reduce backend load?

Answer 4

With caching responses at the stage level.

Question 4

What is a stage in API Gateway?

Answer 4

A deployment environment for an API, e.g., dev, test, prod.

Question 5

True or False: WebSocket APIs in API Gateway support stateful, real-time two-way communication.

Answer 5

True.

Question 5

What pricing components does API Gateway have?

Answer 5

API calls, data transfer out, caching (optional), and optional features like custom domain names.

Question 6

How many VPCs can an IGW attach to?

Answer 6

One.

Question 6

What type of IP addresses does an Internet Gateway support?

Answer 6

IPv4 and IPv6.

Question 7

Can an IGW perform NAT for private subnets?

Answer 7

No, only for instances with public IPs in public subnets.

Question 8

What is the primary use of a NAT Gateway?

Answer 8

A: Allow outbound internet access for private subnet instances without exposing them.

Question 9

True or False: IGWs are horizontally scaled and redundant.

Answer 9

True.

Question 10

Which route table entry is required to use an IGW?

Answer 10

0.0.0.0/0 for IPv4 or ::/0 for IPv6 pointing to the IGW.

Question 11

How is NAT Gateway different from NAT Instance?

Answer 11

A: NAT Gateway is fully managed, highly available, and scales automatically. NAT Instance is self-managed and can be a single point of failure if not configured with HA.

Question 12

Can NAT Gateways handle IPv6 traffic?

Answer 12

A: No, they only handle IPv4.

Question 13

True or False: NAT Gateway pricing is based on hourly usage and data processed.

Answer 13

True.

Question 14

Where should a NAT Gateway be deployed for high availability?

Answer 14

A: In each Availability Zone where private subnets exist.

Question 15

How many VPN tunnels does a VGW support?

Answer 15

A: 2 tunnels per VPN connection (for redundancy).

Question 16

What is VGW used for?

Answer 16

A: To terminate site-to-site VPN connections on AWS side.

Question 17

Can a VGW be associated with multiple VPCs?

Answer 17

A: No, one VGW per VPC.

Question 18

True or False: VGW only supports IPv4 traffic.

Answer 18

A: False. VGW supports IPv4 and optionally IPv6 if configured.

Question 18

Can VGW connect to AWS Direct Connect?

Answer 18

Yes.

Question 19

What is AWS Transit Gateway?

Answer 19

A: A central hub that connects multiple VPCs and on-premises networks.

Question 19

How does TGW simplify network management?

Answer 19

A: It reduces the need for multiple VPC peering connections and complex route tables.

Question 20

What is File Gateway used for?

Answer 20

A: Provides NFS/SMB access to objects stored in S3.

Question 20

How is TGW priced?

Answer 20

A: By hourly attachment hours and data processing charges.

Question 20

What is inter-region peering in TGW?

Answer 20

A: It connects Transit Gateways in different AWS regions.

Question 21

How many VPCs can attach to a single Transit Gateway?

Answer 21

A: Default 5,000 per TGW (soft limit can be increased).

Question 22

Name the three types of AWS Storage Gateways.

Answer 22

A: File Gateway, Volume Gateway (cached/stored), Tape Gateway.

Question 22

True or False: TGW can be used to centralize internet access for multiple VPCs.

Answer 22

A: True, via a TGW + NAT Gateway architecture.

Question 23

What is Tape Gateway used for?

Answer 23

A: Backup to Amazon S3 or Glacier using virtual tape libraries (VTL).

Question 24

True or False: Volume Gateway can provide block-level storage via iSCSI.

Answer 24

True.

Question 25

Which Storage Gateway type stores primary data locally and asynchronously backs up to AWS?

Answer 25

A: Volume Gateway (stored volumes).

Question 26

Which gateway would you use for a hybrid cloud storage solution?

Answer 26

Storage Gateway.

Question 27

Which gateway would you use to expose APIs to mobile or web clients?

Answer 27

A: API Gateway.

Question 28

Which gateway allows private subnets to access the internet securely?

Answer 28

A: NAT Gateway.

Question 29

For connecting on-premises network to multiple VPCs via VPN, which gateway is best?

Answer 29

A: Transit Gateway + VGW (site-to-site VPN).

Question 30

For central logging or caching APIs, which AWS service works well with API Gateway?

Answer 30

A: CloudWatch (logging/monitoring) and API Gateway caching.

Question 31

A company wants a single entry point to route requests from multiple APIs to different Lambda functions. Which service is best?

Answer 31

API Gateway ?

Question 32

How would you connect 10 VPCs and on-prem network in a hub-and-spoke model?

Answer 32

Transit Gateway ?

Question 33

You need to allow EC2 instances in private subnets to download software updates. Which AWS service do you use?

Answer 33

NAT Gateway ?

Question 34

Which AWS gateway would you use for a VTL backup solution?

Answer 34

Storage Gateway (Tape Gateway) ?

Question 35

True or False: Internet Gateway is required for NAT Gateway to access the internet.

Answer 35

True.

Question 36

Which gateway should you use for site-to-site VPN termination?

Answer 36

Virtual Private Gateway ?

Question 37

What is AWS Storage Gateway?

Answer 37

A hybrid storage service that connects on-premises environments to AWS cloud storage (S3, Glacier).

Question 38

Name the types of Storage Gateway.

Answer 38

File Gateway, Tape Gateway, Volume Gateway (cached or stored).

Question 39

What is AWS API Gateway used for?

Answer 39

AWS API Gateway is a fully managed service for creating, publishing, maintaining, monitoring, and securing REST, HTTP, and WebSocket APIs at any scale.

Question 40

Which API types does AWS API Gateway support?

Answer 40

REST APIs, HTTP APIs, WebSocket APIs.

Question 41

How does API Gateway integrate with backend services?

Answer 41

API Gateway can route requests to AWS Lambda, Amazon EC2, AWS Elastic Beanstalk, or other HTTP endpoints.

Question 42

What are some features of API Gateway for security?

Answer 42

Authorization (Cognito, IAM, Lambda authorizers), throttling, API keys, request validation, and CORS support.

Question 43

How can API Gateway improve performance?

Answer 43

With caching responses at the stage level, reducing the number of calls to backend services.

Question 44

Can multiple VPCs share the same Internet Gateway?

Answer 44

No, each IGW is attached to a single VPC.

Question 45

What is an Internet Gateway (IGW)?

Answer 45

A horizontally scaled, redundant AWS component that allows communication between instances in a VPC and the internet.

Question 46

Do IGWs perform NAT (Network Address Translation)?

Answer 46

Yes, they perform NAT for instances with public IPv4 addresses.

Question 47

Can NAT Gateways handle burst traffic automatically?

Answer 47

Yes, NAT Gateways are highly available and automatically scaled.

Question 47

What types of connections can VGW support?

Answer 47

Site-to-site VPN and AWS Direct Connect.

Question 48

What is a Virtual Private Gateway?

Answer 48

A VGW is the VPN concentrator on the AWS side of a site-to-site VPN connection.

Question 49

Can VGW be shared across multiple VPCs?

Answer 49

No, each VGW is associated with one VPC.

Question 49

Name key benefits of Transit Gateway.

Answer 49

Simplifies network management, reduces peering complexity, scalable, integrates with Direct Connect and VPNs.

Question 49

What types of NAT gateways exist in AWS?

Answer 49

NAT Gateway (managed service) and NAT Instance (self-managed EC2 instance).

Question 49

What is AWS Transit Gateway?

Answer 49

A hub-and-spoke network transit service that connects VPCs and on-premises networks via a single gateway.

Question 49

Can Transit Gateway route between VPCs in different regions?

Answer 49

Yes, via inter-region peering.