Gauging the depth of a cloud architect
Since cloud architects can come from either app development or Networking backgrounds, it is important to understand how they would be able to assist a potential customer. Over two dozen interview sessions with cloud architects has led me to devise an interview strategy that revolves around ‘how to do what’..as opposed to memorizing different cloud services.
Must Know for a Cloud Architect
- Multi Tenant App Hosting – Multiple apps need to be hosted within the same VPC (in AWS). Explain how you would delineate their networks, firewall rules etc (Answer : Subnets). Same question for GCP (Answer GCP Projects and Shared VPCs)
- Storage Sync – On Premises Filesystem needs to be stored and synced (continuously) with a storage solution in AWS (or GCP, Azure). Provide some options. (Answer – for AWS, CloudBerry Sync Folders, For GCP, open source tools such rclone along with possibly, gsutil). Same question for Cloud Storage to Cloud Storage Sync (much easier – native cloud solutions available)
- PaaS Options – Guide a customer through various options for hosting a 24 x 7, 3 tier web app on the public cloud. (Azure Web Apps, AWS Beanstalk, GCP Compute Engine for the Web Tier, SQL as a service for the DB tier, CDN for static content, ELB/Traffic Manager/GCP Global Load Balance
- Orchestration Options for AWS, Azure, GCP
- CI / CD Tools and Platforms for AWS, Azure, GCP
- Serverless Functions, Microservices Patterns and how to refactor a microservices app to become ‘cloud native’
- Message Queuing Options on AWS, Azure, GCP
- Advanced Networking – YOU NEED TO DESIGN A VPC IN AWS. THE SERVERS WITHIN THE VPC SHOULD BE ABLE TO COMMUNICATE WITH HOSTS BOTH ON THE INTERNET AND ON-PREMISES THROUGH A VPN CONNECTION.
- r) .
- IaaS options – Same Question as above – now use an IaaS solution instead of PaaS (should be able to talk about availabilty groups, Network Load Balancers, SSL Termination, SQL Always On DB…)
- Describe the various Storage Options in a Public Cloud (High Level – Relational, Non Relational, and Analytics Data Storage) – In depth – For Non Relational Stoage, they should mention storage solutions for Files, Blobs, Queues, Tables, NoSQL, Disk Storage…., For Relational Data – they should know about SQLAzure, RDS, …, For analytics: Azure Data Lake, Data Warehouse…)
- Single Sign On – Use your corporate AD as the Identity Provider and the Cloud Console (GCP, AWS, Azure) as your target app. Describe the steps to accomplish SSO for the cloud console using AD as the IdP.
- IAM – What’s the difference between an IAM user and a Role? When would you need a custom IAM policy?
- Network Monitoring – Monitoring Network Interface Changes and VPC Traffic – What would you use?
Advanced
If they get this far, you can ask about
- Container options and Container
Leave a Reply