Cloud Architect Interview Prep Guide

Structure your answer using the AWS Well-Architected Framework pillars. Compute: EKS or ECS in multi-AZ across 3 regions with Global Accelerator for routing. Database: Aurora Global Database with read replicas in each region for low-latency reads, write forwarding to primary region. Caching: ElastiCache Redis cluster in each region for session and product data. CDN: CloudFront with origin shield. Storage: S3 with cross-region replication for static assets. Discuss: active-active vs active-passive multi-region (active-passive is simpler for writes), data sovereignty requirements in EU (GDPR), RTO/RPO targets (RTO less than 15 minutes, RPO less than 1 minute), and estimated monthly cost breakdown by service.

Apply the 6 Rs migration framework with a phased approach: Phase 1 (weeks 1-4): Assess and plan. Inventory all components, map dependencies, identify the migration strategy per component. Phase 2 (weeks 5-12): Rehost the database to RDS Oracle or migrate to Aurora PostgreSQL (discuss the tradeoff: rehost is faster but does not reduce licensing costs). Phase 3 (weeks 13-24): Replatform the application to containers (ECS/EKS) without code changes. Phase 4 (months 7-12+): Refactor high-value modules into microservices where justified. Discuss: migration tooling (AWS DMS for database, AWS Application Migration Service for VMs), cutover strategy (parallel run with traffic shifting), rollback plan, and how to maintain business continuity during migration.

Present a structured FinOps approach: 1) Visibility: implement cost allocation tags, set up AWS Cost Explorer or CloudHealth, identify top 10 cost drivers, 2) Quick wins (weeks 1-4): delete unused resources (unattached EBS volumes, idle load balancers, stopped instances), right-size over-provisioned instances (analyze CloudWatch CPU/memory utilization, downsize instances running below 20% utilization), 3) Commitment (months 2-3): purchase Savings Plans or Reserved Instances for steady-state workloads (typically 30-40% savings), use Spot Instances for fault-tolerant workloads (batch processing, CI/CD runners), 4) Architecture (months 3-6): migrate appropriate workloads to serverless, implement storage lifecycle policies (S3 Intelligent-Tiering), use Graviton instances for 20% cost reduction. Estimate savings per initiative to show you can hit the 30% target.

Cover each zero-trust principle with specific cloud services: 1) Identity: every request is authenticated and authorized. Use IAM roles for services (not long-lived keys), OIDC federation for human access, short-lived credentials, 2) Network: assume the network is hostile. Use VPC with private subnets, security groups as instance-level firewalls, PrivateLink for service-to-service communication, WAF at the edge, 3) Data: encrypt everything. TLS 1.3 in transit, AES-256 at rest (KMS-managed keys), field-level encryption for sensitive data (PII), 4) Device and workload: verified identities for CI/CD pipelines (OIDC with GitHub Actions), container image signing (cosign/Notary), 5) Observe: CloudTrail for API audit, GuardDuty for threat detection, Security Hub for compliance posture. Discuss compliance: SOC 2, HIPAA, PCI DSS, and how zero trust maps to each framework.

Build a decision matrix based on workload characteristics: Serverless (Lambda): event-driven workloads, unpredictable traffic, execution under 15 minutes, no persistent connections needed. Benefits: zero ops, per-invocation billing. Tradeoffs: cold starts (1-5 seconds for Java), 10GB memory limit, vendor lock-in. Containers (ECS/EKS): microservices needing consistent performance, long-running processes, specific runtime requirements, stateful workloads. Benefits: portable, fine-grained resource control, horizontal scaling. Tradeoffs: cluster management overhead, networking complexity. VMs (EC2): legacy applications, specific OS/kernel requirements, GPU workloads, applications requiring direct hardware access. Benefits: maximum control, familiar management. Tradeoffs: highest operational overhead, slowest scaling. Real example: "For our API gateway, we chose Lambda because traffic was spiky (10x during business hours) and each request was stateless. For our ML inference service, we chose ECS on GPU instances because models needed persistent memory and consistent latency."

Be specific about the business justification, since multi-cloud adds complexity that must be justified. Valid reasons: regulatory requirements (data residency in specific regions served by different providers), vendor risk mitigation (avoiding single-provider outage risk), leveraging unique services (GCP BigQuery for analytics while primary infrastructure is on AWS), or M&A integration (acquired company uses a different cloud). Discuss challenges honestly: increased operational complexity, inconsistent IAM models, networking between clouds (Transit Gateway + Cloud Interconnect), and the cost of expertise across platforms. If you have not done multi-cloud, discuss when you would and would not recommend it, showing architectural judgment.

Discuss current trends: AWS DevOps Guru and Azure AIOps for intelligent monitoring, AI-optimized instance types (AWS Inferentia, Google TPUs), and LLM integration changing API design patterns. For LLM serving architecture: compute (GPU instances like p5 or g5 with model parallelism across multiple GPUs), model storage (S3 with optimized loading), inference serving (TorchServe or vLLM behind an ALB), caching (Redis for common prompt-response pairs), rate limiting and cost control (per-token billing passthrough), and auto-scaling based on request queue depth rather than CPU. Discuss: quantization for reducing model size, batching for throughput optimization, and edge inference for latency-sensitive applications.

Be genuinely honest, as this tests self-awareness and learning ability. Example: "We migrated our analytics database from PostgreSQL to DynamoDB because we expected query patterns to be key-value. After migration, the business added requirements for complex aggregation queries that DynamoDB handles poorly. We ended up running both DynamoDB for real-time lookups and Redshift for analytics, increasing complexity and cost. What I learned: involve business stakeholders in migration decisions early, prototype with real query patterns before migrating, and the cheapest migration is the one you do not have to reverse." Show the mistake, the impact, and specifically what you changed in your process.