Reference · Case AI Interview
Every AWS service you'll be asked about, anchored to the Cloudflare primitive you already know. Print me.
| You know (Cloudflare) | AWS equivalent | What changes when you cross over |
|---|---|---|
| Workers | Lambda (event-driven functions) or ECS Fargate (long-running containers) | Workers are one thing; AWS splits the idea. Lambda: scale-to-zero, cold starts, 15-minute max runtime. Fargate: always-on containers, no runtime cap, you pick CPU/memory. See the official decision guide. |
| D1 | RDS / Aurora (PostgreSQL, MySQL) | D1 is managed SQLite at the edge; RDS/Aurora is a real clustered database server living inside your VPC's private subnets, with instance sizes, read replicas, multi-AZ failover, and backups you configure. |
| R2 | S3 | Nearly 1:1 — R2 speaks the S3 API. Differences: S3 charges egress (R2 doesn't), and S3 access is governed by IAM policies + bucket policies, not account tokens. |
| KV | DynamoDB (durable KV at scale) or ElastiCache (Redis-style cache) | KV is eventually-consistent edge cache-ish storage. DynamoDB is a serious primary database (single-digit-ms, transactions, streams); ElastiCache is the in-memory cache layer. |
| Queues | SQS (queue, one consumer pool) / SNS (pub-sub fan-out) | Same mental model. SQS adds visibility timeouts, dead-letter queues, FIFO variants — interviewers like DLQs as a reliability answer. |
| Durable Objects | No direct equivalent | Closest patterns: DynamoDB conditional writes / a single-writer Fargate service / Step Functions for coordination. Saying "DO has no AWS twin, here's how I'd rebuild the pattern" is a strong senior answer. |
| Pages | Amplify Hosting or S3 + CloudFront | Static/SSR hosting is assembled from parts on AWS rather than one product. |
| Cron Triggers | EventBridge Scheduler | Same idea: scheduled invocations of Lambda/ECS tasks. |
| Workers AI | Bedrock | Managed model inference (hosts Anthropic models among others). Case AI likely calls provider APIs directly instead — know both options exist. |
| Cloudflare CDN (implicit) | CloudFront + Route 53 (DNS) | On Cloudflare the CDN is the platform; on AWS it's an explicit distribution you configure in front of an origin. |
| Wrangler / dashboard | Terraform / AWS CDK + CloudFormation | Infrastructure-as-code is a listed job requirement: CDK = infra in TypeScript (your language), Terraform = declarative HCL, both compile to API calls/CloudFormation. |
Cloudflare hides the datacenter; AWS hands it to you. These are the concepts interviewers use to spot "never actually used AWS" — know them cold.
| Concept | 60-second version |
|---|---|
| Region & Availability Zone | A region (e.g. ap-east-1, Hong Kong) contains 3+ physically separate AZs. "Multi-AZ" = survive a datacenter failure; "multi-region" = survive a regional one. Cloudflare never asks you to choose. |
| VPC, subnets, security groups | Your private network. Public subnets hold things that face the internet (load balancer, NAT); private subnets hold app containers and databases — nothing in them is reachable from outside. Security groups are per-resource firewalls ("ALB may talk to app on 443; app may talk to DB on 5432; nothing else"). |
| NAT Gateway | How private-subnet workloads reach the internet outbound (e.g. calling the Anthropic API) without being reachable inbound. Famously costs real money — mentioning that reads as experience. |
| IAM roles & policies | Identity for workloads, not just humans. A policy is a JSON document of allowed actions on resources; a role is a set of policies a service assumes to get temporary credentials — no long-lived keys anywhere (official best practices). Cloudflare's account-wide API tokens have no per-workload equivalent of this. |
| ALB (Application Load Balancer) | Explicit HTTP(S) entry point into the VPC: TLS termination, health checks, path-based routing, spreading traffic across containers in multiple AZs. On Cloudflare this is invisible platform behaviour. |
| Capacity & pricing knobs | AWS makes you size things (Fargate CPU/memory, RDS instance class, provisioned vs on-demand DynamoDB). "Cost optimization" is a whole Well-Architected pillar. |