Section 5: EC2 Fundamentals

What should be used if you want your EC2 instance to call other AWS services?

Instance Roles

True / False - EC2 Instance Connect relies on SSH?

True, you still need to allow port 22 in your security group in order to use Instance Connect

What are the properties that make up a security group rule?

Type, Protocol, Port Range, Source, Description

What are some EC2 sizing & configuration options needed in order to setup

CPU, RAM, Storage, Networking, Security

True / False - Convertible reserved Instances allow you to change the EC2 instance type (ex: change t2.micro to c5.xlarge)

True

True / False - Security group rules can reference by IP or by other security groups

True

True / False - You are billed per second, after the first minute for Linux, while all other Operating Systems are billed per hour

True

Describe each port (22, 21, 22, 80, 443, 3389)

22 = SSH (Secure Shell) - log into a Linux instance 21 = FTP (File Transfer Protocol) - upload files into a file share 22 - SFTP ( Secure File Transfer Protocol) - upload files using SSH 80 - HTTP - access unsecured website 443 - HTTPS - access secured website 3389 - RDP (Remote Desktop Protocol) - log into a Windows instance

These instance types are great for compute-intensize tasks that require high performance processors (Batch processing workloads, media transcoding, high performance computing - HPC, ML, game servers)

Compute optimized

You can use this configuration option to configure EC2 instances at first launch

EC2 User Data

What is AWS EC2?

Elastic Compute Cloud (IaaS) - rentable virtual machines

True / False - All inbound and outbound traffic is blocked by default.

False - All inbound traffic is block by default, while outbound is authorized by default.

True / False - Spot Instances are suitable for critical jobs or databases.

False - You can "lose" spot instances at any point of the time if your max price is less than the current spot price.

True / False - The EC2 User Data script is run every time your EC2 instance restarts?

False - its only run once at the instance first start

True / False - For EC2 Reserved Instances, you can specify anytime between 1-3 years as the reservation period?

False - reservation periods can ONLY be 1 year OR 3 years

True / False - Security Groups only contain deny rules while Network Access Control Lists (NACL) contain allow AND deny rules?

False, Security groups only contain allow rules

True / False - You can use the same security group in multiple regions / VPC combinations

False, security groups are locked down to a region / VPC, you will need to re-create a new security group.

True / False - You can only have one security group attached to one EC2 instance at a time?

False, you can attach a security group to multiple instances AND an instance can have multiple security groups.

These instance types are great for a diversity of workloads such as web servers or code repositories

General purpose

These instance type is used for high performance for workloads that process large data sets in memory (RDS/NoSQL DBs, cache stores, in-memory DB for BI, real-time processing of bid unstructured data)

Memory optimized

What are the 3 purchasing options for EC2 Reserved Instances?

No upfront, partial upfront, all upfront

Name the 4 Instance Purchasing Options

On-Demand, Reserved, Spot Instance, Dedicated Hosts

What instance purchasing option is best used for short-term and un-interrupted workloads, where you can't predict how the application will behave?

On-demand

Why would you want to use Dedicated Hosts?

Physical server to yourself - To address compliance requirements and reduce costs by allowing you to use your existing server-bound software licenses (BYOL)

If your application is not accessible (time out), what is likely the cause?

Security group issue

What network security acts as a firewall around EC2 instances and controls how traffic is allowed into or out of EC2 instances?

Security groups

What is EC2 Instance Connect?

Service that allows you to connect to your EC2 instance in a shell in the browser.

What EC2 purchasing option is the most cost efficient and provides a discount of up to 90% compared to On-demand?

Spot Instances

This instance type are great for storage-intensive tasks that require high, sequential read and write access to large data sets on local storage (OLTP systems, Relational/NoSQL DBs, Cache for in-memory DBs, data warehousing applications, file systems)

Storage optimized

If you get 'bad permissions' and denied access to SSH into your ec2 instance, what is the command to modify permissions of your pem key file?

chmod 400 <pemfile>.pem

Can you describe the naming convention for EC2 instances. What does m5.2xlarge mean?

m: instance class 5: generation xlarge: size within the instance class

Describe the command to ssh into an EC2 instance from the terminal?

ssh -i <path-to-pem-key> ec2-user@<public-ip-address>