EC2

Question 1

What are Security Groups

Answer 1

Security groups are a virtual firewall that controls traffic to and from EC2 Instances. (operate at instance level)

Question 2

Are security groups stateful or stateless? Describe what that means.

Answer 2

Security groups are STATEFUL. This means that if traffic is allowed inbound, then it is automatically allowed outbound.

Question 3

Describe Security Group defaults

Answer 3

All inbound traffic is blocked by default. All outbound traffic is allowed by default. Each region has 2,500 security groups per region. Each SG has a default of 5 Elastic Elastic Network Interfaces (ENIs).

Question 4

How many SGs can you have per region

Answer 4

10,000 (default is 2500)

Question 5

How many SGs can be associated with an ENI?

Answer 5

16 max (default is 5)

Question 6

How many inbound/outbound rules can be assigned to a Security Group?

Answer 6

60 each(inbound/outbound)

Question 7

How many Security Groups can be associated with an EC2 instance (1 or many)

Answer 7

many

Question 8

T/F - Security Groups can be assigned to multiple EC2 instances

Answer 8

true

Question 9

What is EC2?

Answer 9

Elastic Cloud Compute -> A cloud computing service

Question 10

What are the 5 main EC2 instance types?

Answer 10

General Purpose Compute Optimized Memory Optimized Accelerated Optimized Storage Optimized

Question 11

Describe General Purpose EC2 Instances

Answer 11

balance of compute, memory, and networking resources. Uses resources in equal proportions.

Question 12

Describe Compute Optimized EC2 Instance Type

Answer 12

• Ideal for compute bound applications that benefit from high performance processor.
• Batch processing loads.
• High performance web servers.
• Dedicated Gaming machine.
• Scientific modeling.

Question 13

Describe Memory Optimized EC2 Instance Type

Answer 13

Ideal for workloads that process large datasets in memory.

Question 14

Described Accelerated Optimized EC2 Type

Answer 14

Uses hardware accelerators and co-processors. Think Machine Learning. Floating point # calculations. Graphics processing.

Question 15

Describe Storage Optimized EC2 Instance Type

Answer 15

High Sequential Read/Write access to large datasets on local storage. Use cases = NO-SQL DB, data warehouse, elasticSearch, Analytic workloads.

Question 16

What are placement groups?

Answer 16

Allows you to specify the logical placement of your EC2 instances in order to optimize for communication, performance or durability.

Question 17

What do placement groups cost?

Answer 17

They are free

Question 18

What is the purpose of the UserData Section id the EC2 configuration?

Answer 18

This area allows you to upload a script that will automatically run when launching an EC2 instance.

Question 19

What are the 4 pricing categories for EC2?

Answer 19

On-Demand SPOT Reserved Dedicated

Question 20

Explain On-Demand EC2 pricing

Answer 20

Least commitment low cost and flexible pay per hour Good for short term, spikey or unpredictable workloads. Services can not be interuppted. Good for first time apps.

Question 21

Explain the EC2 Reserved Price model

Answer 21

Best long term strategy. Good for steady state pr predictable usage. Commit from 1-3 years. Can resell unused reserved instances.

Question 22

Explain Spot EC2 pricing

Answer 22

Provides the biggest savings User requests an instance at a specific price and if approved can use that instance until instance is needed by another user that is willing to pay a higher price. Instances can be terminated at anytime. If AWS terminates the instance you DO NOT pay for the partial hour usage. If you terminate the instance you DO pay partial hour usage.

Question 23

What are the 3 types of reserved instances?

Answer 23

Standard RI Convertible RI Scheduled RI

Question 24

What is a Standard Reserved Instance?

Answer 24

Up to 75% reduced pricing compared to On-Demand. Cannot change RI attributes.

Question 25

What is a Convertible Reserved Instance?

Answer 25

Up to 54% reduced pricing compared to on-demand. Allows you to change RI Attributes if greater then or equal to current instance.

Question 26

What is a Scheduled Reserved Instance (RI)?

Answer 26

You reserve an instance for specific time periods (i.e once a week for a few hours. Savings vary depending on schedule.

Question 27

What is an Elastic IP Address and how is it different then a public IP Address in AWS?

Answer 27

An AWS Public IP can change if the instance is stopped and restarted. In order to maintain consistency, an Elastic IP can be assigned to an instance. This is a public IP that remains the same even when an instance stops.

Question 28

What are Burstable Instances?

Answer 28

T2 Machines Can handle unexpected traffic by using “burst credits” If all credits are gone, the CPU becomes poor and user should consider moving to a large instance type. If a burstable machine does not need to “burst”, burst credits build up over time

Question 29

How are EC2 instances billed?

Answer 29

By the second, with a minimum of 60 seconds

Question 30

Do PRIVATE IPs change if the instances stops?

Answer 30

No but public does

Question 31

What is the URL for EC2 Instance Metadata?

Answer 31

• http://169.254.169.254/latest/meta-data
• This is an internal URL to AWS.
• It will only work from inside your EC2 instance.
• It will NOT work from your computer.

Question 32

What is EC2 Metadata?

Answer 32

Info about the EC2 Instance

Question 33

Can you retrieve an EC2 IAM Policy from the EC2 metadata?

Answer 33

No, but you can retrieve the IAM Role name and use the AWS IAM Policy Simulator to test that Role.