EC2 - Fundamentals/Instance Types/Security Groups Flashcards
What does EC2 stand for?
Elastic Compute Cloud
What is EC2 User Data?
A script that is bootstrapped only once when the EC2 instance is first launched. It is a script used to automate boot tasks such as:
Installing updates
Installing Software
What are EC2 Instance Types?
They are types of instances that are optimised for different use cases.
Dissect the following example instance type:
m5.2xlarge
m = instance class e.g. general purpose
5 = Generation (AWS improves this over time)
2xlarge = Size within the instance class
What is the General Purpose instance type best used for and provide an example?
It’s great for diverse workloads such as web servers or code repositories.
It has a good balance of compute power, memory and networking.
Example: t2.micro
What is the Compute Optimised instance type best used for?
Great for compute-intensive tasks that require high performance processors.
Use cases include:
Machine Learning
Dedicated gaming servers
High performance web servers
What is the Memory Optimised instance type best used for?
Provides fast performance for workloads that process large data sets in memory.
Use cases include:
In memory databases
What is the Storage Optimised instance type best used for?
Great for storage intensive tasks that require high, sequential read and write access to large data sets on local storage.
Use cases include:
Distributed file systems
Data warehousing applications
What are security groups?
Security Groups act as a “firewall” on instances that control the inbound and outbound traffic for an EC2 Instance.
True or False? Security Groups only contain allow rules
True
List four things that security groups regulate for an EC2 Instance?
Access to ports
Authorised IP ranges (IPv4 and IPv6)
Control of inbound network
Control of outbound network
True or False? Security groups can only be attached to a single EC2 Instance.
False. They can be attached to multiple instances. Also, instances can have multiple security groups attached to it
True or False? Security groups are locked down to a region?
True
How would you know if issues accessing the application is caused by the security group or not?
If there is a time out error, then it’s a security group issue.
If there’s a “connection refused” error, then it’s an application error or it’s not launched
What is the default action for all inbound and outbound traffic?
All inbound traffic is blocked by default.
All outbound traffic is authorised by default.