EC2 - Fundamentals/Instance Types/Security Groups Flashcards
What does EC2 stand for?
Elastic Compute Cloud
What is EC2 User Data?
A script that is bootstrapped only once when the EC2 instance is first launched. It is a script used to automate boot tasks such as:
Installing updates
Installing Software
What are EC2 Instance Types?
They are types of instances that are optimised for different use cases.
Dissect the following example instance type:
m5.2xlarge
m = instance class e.g. general purpose
5 = Generation (AWS improves this over time)
2xlarge = Size within the instance class
What is the General Purpose instance type best used for and provide an example?
It’s great for diverse workloads such as web servers or code repositories.
It has a good balance of compute power, memory and networking.
Example: t2.micro
What is the Compute Optimised instance type best used for?
Great for compute-intensive tasks that require high performance processors.
Use cases include:
Machine Learning
Dedicated gaming servers
High performance web servers
What is the Memory Optimised instance type best used for?
Provides fast performance for workloads that process large data sets in memory.
Use cases include:
In memory databases
What is the Storage Optimised instance type best used for?
Great for storage intensive tasks that require high, sequential read and write access to large data sets on local storage.
Use cases include:
Distributed file systems
Data warehousing applications
What are security groups?
Security Groups act as a “firewall” on instances that control the inbound and outbound traffic for an EC2 Instance.
True or False? Security Groups only contain allow rules
True
List four things that security groups regulate for an EC2 Instance?
Access to ports
Authorised IP ranges (IPv4 and IPv6)
Control of inbound network
Control of outbound network
True or False? Security groups can only be attached to a single EC2 Instance.
False. They can be attached to multiple instances. Also, instances can have multiple security groups attached to it
True or False? Security groups are locked down to a region?
True
How would you know if issues accessing the application is caused by the security group or not?
If there is a time out error, then it’s a security group issue.
If there’s a “connection refused” error, then it’s an application error or it’s not launched
What is the default action for all inbound and outbound traffic?
All inbound traffic is blocked by default.
All outbound traffic is authorised by default.
How would you allow other instances to be granted access to your main Instance?
By referencing the security groups attached to those instances in your security group e.g. authorise access from security group 1
What are the two tools that use port 22? Explain what they are also
SSH (Secure Shell) - Log into a Linux instance
SFTP (Secure File Transfer Protocol) - Upload files using SSH
What is FTP and what port does it use?
File Transfer Protocol allows you to upload files into a file share through port 21.
What port allows you to access unsecured websites?
80 - HTTP
What port allows you to access secured websites?
443 - HTTPS
What is RDP and what port does it use?
Remote Desktop Protocol allows you to log into a Windows instance through port 3389.
