Amazon EC2

  • Virtual computing environments, known as instances
  • Ready to use EC2 instances, known as Amazon Machine Image(AMI)
  • Various configurations of CPU, memory, storage, and networking capacity for your instances, known as instance types
  • Secure login information for your instances using key pairs
  • Storing data on virtual drives, Amazon EBS volumes
  • A firewall that enables you to specify the protocols, ports, and source IP ranges that can reach your instances using security groups
  • Static IPv4 addresses for dynamic cloud computing, known as Elastic IP addresses
  • Metadata, known as tags, that you can create and assign to your Amazon EC2 resources
  • Virtual networks you can create that are logically isolated from the rest of the AWS Cloud and that you can optionally connect to your own network, known as Virtual Private Cloud (VPC)
  • Distributing load across machines using Elastic Load Balancer(ELB).
  • Scaling the services using an Auto-Scaling Group(ASG).
  • Bootstrap script: configure at the first launch using EC2 User Data.

Creating your EC2 instance

  1. Log into your AWS account using your IAM credentials
  2. Launch your instance: Identify which instance type is best and choose an AMI.
  3. Configure your instance: security groups, VPC, storage, subnet, IAM role
  4. Connect to your instance: using ssh, putty, or EC2 Instance Connect
  5. Terminate your instance: once the task is completed delete the instance to prevent additional charges.

Amazon Machine Image (AMIs)

EC2 AMIs are the templates that are configured with an operating system (Windows, Linus, macOS) and other software configurations to launch an instance.
An AMI is a virtual image used to create a virtual machine within an EC2 instance. You can also create multiple instances using a single AMI when you need instances with the same configuration. There are three types of AMIs: Public AMI, your own AMI, and an AWS Marketplace AMI.

Instances

An instance is a virtual server in the cloud. From an AMI, you launch an instance, which is a copy of the AMI running as a virtual server in the cloud. An instance type determines the hardware of the host computer used for your instance.

Security Groups

  • Security groups act as a firewall at the instance level. If traffic is blocked by a security group it will not be visible by EC2.
  • They can be attached to multiple instances.
  • All inbound rules are blocked by default and all outbound traffic is authorized by default.
  • When you launch an instance, you can specify one or more security groups. If you don’t specify a security group, Amazon EC2 uses the default security group.
  • You can add rules to each security group that allows traffic to or from its associated instances. You can modify the rules for a security group at any time. New and modified rules are automatically applied to all instances that are associated with the security group. When Amazon EC2 decides whether to allow traffic to reach an instance, it evaluates all of the rules from all of the security groups that are associated with the instance.
  • Security groups are stateful, i.e., if you create an inbound rule allowing traffic in, that traffic is automatically allowed back out again.
  • If your application gives ‘time out’ it is a security group issue.
Security Groups acting as a firewall to EC2 Instances

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store