 contact us

  

AWS Cheat Sheet – EC2

Posted On April 1, 2020

Amazon EC2 is the main compute service of AWS, make sure you
know as much as you can about it with this cheat sheet.

ꞏ ꞏ ꞏ

Instance Types:
The instance type de몭nes the virtual hardware supporting an
Amazon EC2 instance.
here are dozens of instance types available, varying in the
following dimensions: Virtual CPUs (vCPUs), Memory, Storage
(size and type), Network performance. Instance types are
grouped into families based on the ratio of these values to 
 each other
the table below lists some of the families available:

C Compute optimized (For workloads requiring signi몭cant

4 processing).
T
Lowest Cost General Purpose (Web/Small DBs)
2
R
Memory optimized (For memory-intensive workloads).
3
G GPU-based instances (Intended for graphics and general-purpose
2 GPU compute workloads).
Storage optimized (For workloads requiring high amounts of fast
I2
SSD storage).
D
Dense Storage (Fileservers/Data Warehousing/Hadoop).
2

The network performance increases within a family as the

instance type grows.

ꞏ ꞏ ꞏ

Amazon Machine Images (AMIs):

The Amazon Machine Image (AMI) de몭nes the initial software
that will be on an instance when it is launched.
An AMI de몭nes every aspect of the software state at instance
launch:
The Operating System (OS) and its con몭guration.
The initial state of any patches.
Application or system software.
There are four sources of AMIs:
Published by AWS.
The AWS Marketplace (online store for AMI).
Generated from Existing Instances.
Uploaded Virtual Servers (Using AWS VM
Import/Export service).
AMI’s are regional. You can only launch an AMI from the region
in which it was stored.
When you create an AMI, by default its marked private. You
have to manually change the permissions to make the image
public or share images with individual accounts

ꞏ ꞏ ꞏ
 ꞏ ꞏ ꞏ

Instance Lifecycle:
When you launch an instance, it enters the pending state and it
uses the speci몭ed AMI to launch.
it enters the running stat where you can start connecting to it
and use it.
you can stop and start your instance to try to 몭x a problem.
When you stop your instance, it enters the stopping state and
then the stopped state.
if you no longer need an instance, you can terminate it. As
soon as the status of an instance changes to shutting-down or
terminated, you stop incurring charges for that instance.
If you enable termination protection, you can’t terminate the
instance using the console, CLI, or API.
Termination protection does not work for instances that are
part of the auto-scaling group, launched as Spot instance or
when terminated by initiating shutdown command.
Data on an instance store is lost when the instance is stopped
or terminated. Instance store data survives an OS reboot.
An instance is scheduled to be retired when AWS detects an
irreparable failure of the underlying hardware hosting the
instance

Below is a list of all instance states:

Instance
Description Billed?
state
An instance enters the pending state when it
pending launches for the 몭rst time, or when it is NO
started after being in the stopped state.
running The instance is running and ready for use. YES
NO if
preparing
to stop
The instance is preparing to be stopped or
stopping YES if
stop-hibernated.
preparing
to
hibernate
The instance is shut down and cannot be
stopped NO
used.
 Instance
Description Billed?
state
shutting-
The instance is preparing to be terminated. NO
down
terminated The instance has been permanently deleted NO

ꞏ ꞏ ꞏ

Root device volumes:

Root Volumes cannot be encrypted by default, you need a 3rd
party utility. Other volumes added to an instance can be
encrypted.
Non-root EBS volumes attached to the instance are preserved
if you delete the instance.
Amazon EC2 supports two types of block devices:

Instance Store (Ephemeral):

not persistent storage.
instance store is ideal for temporary storage of information
that changes frequently, such as bu몭ers, caches, scratch
data… 
Instances using instance store storage cannot be stopped.
Instance store volumes cannot be detached and reattached to
other instances; They exist only for the life of that instance.
If you change the instance type, an instance store will not be
attached to the new instance type.

Amazon Elastic Block Store (EBS):

For workloads requiring more durable block storage, Amazon
EBS is the right choice.
 Each Amazon EBS volume is automatically replicated within its
Availability Zone to protect you from component failure,
o몭ering high availability and durability.
Multiple Amazon EBS volumes can be attached to a single
Amazon EC2 instance, although a volume can only be attached
to a single instance at a time.

Types of EBS Volumes:

General-Purpose SSD:
ideal for a broad range of workloads.
volume can range in size from 1 GB to 16 TB, up to 16,000 IOPS
per volume.
some of the use cases:
System boot volumes.
Virtual desktops.
Small-to-medium sized databases.
Development and test environments.
General-purpose SSD volumes are billed based on the amount
of data space provisioned.

Provisioned IOPS SSD:

designed to meet the needs of I/O-intensive workloads,
particularly database workloads.
provide the highest performance of any Amazon EBS.
volume can range in size from 4 GB to 16 TB, Consistently
performs at provisioned level, up to 64,000 IOPS maximum per
volume.
The most expensive Amazon EBS volume type per gigabyte.

Throughput Optimized HDD:

designed for frequently accessed, throughput-intensive
workloads.
Low-cost HDD volume.
volume can range in size from 500 GiB to 16 TiB, max IOPS per
volume is 500.
use cases:
Streaming workloads requiring consistent, fast
throughput at a low price.
Big data, Data warehouses, Log processing.
Cannot be a boot volume.

Cold HDD:
 Lowest cost HDD volume designed for less frequently accessed
workloads.
volume can range in size from 500 GiB to 16 TiB, max IOPS per
volume is 250.
Scenarios where the lowest storage cost is important.
Cannot be a boot volume.

ꞏ ꞏ ꞏ

Instance Metadata and User Data:

Metadata is data about an EC2 instance: AMI ID, hostname,
instance ID, instance type, private IP address, public IP
address, and so on are metadata of the instance.
User data is limited to 16 KB,
If you stop an instance, modify its user data, and start the
instance, the updated user data is not executed when you start
the instance.
You can specify user data when you launch an instance.
You can poll an instances meta-data by using curl
http://169.254.169.254/latest/meta-data/
You can get an instance’s IP address by using curl
http://169.254.169.254/latest/meta-data/public-ipv4
You can poll an instances user-data by using curl
http://169.254.169.254/latest/user-data/
To pass the user-de몭ned script to EC2 Linux instances running
behind Autoscaling group we need to use Userdata.

ꞏ ꞏ ꞏ

Security:
Virtual Firewall Protection (Security
groups):
AWS allows you to control tra몭c in and out of your instances
through virtual 몭rewalls called security groups.
Security groups allow you to control tra몭c based on port,
protocol, and source/destination.
Security groups are associated with instances when they are
launched. Every instance must have at least one security group
but can have more.
When an instance is associated with multiple security groups,
 the rules are aggregated and all tra몭c allowed by each of the
individual groups is allowed.
Security groups are applied at the instance level.

IAM:
An IAM policy must grant or deny permissions to use one or
more Amazon EC2 actions.
you can use IAM roles to grant permissions to applications
running on your instances.
You cannot attach multiple IAM roles to a single instance, but
you can attach a single IAM role to multiple instances.

ꞏ ꞏ ꞏ

Networking:
Addressing an Instance:
an instance can be addressed upon creation in several ways:
Public Domain Name System (DNS) Name.
Public IP: unique address on the Internet that you
reserve independently and associate with an Amazon
EC2 instance.
Private IP addresses and Elastic Network Interfaces
(ENIs) are additional methods of addressing instances
that are available in the context of an Amazon VPC.
An Elastic IP address is a public IPv4 address, which is
reachable from the internet.
To use an Elastic IP address, you 몭rst allocate one to your
account, and then associate it with your instance or a network
interface.
You can disassociate an Elastic IP address from a resource, and
reassociate it with a di몭erent resource.

Placement Groups:
A placement group is a logical grouping of instances within a
single Availability Zone.
Placement groups enable applications to participate in a low-
latency, 10 Gbps network.
Placement groups are recommended for applications that
bene몭t from low network latency, high network throughput, or
both.
 To fully use this network performance for your placement
group, choose an instance type that supports enhanced
networking and 10 Gbps network performance.

Elastic Network Interfaces:

An elastic network interface is a logical networking component
in a VPC that represents a virtual network card.
You can create and con몭gure network interfaces in your
account and attach them to instances in your VPC.
ENI can have one public IP address and multiple private IP
addresses.
You can create a network interface, attach it to an instance,
detach it from an instance, and attach it to another instance.
You cannot detach a primary network interface from an
instance.
When you create a network interface, it inherits the public IPv4
addressing attribute from the subnet.
An ENI created independently of a particular instance persists
regardless of the lifetime of any instance to which it is
attached.

ꞏ ꞏ ꞏ

Monitoring:
You can monitor the status of your instances by viewing status
checks and scheduled events for your instances.
You can monitor your instances using Amazon CloudWatch,
which collects and processes raw data from Amazon EC2 into
readable, near real-time metrics.
By default, Amazon EC2 sends metric data to CloudWatch in 5-
minute periods.
You can use the CloudWatch agent to collect both system
metrics and log 몭les from Amazon EC2 instances.
CloudTrail captures all API calls for Amazon EC2 and Amazon
EBS as events, including calls from the console and from code
calls to the APIs.

ꞏ ꞏ ꞏ

EC2 video from AWS:

 AWS re:Invent 2018: [REPEAT 1] Amazon EC2 F…

ꞏ ꞏ ꞏ

EC2 practice questions:

EC2 practice questions (Associate level).

You need to log in to pass this practice exam.

If you don’t have an account create one

Username or Email Address

Password

Remember Me

Log In
 Notice: we keep updating this material.

AWSBOY Cheat sheets:

AWS cheat sheet – VPC

AWS cheat sheet – RDS

AWS cheat sheet – S3

AWS cheat sheet – IAM

AWS cheat sheet – Route53

You can report a mistake or suggest new points to add to this EC2
cheat sheet…let us know in the comment section.

Enter your email

Subscribe

Receive AWSBOY updates to get the latest study materials that we

publish.

Join Facebook group

Share on Facebook Share on Twitter

 Previous Next 
AWS Cheat Sheet - R AWS Cheat Sheet - Id
DS entity & Access Mana
gement (IAM)
DS entity & Access Mana
gement (IAM)

Leave a Reply
Your email address will not be published.

Comment

Name

Email

Website

Save my name, email, and website in this browser for the next time I
comment.

Post Comment

Like us on Facebook

Awsboy
Follow Page
we talk AWS

  

 contact us

Copyright 2021|AWSboy