Flashcards in EC2 Deck (37):
What are the types of EC2 instances?
On-Demand - fixed fee, no commitment
Reserved - with contract
Spot - Bid
Dedicated hosts - physically dedicated system
How are you charged for a partial hour if the prices changes on a spot instance?
You will not be charged
How are you charged for a partial hour if you terminate a spot instance?
You will be charged
What are the instance types
You delete an EBS instance. What is the default protection behavior?
None, it is deleted unless termination protection was turned on
You delete an EC2 instance, Will addition EBS volumes other than root be retained?
Can default AMI root volumes be encrypted?
How can you encrypt a root volume?
Use a 3rd party tool or it can be done when creating the AMI
Can EBS volumes be encrypted?
Yes, but not the root when using a default AMI
Security group fundamentals?
All inbound is blocked by default
All outbound is allowed
Changes take effect immediately
Unlimited number of EC2 instances can use the same Sec Group
What does stateful mean?
When a port is opened it is open for both inbound and outbound
How can you block IP addresses? Sec groups or NACL's?
What are the EBS Types?
PIOPS (SSD) = DB-s
TO (HDD) =Big data
Cold (HDD) = File servers
EBS Mag - Infrequently accessed
You take an EBS snapshot, where is it stored?
T or F Snapshots are Full
How do you ensure an EBS snapshot is quiesced?
Stop the instance
Can you take an EBS snap while the instance is running?
Can you create AMI's from volumes and snapshots?
You want to change the EBS volume size and and type. When can you do this?
You can do this on the fly
How do you move a EC2 volume to another AZ?
Take a snapshot, create an AMI then launch in the new AZ
How do you move a EC2 volume to another region?
Take a snapshot, create an AMI then move to the new region
Are snapshot of encrypted volumes encrypted?
Are encrypted volumes that are restored encrypted?
Can you share encrypted volumes?
Can you share snapshots?
Yes, if they are unencrypted
What are the characteristics of Instance Store
Cannot be stopped. If host is stopped or fails data is lost
You can reboot
When an instance is deleted, what will happen to an instance volume and EBS?
Both will be deleted, but you can protect the EBS volume
How do you encrypt the root volume?
Create a snapshot
Create a copy of the snapshot
Create an AMI from the encrypted snapshot
Use that AMI to launch a new encrypted instance
What is the default cloudwatch monitoring interval?
5 min, but can be change to 1 min by turning on detailed monitoring
What is the difference between cloudwatch and cloudtrail?
Cloud watch is used to gauge performance, cloud trail is used for auditing
Features of cloud watch
What can be used to automate a new instance build
Boot strap script
What is the URL to get instance information?
What is the EFS format>
Pay for use
scalable to PB
Supports thousands of concurrent NFS connections
Data is stored across multiple AZs within a region
read after write consistency
Benefits of roles?
easy to manage
Can be assigned after instance creation
Can be used in any region
What is the best way to secure, centrally, hundreds of EC2 instances rather than using access key and secret access key