AWS CSA
  • Introduction
  • 1. AWS Overview
    • 1.1 AWS global Infrastructure
    • 1.2 Networking and Content Delivery
    • 1.3 Computing
    • 1.4 Storage
    • 1.5 Databases
    • 1.6 Migration Services
    • 1.7 Analytics
    • 1.8 Security and Identity
    • 1.9 Management Tools
    • 1.10 Application Services
    • 1.11 Developer Tools
    • 1.12 Mobile Services
    • 1.13 Desktop and App Streaming
    • 1.14 Artificial Intelligence
    • 1.15 Messaging
  • 2. IAM - Identity Access Management
    • 2.1 IAM Introduction
    • 2.2 IAM Labs
    • 2.3 Create a billing alart
    • 2.4 IAM Conclusion
  • 3. S3 - Simple Storage Service
    • 3.1 S3 Introduction
    • 3.2 S3 Labs
    • 3.3 Version Control Labs
    • 3.4 Cross Region Replication
    • 3.5 Life Cycle Management
    • 3.6 CloudFront
    • 3.7 CloudFront Labs
    • 3.8 S3 Security and Encryption
    • 3.9 Storage Gateway
    • 3.10 Snowball
    • 3.11 Snowball Labs
    • 3.12 S3 Transfer Acceleration
    • 3.13 Create a static web page using S3
    • 3.14 Storage Summary
  • 4. EC2 - Elastic Compute Cloud
    • 4.1 EC2 Introduction I
    • 4.2 EC2 Introduction II
    • 4.3 EC2 Lab 1
    • 4.4 EC2 Lab 2
    • 4.5 Security Groups Lab
    • 4.6 Upgrade EBS Volume Types - Lab1
    • 4.7 Upgrade EBS Volume Types - Lab2
    • 4.8 RAID, Volumes & Snapshots
    • 4.9 Create An AMI - Lab
    • 4.10 AMI's EBS Root Volumes vs. Instance Store
    • 4.11 Elastic Load Balancer & Health Check - Lab
    • 4.12 CloudWatch EC2 - Lab
    • 4.13 The AWS Command Line & EC2
    • 4.14 Using IAM Roles with EC2
    • 4.15 S3 CLI & Regions
    • 4.16 Using Bootstrap Scripts
    • 4.17 EC2 Instance Metadata
    • 4.18 Launch Configurations & Auto Scaling Groups
    • 4.19 EC2 Placement Groups - Exam Must Know
    • 4.20 Elastic File System (EFS) Lab
    • 4.21 Lambda Concepts
    • 4.22 Build A Serverless Webpage Using API Gateway & Lambda
    • 4.23 Use Polly to Pass Your Exam - Lab of a Serverless Application
    • 4.24 Use Polly to Pass Your Exam - Lab of a Serverless Application
    • 4.25 EC2 - Summary & Exam Tips
  • 5. Route53
    • 5.1 DNS 101
    • 5.2 Route53 - Register A Domain Name - Lab
    • 5.3 Setup Our EC2 Instances - Lab
    • 5.4 Routing Policies - Lab
  • 6. Databases on AWS
    • 6.1 Databases 101
    • 6.2 Launching an RDS Instance - Lab
    • 6.3 RDS - Backups, Multi-AZ & Read Replicas
    • 6.4 DynamoDB
    • 6.5 Redshift
    • 6.6 ElastiCache
    • 6.7 Aurora
    • 6.8 Database Summary
  • 7. VPC
    • 7.1 VPC Overview
    • 7.2 VPC Lab - Part 1
    • 7.3 VPC Lab - Part 2
    • 7.4 NAT Instances & NAT Gateways
    • 7.5 Network Access Control Lists vs. Security Groups
    • 7.6 Load Balancers & Custom VPCs
    • 7.7 VPC Flow Logs
    • 7.8 NATs vs. Bastions
    • 7.9 VPC End Points
    • 7.10 VPC Clean Up
    • 7.11 VPC Summary
  • 8. Application Services
    • 8.1 SQS - Simple Queue Service
    • 8.2 SWF - Simple Workflow Service
    • 8.3 SNS - Simple Notification Service
    • 8.4 Elastic Transcoder
    • 8.5 API Gateway
    • 8.6 Kinesis 101
    • 8.7 Kinesis Streams Lab
    • 8.8 Application Services Summary
  • 9. White Paper Reviews
    • 9.1 Overview of AWS
    • 9.2 Overview of Security Processes - Part 1
    • 9.3 Overview of Security Processes - Part 2
    • 9.4 Risk & Compliance Whitepaper
    • 9.5 Storage Options in the Cloud Whitepaper
    • 9.6 Architecting For The Cloud Best Practices Whitepaper
  • 10. Well Architected Framework
    • 10.1 Introduction of Well Architected Framework
    • 10.2 Pillar One - Security
    • 10.3 Pillar Two - Reliability
    • 10.4 Pillar Three - Performance
    • 10.5 Pillar Four - Cost Optimization
    • 10.6 Pillar Five - Operational Excellence
    • 10.7 Well Architected Framework - Summary
  • 11. Additional Exam Tips
    • 11.1 Exam Tips Based On Student Feedback
    • 11.2 Consolidated Billing
    • 11.3 AWS Organizations - Lab
    • 11.4 Cross Accounts Access
    • 11.5 Resource Groups & Tagging
    • 11.6 VPC Peering & ClassicLink
    • 11.7 Direct Connect
    • 11.8 Security Token Service
    • 11.9 Active Directory Integration
    • 11.10 Workspaces
    • 11.11 ECS - Part 1 - What is Docker
    • 11.12 ECS - Part 2 - What is ECS
    • 11.13 CloudFormation - A Brief Introduction
    • 11.14 Step Functions - A Brief Introduction
  • 12. Practice Tests Questions Summary
    • 12.1 Whizlabs - Free Test
    • 12.2 Whizlabs - Diagnosis Test
    • 12.3 Whizlabs - Practice Test I
    • 12.4 Whizlabs - Practice Test II
    • 12.5 Whizlabs - Practice Test III
    • 12.6 Whizlabs - Practice Test IV
    • 12.7 Whizlabs - Practice Test V
    • 12.8 Whizlabs - Practice Test VI
    • 12.9 Whizlabs - Practice Test VII
    • 12.10 Whizlabs - Section Tests - Part 1
    • 12.11 Whizlabs - Section Tests - Part 2
    • 12.12 Udemy - Final Quiz
  • 13. The Real World - Creating a fault tolerant Word Press Site
    • 13.1 Getting Setup
Powered by GitBook
On this page
  • Description tab
  • Status Checks tab
  • Monitoring tab
  • Tags tab
  • Terminate EC2 instance
  • Other types of EC2 instances
  • Encrypt your volumes
  • Lab 1 & 2 Exam Tips

Was this helpful?

  1. 4. EC2 - Elastic Compute Cloud

4.4 EC2 Lab 2

When you created your EC2 instance, you can see the resources of your instances in the EC2 dashboard.

Description tab

  • You may noticed that there are 2 Security Groups. One of them is the Security Group you created along with your EC2 instance, the other one is the Security Group of your Default VPC that created automatically when you first create your AWS account.

  • For the public DNS/IP address, you can either use public DNS or public IP address to connect your web server which is running on your EC2 instance through HTTP. The public DNS will be converted to public IP automatically.

  • For the private DNS/IP address, they are used to connect your EC2 instance from internal network.

  • If you enable the Termination Protection, you should disable it firstly and then you can terminate your instance. You can disable Termination Protection through Action -> Instance Settings -> Change Termination Protection.

Status Checks tab

  • System Status Checks: it is verifying that your instance is reachable, testing that we are able to get network packets to your instance. If this check fails, there may be an issue with the infrastructure hosing your instance such as the power networking, software systems or the hypervisor.

  • Instance Status Checks: it is checking that you can get traffic to the operating system. If this check fails, you can reboot for instance and that will mean that it will probably come up on another host and it will come back up on another hypervisor. Whereas if a system status checks fails again, you can reboot or you can go in and terminate the instance if you are having any kind of issues.

Monitoring tab

  • The basic monitoring is every 5 minutes, so it is pinging our device every 5 minutes.

  • We can turn on detail monitoring which is every 1 minute. It will cost you extra.

  • CloudWatch will monitoring the metrics of your CPU utilization, Disk reads/write, Network in/out, etc.

Tags tab

  • It is just the tags of your EC2 instance.

Terminate EC2 instance

  • Your SSH connection will also be terminated.

Other types of EC2 instances

  • You have 4 types instances, they are

    • Instances

    • Spot Requests

    • Reserved Instances

    • Dedicated Hosts

  • Reserved Instances

    • You can purchase reserved instances.

    • All upfront will give you the greatest discount.

    • Click Search and then select a plan.

Encrypt your volumes

  • You can encrypt your volumes through checking the "Encrypt" box when you create your instance. By default, you cannot encrypt your root volume. If you want to do that, you have to provision the root volumes first, create a copy or create an AMI of that EC2 instance, and while you are creating that copy encrypt the root device volume. (See details in later sections).

Lab 1 & 2 Exam Tips

  • Termination Protection is turned off by default, you must turn it on.

  • When you launch an instance, a public IP (if your subnet allows) and private IP will be assigned to it. When you stop the instance and start it again, its public IP address will be changed. To solve this problem using one of the two ways:

    • Using EIP. You can create an Elastic IP address and assign it to your instance. You can do this because you will always own that Elastic IP address.

    • Using A record. You can put this instance behind a ELB and use its DNS name. In this way, you create a custom domain name in Route53 using A record and set it to be an alias of the DNS name of the ELB. You can do this because you can always visit your own custom domain name created in the Route53 record set.

  • On an EBS-backed instance, the default action is for the root EBS volume to be deleted when the instance is terminated. You can disable this by unchecking the box at Add Storage step when you create the instance.

  • You can also attach additional EBS volumes after launching an instance, but not instance store volumes.

  • The Root volume can be an instance store volume or an EBS volume (Nowadays, most of them are EBS volume). You can attach additional EBS volumes or instance store volumes to your instance, or edit the settings of the root volume. For EBS-only AMIs, you can only attach additional EBS volumes, but for not EBS-only (i.e. n x M (SSD)) AMIs, you can attach additional EBS volumes and instance store volumes.

  • EBS Root Volumes of your default AMI's cannot be encrypted (because these AWS provided AMIs are created from unencypted EBS snapshots). You can also use a third party tool (such as bit locker for windows, etc) to encrypt the root volume, or this can be done when creating AMI's (see labs to follow) in the AWS console or using the API.

Previous4.3 EC2 Lab 1Next4.5 Security Groups Lab

Last updated 5 years ago

Was this helpful?