EC2
- EC2 = Elastic Compute Cloud = Infrastructure as a Service
- It mainly consists in the capability of :
- Renting virtual machines (EC2)
- Storing data on virtual drives (EBS)
- Distributing load across machines (ELB)
- Scaling the services using an auto-scaling group (ASG)
EC2 sizing & confituration options
- Operating System: Linux or Windows
- CPU
- RAM
- Storage space
- network-attached (EBS & EFS)
- hardware (EC2 Instance Store)
- Network card: speed of the card, Public IP address
- Firewall rules: security group
- Bootstrap script (configure at first launch): EC2 User Data
Security Groups
- Security groups control how traffic is allowed into or out of our EC2 Instances
- Security groups only contain allow rules
- Security groups rules can refernce by IP or by security group
- Security groups regulate:
- Access to Ports
- Authorised IP ranges - IPv4 and IPv6
- Control of inbound network (from other to the instance)
- Control of outbound network (from the instance to other)
Classic Ports
- 22 = SSH (Secure Shell) - log into a Linux instance
- 21 = FTP (File Transport Protocol) - upload files into a file share
- 22 = SFTP (Secure File Transport Protocol) - upload files using SSH
- 80 = HTTP - access unsecured websites
- 443 = HTTPS - access secured websites
- 3389 = RDP (Remote Desktop Protocol) - log into a Windows instance