Open in app

Sign in

Write

Sign in

Amazon EC2- Elastic Compute Cloud

Nidhi Ashtikar
5 min readJan 12, 2025

--

Amazon Elastic Compute Cloud (Amazon EC2) is a core service offered by Amazon Web Services (AWS) that provides scalable and resizable virtual computing capacity in the cloud. With EC2, businesses can launch and manage virtual servers, known as instances, to meet their specific computing needs without the constraints of traditional on-premises hardware.

Types of EC2 Instances

Amazon EC2 offers a variety of instance types categorized into families, each optimized for different workloads:

General Purpose: Workload of webserver/code repos

  • Balanced computing, memory, and networking resources.
  • Examples: t2, t3, m5, m6i.
  • Use Cases: Web servers, application servers, and small databases.

Compute Optimized: Hight performance Processor (CPU)

  • High-performance processors for compute-intensive tasks.
  • Examples: c5, c6g, c7g.
  • Use Cases: High-performance computing (HPC), batch processing, and scientific modeling.

Memory Optimized: Fast Performance (RAM)

  • Designed for memory-intensive applications.
  • Examples: r5, r6g, x1, x2idn.
  • Use Cases: In-memory databases, real-time big data analytics, and SAP workloads.

Storage Optimized:

  • High, sequential read and write access to large datasets.
  • Examples: i3, i4i, d2, h1.
  • Use Cases: Big data, distributed file systems, and data warehousing.

Accelerated Computing:

  • Hardware accelerators like GPUs and FPGAs for intensive computation.
  • Examples: p3, p4, g4ad, g5.
  • Use Cases: Machine learning, gaming, and video encoding.

Bare Metal:

  • Direct access to physical hardware.
  • Examples: m5.metal, c5.metal.
  • Use Cases: Specialized workloads requiring low-level hardware access.

Security Groups

Security Groups act as virtual firewalls that control inbound and outbound traffic for EC2 instances.

A security group with only ALLOW rules permits inbound and outbound traffic, DENYING all other connections by default.

  • It can be referred by IP or another security group
  • A security group is a firewall that manages =>
  1. access to ports,
  2. define authorized IP ranges,
  3. and control inbound and outbound network traffic.

ERROR if there is a Security Group Issue — “Time Out “

  • Port 22: SSH (Secure Shell) — Used for secure access to Linux/Unix instances.
  • Port 80: HTTP — Used for web traffic (non-encrypted).
  • Port 443: HTTPS — Used for secure web traffic (encrypted).
  • Port 21: FTP — Used for file transfer protocol.
  • Port 23: Telnet — Unencrypted text communication (rarely used due to security risks).
  • Port 3306: MySQL — Used for MySQL database connections.
  • Port 5432: PostgreSQL — Used for PostgreSQL database connections.
  • Port 6379: Redis — Used for Redis connections.
  • Port 27017: MongoDB — Used for MongoDB database connections.
  • Port 3389: RDP (Remote Desktop Protocol) — Used for connecting to Windows instances.
  • Port 25: SMTP — Used for sending emails (often blocked by cloud providers to avoid spam).
  • Port 110: POP3 — Used for receiving email messages.
  • Port 143: IMAP — Used for receiving email with more advanced features than POP3.
  • Port 514: Syslog — Used for sending log data.

Amazon Machine Images (AMI)

An Amazon Machine Image (AMI) is a pre-configured template containing the software configuration required to launch an EC2 instance.

  • Create AMIs with pre-installed operating systems, applications, and configurations tailored to specific workloads.
  • Choose between public AMIs provided by AWS, private AMIs shared within an account, or third-party AMIs available in the AWS Marketplace.
  • AMIs include snapshots of Amazon Elastic Block Store (EBS) volumes, enabling quick and consistent instance launches.
  • AMIs are region-specific but can be copied across regions for global deployment.
  • Maintain different versions of an AMI to standardize environments and simplify updates.

CASE STUDY :

We connected to the EC2 Instance through our local system =>

We want to list the IAM Users

aws iam list-users

THIS WILL SHOW ERROR

Solution: Create IAM ROLE with required policy → attach to EC2 Instance => You will get the access and you will be able to list users.

CONCLUSION :

If we’re accessing one AWS resource and need it to interact with another AWS resource, an AWS IAM Role with the appropriate AWS Policy is required.

Eg: If we want to get S3 object list in our EC2 instance, so you need to attach IAM role with S3 policy to EC2 Instance.

EC2 Purchasing Options:

Amazon EC2 billing and purchasing options
  • On-Demand Instances: Short Workload, pay by second, Predictable pricing.
  • Reserved Instances: Reservered for 1 or 3 years, For critical long workloads with flexible Instances, Used for databases.
  • Spot Instances: Short workloads, cheap, can lose Instance/data, Non-critical database.
  • Savings Plans: Committed to the amount of usage for 1 or 3 years, locked to Instance family/ Region.
  • Dedicated Hosts: Reserve entire physical servers, Control Instance placement.
  • Dedicated Instance: Reserve the entire hardware, No other customer will share your hardware.
  • Capacity Reservation: Reserve Capacity in a specific AZ for any duration.

If you found this guide helpful then do click on 👏 the button.

Follow for more Learning like this 😊

Let’s connect! Find me on LinkedIn.

If there’s a specific topic you’re curious about, feel free to drop a personal note or comment. I’m here to help you explore whatever interests you!

Thanks for spending your valuable time learning to enhance your knowledge!

AWS
Aws Ec2
Amazon
Amazon Web Services
Ami

--

--

Nidhi Ashtikar
Nidhi Ashtikar

Written by Nidhi Ashtikar

522 Followers
4 Following

Experienced AWS DevOps professional with a passion for writing insightful articles.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams