1. Question 1. What Is Amazon Ec2 Service?

Answer:
Amazon Elastic Compute Cloud (Amazon EC2) is a Amazon web service that provides resizable
(scalable) computing capacity in the cloud. You can use Amazon EC2 to launch as many virtual
servers you need. In Amazon EC2 you can configure security and networking as well as
manage storage. Amazon EC2 service also helps in obtaining and configuring capacity using
minimal friction.
2. Question 2. What Are The Features Of The Amazon Ec2 Service?
Answer:
As the Amazon EC2 service is a cloud service so it has all the cloud features.
Amazon EC2 provides the following features:
o Virtual computing environment (known as instances)
o Pre-configured templates for your instances (known as Amazon Machine Images
– AMIs)
o Amazon Machine Images (AMIs) is a complete package that you need for your
server (including the operating system and additional software)
o Amazon EC2 provides various configurations of CPU, memory, storage and
networking capacity for your instances (known as instance type)
o Secure login information for your instances using key pairs (AWS stores the
public key and you can store the private key in a secure place)
o Storage volumes of temporary data is deleted when you stop or terminate your
instance (known as instance store volumes)
o Amazon EC2 provides persistent storage volumes (using Amazon Elastic Block
Store – EBS)
o A firewall that enables you to specify the protocols, ports, and source IP ranges
that can reach your instances using security groups
o Static IP addresses for dynamic cloud computing (known as Elastic IP address)
o Amazon EC2 provides metadata (known as tags)
o Amazon EC2 provides virtual networks that are logically isolated from the rest of
the AWS cloud, and that you can optionally connect to your own network (known as
virtual private clouds – VPCs)
3. Question 3. What Are The Security Best Practices For Amazon Ec2?
Answer:
For secure Amazon EC2 best practices, follow the following steps:
o Use AWS identity and access management to control access to your AWS
resources
o Restrict access by allowing only trusted hosts or networks to access ports on
your instance
o Review the rules in your security groups regularly
o Only open up permissions that your require
o Disable password-based login, for instance, launched from your AMI Complete
Amazon Web Services Tutorials
4. What are the types of Amazon EC2 instances?
Answer:
EC2 provide a total of 8 families of instance type which are classified according to their use
case.
a) General purpose (fixed performance and burstable performance)
 b) Compute optimized (c3 and c4)
c) GPU optimized (g2)
d) Memory optimized (r3)
e) Storage optimized (I2 and D2)

5. Question 4. Explain Storage For Amazon Ec2 Instance?

Answer:
Amazon EC2 provides many data storage options for your instances. Each option has a unique
combination of performance and durability. These storages can be used independently or in
combination to suit your requirements.
There are mainly four types of storages provided by AWS:
o Amazon EBS: Its durable, block-level storage volumes can attached in running
Amazon EC2 instance. The Amazon EBS volume persists independently from the
running life of an Amazon EC2 instance. After an EBS volume is attached to an
instance, you can use it like any other physical hard drive. Amazon EBS encryption
feature supports encryption feature.
o Amazon EC2 Instance Store: Storage disk that is attached to the host computer
is referred to as instance store. The instance storage provides temporary block-level
storage for Amazon EC2 instances. The data on an instance store volume persists
only (sap training) during the life of the associated Amazon EC2 instance; if you stop
or terminate an instance, any data on instance store volumes is lost.
o Amazon S3: Amazon S3 provides access to reliable and inexpensive data storage
infrastructure. It is designed to make web-scale computing easier by enabling you
to store and retrieve any amount of data, at any time, from within Amazon EC2 or
anywhere on the web.
o Adding Storage: Every time you launch an instance from an AMI, a root storage
device is created for that instance. The root storage device contains all the
information necessary to boot the instance. You can specify storage volumes in
addition to the root device volume when you create an AMI or launch an instance
using block device mapping.
6. Question 5. Explain Stopping, Starting, And Terminating An Amazon Ec2 Instance?
Answer:
Stopping and Starting an instance: When an instance is stopped, the instance performs a
normal shutdown and then transitions to a stopped state. All of its Amazon EBS volumes
remain attached, and you can start the instance again at a later time. You are not charged for
additional instance hours while the instance is in a stopped state.
Terminating an instance: When an instance is terminated, the instance performs a normal
shutdown, then the attached Amazon EBS volumes are deleted unless the volume’s
deleteOnTermination attribute is set to false. The instance itself is also deleted, and you can’t
start the instance again at a later time.
7. Question 6. What Are The Basic Structures Of The Amazon Ec2 Service?
Answer:
As the Amazon EC2 service is a cloud facility so it has entirely all the cloud features. Amazon
EC2 delivers the subsequent features:
o As mention in feature section Question 2
 8. Question 7. Describe Storage For Amazon Ec2 Occurrence ?
Answer :
Amazon EC2 offers numerous data storage choices for your occurrences. Each choice has an
exclusive mixture of presentation and sturdiness. These storages can be used self-sufficiently
or in grouping to suit your necessities.
There are chiefly four types of storages offered by AWS as mention in question 5

9. Question 8. Can S3 Be Cast-off With Ec2 Instances, In Case Of “yes” Please Specify How
?
Answer :
Yes, it can be cast-off for instances with root approaches backed by native occurrence storage.
By using Amazon S3, developers have access to the similar extremely scalable, dependable,
fast, low-priced data storage substructure that Amazon uses to track its own worldwide
network of web sites. In order to perform systems in the Amazon EC2 atmosphere, developers
use the tools providing to load their Amazon Machine Images (AMIs) into Amazon S3 and to
transfer them between Amazon S3 and Amazon EC2. Additional use case might be for
websites hosted on EC2 to load their stationary content from S3
10. Question 9. What Are Regions And Availability Zones In Amazon Ec2 ? Explain In
Brief ?
Answer :
Amazon EC2 is hosted in multiple locations world-wide. These locations are composed of
regions and Availability Zones. Each region is a separate geographic area. Each region has
multiple, isolated locations known as Availability Zones.
Each region is completely independent. Each Availability Zone is isolated, but the Availability
Zones in a region are connected through low-latency links.
Question 10. Explain How To Launch Ec2 Instance In An Availability Zone ?
Answer :
Each region is completely independent and each Availability Zone is isolated. When you view
your resources, you’ll only see the resources tied to the region you have specified.
To launch a EC2 instance, you must select an AMI that’s in the same region (if the AMI is in
another region then you can copy the AMI to the region you are using). Now select an
Availability Zone or let AWS choose for you. After creating the EC2 instance, it will show up in
selected Availability Zone.

11. Question 11. What Is Amazon Ec2 Root Device Volume ?

Answer :
When you launch an instance, the Root Device Volume contains the image used to boot the
instance.
You can launch an instance from one of two types of AMIs:
o Instance store-backed AMI
o EBS based storage
2. Question 12. How To Persist Root Device Volume In Amazon Ec2 Instance ?
 Answer :
By default, the root device volume for an AMI backed by Amazon EBS is deleted when the
instance terminates. To change the default behavior, set the DeleteOnTermination attribute
to false using a block device mapping.
o To change the root device volume of an instance to persist at launch using the
console
o Open the Amazon EC2 console.
o From the Amazon EC2 console dashboard, click Launch Instance.
o On the Choose an Amazon Machine Image (AMI) page, choose the AMI to use
and click Select.
o Follow the wizard to complete the Choose an Instance Type and Configure
Instance Details pages.
o On the Add Storage page, deselect the Delete On Termination check box for the
root volume.
o Complete the remaining wizard pages, and then click Launch.
o Changing the Root Volume of an Instance to Persist Using the AWS CLI
o Use the run-instances command to preserve the root volume by including a
block device mapping that sets its DeleteOnTermination attribute for to false.
3. Question 13. What Is Security Group In Amazon Ec2 ?
Answer :
Security groups act as a firewall for associated instances, controlling both inbound and
outbound traffic at the instance level.
4. Question 14. What Are The Features Of Security Group In Amazon Ec2 ?
Answer :
Following are the features of the Security Group in Amazon EC2:
o We can add rules to a security group that enable us to connect to our instance
from our IP address using SSH.
o We can also add rules that allow inbound and outbound HTTP and HTTPS access
from anywhere.
5. Question 15. How To Create Security Group In Amazon Ec2 ?
Answer :
We can create Security Group in Amazon EC2 using the Amazon EC2 console. To launch
instances in multiple regions, we’ll need to create a Security Group in each region.
Following are the steps to create Security Group in Amazon EC2:
o Open the Amazon EC2 console.
o From the right navigation bar, select a region for the security group.
o Click Security Groups in the navigation pane.
o Click Create Security Group.
o Enter a name for the new security group and a description.
o In the VPC list, select your VPC.
o On the Inbound tab, click Add Rule for each new rule, and then click Create.
6. Question 16. How To Launch An Amazon Ec2 Instance ?
Answer :
We can launch Linux/Windows Amazon EC2 instance using AWS Management Console.
Following are the steps to create Amazon EC2 instance:
o Open the Amazon EC2 console.
o From the console dashboard, choose Launch Instance.
 o Choose an Amazon Machine Image (AMI).
o Choose an Instance Type.
o Click on Review and Launch to let the wizard complete the other configuration
setting.
o On the Review Instance Launch page, under Security Groups select a Security
Group.
o Click on Launch on the Review Instance Launch.
o Select an Existing key pair when it prompted for key pair.
o Click on View Instance to return on the console to see instance is launching.
7. Question 17. How To Connect To Your Amazon Ec2 Instance ?
Answer :
There are several ways to connect to a Linux instance. One of the commonly used method is
to connect Linux instance from Windows local machine using PuTTY.
Following are the steps to connect to a Linux instance:
o Install PuTTY on your local machine.
o Get your instance ID.
o Get the public DNS name of the instance.
o Locate the private key.
o Enable inbound SSH traffic from your IP address to your instance.
o Converting Your Private Key Using PuTTYgen.
o Starting a PuTTY Session.
o Now you are connected to your EC2 instance.
8. Question 18. How To Add A Ebs Volume To Your Amazon Ec2 Instance ?
Answer :
We can attach an EBS volume to one of our instances that is in the same Availability Zone as
the Volume.
Following are the steps to attache an EBS volumn to an instance using console:
o Open the Amazon EC2 console.
o In the left navigation pane, choose Volumes.
o Select a volume and choose Attach Volume.
o Select the instance to which you want to attach the volume.
o Click on Attach.
o Now connect to your instance and make the volume available.
9. Question 19. How To Clean Up Your Amazon Ec2 Instance And Volume ?
Answer :
After we are finished with the instance we created, we can clean up by terminating the
instance.
Following are the steps to terminate the EC2 instance:
o In the navigation pane, choose Instances. In the list of instances, select the
instance.
o Choose Actions, then Instance State, and then choose Terminate.
o Choose Yes,Terminate when prompted for confirmation.
10. Question 20. What Are The Best Practices For Amazon Ec2 ?
Answer :
To get the maximum benefit from and satisfaction with Amazon EC2.
There are mainly four best practices:
o Security and Network Best Practices
 o Storage
o Resource Management
o Backup and Recovery

11. Question 21. What Is Amazon Machine Image And What Is The Relation Between
Instance And Ami ?
Answer :
Amazon Web Services provides several ways to access Amazon EC2, like web-based interface,
AWS Command Line Interface (CLI) and Amazon Tools for Windows Powershell. First, you
need to sign up for an AWS account and you can access Amazon EC2.
Amazon EC2 provides a Query API. These requests are HTTP or HTTPS requests that use the
HTTP verbs GET or POST and a Query parameter named Action.
12. Question 22. What Is Amazon Machine Image (ami) ?
Answer :
An Amazon Machine Image (AMI) is a template that contains a software configuration (for
example, an operating system, an application server, and applications). From an AMI, we
launch an instance, which is a copy of the AMI running as a virtual server in the cloud. We can
even launch multiple instances of an AMI.
13. Question 23. What Is The Relation Between Instance And Ami ?
Answer :
We can launch different types of instances from a single AMI. An instance type essentially
determines the hardware of the host computer used for your instance. Each instance type
offers different compute and memory capabilities. 
After we launch an instance, it looks like a traditional host, and we can interact with it as we
would do with any computer. We have complete control of our instances; we can use sudo to
run commands that require root privileges.
14. Question 24. How To Migrate An Instance To Another Availability Zone ?
Answer :
You can migrate your EC2 instance from one Availability Zone to another.
Following are the steps to migrate an Instance to another Availability Zone:
o Create an AMI from the running instance
o Launch an instance from the AMI that you just created, specify the new
Availability Zone
o You can use the same instance type as the original instance, or select a new
instance type
o If the original instance has an associated Elastic IP address, then associate it with
the new instance
o If the original instance is a Reserved Instance, change the Availability Zone for
your reservation
15. Question 25. What Is Key Pair ?
Answer :
AWS uses public-key cryptography to secure the login information for your instance. A Linux
instance has no password; you use a key pair to log in to your instance securely.
You specify the name of the key pair when you launch your instance, then provide the private
key when you log in using SSH.
16. Question 26. How To Create Key Pair ?
Answer :
We can create one using the Amazon EC2 console. To launch instances in multiple regions,
we’ll need to create a key pair in each region.
Following are the steps to create Key Pair:
o Sign in to Amaon Web Service.
o From the AWS dashboard, choose EC2 to open the Amazon EC2 console.
o From the navigation bar, select a region for the key pair.
o In the left navigation pane, under NETWORK & SECURITY, click Key Pairs.
o Click Create Key Pair.
o Enter a name for the new key pair in the Key pair name field of the Create Key
Pair dialog box, and then click Create.
o The private key file is automatically downloaded by your browser. The base file
name is the name you specified as the name of your key pair, and the file name
extension is .pem.
17. Question 27. What Is The Use Of Key Pair ?
Answer :
Key pair is used to log in to your instance securely. This is public-key cryptography to secure
the login information for your instance.
18. Question 28. How To Create Your Own Amazon Machine Image (ami) ?
Answer :
You can customize a instance that is launched from a public AMI and then save that
configuration as a custom AMI for your own use.
Instances that you launch from your AMI use all the customizations that you’ve made.

19. Question 29. How To Determine The Root Device Type Of Your Ami ?
Answer :
We can determine the Root Device type of AMI using following 2 methods.
Method 1: Following are the steps to determine the Root Device type of an AMI using the
console
o Open the Amazon EC2 console
o In the navigation pane, click AMIs, and select the AMI
o Check the value of Root Device Type in the Details tab as follows
o If the value is ebs, this is an Amazon EBS-backed AMI
o If the value is instance store, this is an instance store-backed AMI
Method 2: Following are the steps to determine the root device type of an AMI using the
command line
We can use one of the following commands.
o describe-images (AWS CLI)
o Get-EC2Image (AWS Tools for Windows PowerShell)
2. Question 30. What Is The Size Limit For Amazon Ec2 Instance Store-backed Amis And
Amazon Ebs-backed Amis ?
Answer :
All AMIs are categorized as either backed by Amazon EBS or backed by instance store.
 Backed by Amazon EBS – means that the root device for an instance launched from the AMI is
an Amazon EBS volume created from an Amazon EBS snapshot.
Backed by instance store – means that the root device for an instance launched from the AMI
is an instance store volume created from a template stored in Amazon S3.
Root device size limit for –
Amazon EBS – Backed is 16 TiB
Amazon Instance Store-Backed is 10 GiB

3. Question 31. How You’re Charged In Amazon Ec2? Explain In Detail ?

Answer :
o Charges varies upon AMIs backed and storage volums.
o AMIs backed by instance storage charged for: AMI storage + Instance usage
o AMIs backed by Amazon EBS storage charged for: Volume storage + Usage in
addition to the AMI + instance usage
o When an Amazon EBS-backed instance is stopped, you are not charged for
instance usage, but you are still charged for volume storage.
o AWS charges a full instance hour for every transition from a stopped state to a
running state, even if we transition the instance multiple times within a single hour.
For example: if hourly instance charge for your instance is $0.10 and if you were to run that
instance for one hour without stopping it, you would be charged $0.10. If you stopped and
restarted that instance twice during that hour, then you would be charged $0.30 for that hour
of usage (the initial $0.10, plus 2 x $0.10 for each restart).
4. Question 32. What Is Shared Ami ?
Answer :
A shared AMI is an AMI that a developer created and made available for other developers to
use.
One of the easiest ways to get started with Amazon EC2 is to use a shared AMI that has the
components you need and then add custom content. You can also create your own AMIs and
share them with others.
o Use a shared AMI at your own risk. Amazon can’t vouch for the integrity or
security of AMIs shared by other Amazon EC2 users. AWS recommends that you get
an AMI from a trusted source.
5. Question 33. How To Update Ami Tools At Boot Time ?
Answer :
AWS recommends that your AMIs download and upgrade the Amazon
EC2 AMI creation tools during startup. This ensures that new AMIs based on your shared AMIs
have the latest AMI tools.
For Amazon Linux, add the following to /etc/rc.local:
# Update the Amazon EC2 AMI tools
echo ” + Updating EC2 AMI tools”
yum update -y aws-amitools-ec2
echo ” + Updated EC2 AMI tools”
6. Question 34. How To Disable Password-based Logins For Root In Amazon Ec2
Instance ?
Answer :
Using a fixed root password for a public AMI is a security risk that can quickly become known.
Even relying on users to change the password after the first login opens a small window of
opportunity for potential abuse.
Following are the steps to disable password-based remote logins for the root user:
Open the /etc/ssh/sshd_config file with a text editor and locate the following line:
#PermitRootLogin yes
Change the line to:
PermitRootLogin without-password
The location of this configuration file might differ for your distribution.

7. Question 35. What Is Public Key Credentials And How To Install It ?

Answer :
Amazon EC2 uses public–key cryptography to encrypt and decrypt login information. Public–
key cryptography uses a public key to encrypt a piece of data, such as a password, then the
recipient uses the private key to decrypt the data. The public and private keys are known as a
key pair.
After configuring the AMI to prevent logging in using a password, you must make sure users
can log in using another mechanism.
8. Question 36. How Is Stopping And Terminating An Instance Different From Each
Other ?
Answer :
Starting, stopping and terminating are the three states in an EC2 instance, let’s discuss them
in detail:
o Stopping and Starting an instance: When an instance is stopped, the instance
performs a normal shutdown and then transitions to a stopped state. All of its
Amazon EBS volumes remain attached, and you can start the instance again at a
later time. You are not charged for additional instance hours while the instance is in
a stopped state.
o Terminating an instance: When an instance is terminated, the instance performs
a normal shutdown, then the attached Amazon EBS volumes are deleted unless the
volume’s deleteOnTermination attribute is set to false. The instance itself is also
deleted, and you can’t start the instance again at a later time.
9. Question 37. How Is A Spot Instance Different From An On-demand Instance Or
Reserved Instance ?
Answer :
First of all, let’s understand that Spot Instance, On-Demand instance and Reserved Instances
are all models for pricing. Moving along, spot instances provide the ability for customers to
purchase compute capacity with no upfront commitment, at hourly rates usually lower than
the On-Demand rate in each region. Spot instances are just like bidding, the bidding price is
called Spot Price.
 The Spot Price fluctuates based on supply and demand for instances, but customers will never
pay more than the maximum price they have specified. If the Spot Price moves higher than a
customer’s maximum price, the customer’s EC2 instance will be shut down automatically.
But the reverse is not true, if the Spot prices come down again, your EC2 instance will not be
launched automatically, one has to do that manually. In Spot and On demand instance, there
is no commitment for the duration from the user side, however in reserved instances one has
to stick to the time period that he has chosen.
10. Question 38. Is It Possible To Change The Private Ip Addresses Of An Ec2 While It Is
Running/stopped In A Vpc ?
Answer :
The primary private IP address cannot be changed. Secondary private addresses can be
unassigned, assigned or moved between interfaces or instances at any point.
11. Question 39. Can S3 Be Used With Ec2 Instances, If Yes, How ?
Answer :
Yes, it can be used for instances with root devices backed by local instance storage. By using
Amazon S3, developers have access to the same highly scalable, reliable, fast, inexpensive
data storage infrastructure that Amazon uses to run its own global network of web sites. In
order to execute systems in the Amazon EC2 environment, developers use the tools provided
to load their Amazon Machine Images (AMIs) into Amazon S3 and to move them between
Amazon S3 and Amazon EC2.
Another use case could be for websites hosted on EC2 to load their static content from S3.
12. Question 40. If You Want To Launch Amazon Elastic Compute Cloud (ec2) Instances
And Assign Each Instance A Predetermined Private Ip Address You Should ?
Answer :
The best way of connecting to your cloud resources (for ex- ec2 instances) from your own
data center (for eg- private cloud) is a VPC. Once you connect your datacenter to the VPC in
which your instances are present, each instance is assigned a private IP address which can be
accessed from your datacenter. Hence, you can access your public cloud resources, as if they
were on your own network.
13. Question 41. Explain What Happens When I Reboot An Ec2 Instance ?
Answer :
Rebooting an instance is like rebooting a PC. The hard disk isn’t affected. You don’t return to
the image’s original state, but the contents of the hard disks are those before the reboot.
Rebooting isn’t associated with billing. Billing starts when you instantiate an image and stops
when you terminate it. Rebooting in between hasn’t any effect.
14. Question 42. How You Will Change The Root Ebs Device Of My Amazon Ec2 Instance ?
Answer :
o Stop the instance.
o Detach the root EBS volume.
o Attach the alternate EBS volume (as the root e.g. /dev/sda1)
o Start the instance.
o This presupposes that your alternate EBS volume is bootable, of course – it has
to contain the bootable OS image.
15. Question 43. What Is The Underlying Hypervisor For Ec2 ?
Answer :
Xen
16. Question 44. What Are Spot Instances In Amazon Ec2 ?
Answer :
In Amazon EC2, we can even bid for getting a computing instance. Any instance procured by
bidding is a Spot Instance. Multiple users bid for an EC2 Instance. Once the bid price exceeds
the Spot price, the user with the highest bid gets it. As long as their bid price remains higher
than the Spot price, they can keep using it.
Spot price varies with the supply and demand. Once Spot price exceeds Bid price, the instance
will be taken back from the user.
17. Question 45. What Is The Difference Between A Spot Instance And A Demand Instance
On Ec2?
Answer :
“On-Demand” instances allow the user to use the compute by hour without requiring long
term commitment. There are no guarantees that the user will always be able to launch
specific instance types in an availability zone, though AWS tries it’s best to meet the needs.
This service is preferable for POCs and they do not suffer an interruption of the service (by
AWS) like Spot instances.
“Spot” instances are a bid_for_low_price version of On-Demand instances, but could be shut
down by AWS anytime the Spot instance price goes higher than bid price. Spot price
fluctuates based on the supply and demand of the capacity. It’s essentially the leftover
capacity of AWS to be used. There is no difference in the performance compared to On-
Demand instances and is usually cheaper than On-demand instances as there is no guarantee
provided over the availability. The user can choose a start time and end time for the instances
or can make a persistent request(no end time specified) for this service. This service is
preferable for computing needs which are not tied to any deadlines, computing needs are
large and the interruption of service is acceptable.
18. Question 46. What Are The Main Features Of Classic Load Balancer In Ec2 ?
Answer :
Some of the main features of Classic Load Balancer (CLB) in Amazon EC2 are as follows:
Health Check: Based on the result of Health Check, Classic Load Balancer can decide to route
the traffic. If any instance has unhealthy results, CLB will not route the traffic to that instance.
Security: We can create security groups for CLB in Virtual Private Cloud (VPC). With these
features, it is easy to implement secure load balancing within a network.
High Availability: With CLB, we can distribute traffic among EC2 instances in single or multiple
Availability Zones. This helps in providing very high scale of availability for the incoming traffic.
Sticky Sessions: CLB also supports sticky session by using cookies. The sticky sessions make
sure that the traffic from a user is always routed to the same instance so that user gets
seamless experience.
IPv6: CLB also support Internet Protocol version 6.
Operational Monitoring: We can also perform operational monitoring CLB and collect
statistics on request count, latency etc. These metrics can be monitored in CloudWatch.
19. Question 47. What Are The Main Features Of Application Load Balancer (alb) In
Amazon Ec2 ?
Answer :
Main features of Application Load Balancer (ALB) are as follows:
o Content-Based Routing: In ALB, we can make use of content in the request to
decide the routing of a request to a specific service.
 o HTTP/2: ALB supports the new version of HTTP protocol. In this protocol, we can
send multiple requests on same connection. It also supports TLS and header
compression.
o WebSockets: ALB supports WebSockets in EC2. With WebSockets, a server can
exchange real-time messages with the end-users.
o Layer-7 Load Balancing: ALB can also load balance HTTP/HTTPS application with
layer-7 specific features.
o Delete Protection: ALB also provides Delete Protection option by which we can
prevent it from getting deleted by mistake.
o Containerized Application Support: We can use ALB to load balance multiple
containers across multiple ports on same EC2 instance.
20. Question 48. What Is A Placement Group In Ec2 ?
Answer :
AWS provides an option of creating a Placement Group in EC2 to logically group the instances
within as single Availability Zone.
We get the benefits of low network latency and high network throughput by using a
Placement Group.
Placement Group is a free option as of now. When we stop an instance, it will run in same
Placement Group in restart at a later point of time.
The biggest limitation of Placement Group is that we cannot add Instances from multiple
availability zones to one Placement Group.
21. Question 49. What Types Of Issues Do You Face While Connecting To An Ec2 Instance ?
Answer :
Some of the possible connection issues with EC2 instance are:
o Connection time out
o Permission denied due to host key not found
o Unprotected private key file
o Permission denied due to user key not recognized by server
o No supported authentication method available
o Server refused the key AWS Video Training

The easy way to manage an Amazon AWS EC2 server is from the AWS management console GUI.

But, if your environment has multiple servers, then it gets bit tedious to manage it from the AWS GUI.

Also, if you are Linux sysadmin, you would prefer to manage your EC2 instances from the command line.

Pretty much anything that you can do from AWS console UI can be done from the command line.
This tutorial explains the 15 most frequently performed EC2 operations with AWS EC2 command line
examples.
If you are new to Amazon AWS: 10 Most Popular Amazon AWS Storage and Database Services

Quick Reference

For your future quick reference, here are all the commands mentioned in this tutorial. Make sure to read
the details provided in this tutorial below to understand more about these commands.

aws ec2 describe-instances (View Current Status of an Instance)

aws ec2 start-instances --instance-ids i-dddddd70

aws ec2 stop-instances --instance-ids i-5c8282ed

aws ec2 terminate-instances --dry-run --instance-ids i-dddddd70

aws ec2 create-tags --resources i-dddddd70 --tags Key=Department,Value=Finance

aws ec2 describe-volumes

aws ec2 attach-volume --volume-id vol-1d5cc8cc --instance-id i-dddddd70 --device /dev/sdh

aws ec2 run-instances --dry-run --image-id ami-08111162 --count 1 --instance-type t1.micro --key-name
MyKeyPair --security-groups my-ami-security-group

aws ec2 reboot-instances --instance-ids i-dddddd70

aws ec2 modify-instance-attribute --instance-id i-44a44ac3 --instance-type "{\"Value\": \"m1.small\"}"

aws ec2 create-image --instance-id i-44a44ac3 --name "Dev AMI" --description "AMI for development
server"

aws ec2 describe-images --image-ids ami-2d574747

aws ec2 deregister-image --image-id ami-2d574747 && aws ec2 delete-snapshot --snapshot-id snap-
4e665454

aws ec2 delete-snapshot --snapshot-id snap-4e665454

aws ec2 modify-instance-attribute --instance-id i-44a44ac3 --disable-api-termination

aws ec2 modify-instance-attribute --instance-id i-44a44ac3 --no-disable-api-termination

aws ec2 get-console-output --instance-id i-44a44ac3

aws ec2 monitor-instances --instance-ids i-44a44ac3

aws ec2 unmonitor-instances --instance-ids i-44a44ac3

aws ec2 describe-key-pairs

aws ec2 create-key-pair --key-name dev-servers

aws ec2 delete-key-pair --key-name dev-servers

1. View Current Status of an Instance

The following “aws ec2 describe-instances” will display detailed information about all instances that are
managed by you. The output will be in JSON format.

aws ec2 describe-instances

If you have way too many instances, you can use the filter option to view a specific instance.

The following will display only the instance which has the “Name” tag set as “dev-server”.

# aws ec2 describe-instances --filter Name=tag:Name,Values=dev-server

..

..

"State": {

"Code": 80,

"Name": "stopped"
 },

..

..

"InstanceId": "i-e5888e46",

..

From the above output, we can see that this instance is currently “stopped” and is not running.

2. Start an Instance

The following “aws ec2 start-instances” command will start the instance that is specified in the –
instance-ids field.

This will also display the current state and the previous state of the instance in the output. As you see
from the following output, previously this instance was “stopped” and now it is in “pending” state and
will be started soon.

# aws ec2 start-instances --instance-ids i-dddddd70

"StartingInstances": [

"InstanceId": "i-dddddd70",

"CurrentState": {

"Code": 0,
 "Name": "pending"

},

"PreviousState": {

"Code": 80,

"Name": "stopped"

If you want to start multiple instances using a single command, provide all the instance ids at the end as
shown below.

aws ec2 start-instances --instance-ids i-5c8282ed i-44a44ac3

3. Stop an Instance

The following “aws ec2 stop-instances” command will stop the instance that is specified in the –
instance-ids field.

As you see from the output, previously this particular instance was in “running” state and currently it is
in “stopping” state and will be stopped very soon.

# aws ec2 stop-instances --instance-ids i-5c8282ed

{
"StoppingInstances": [

"InstanceId": "i-5c8282ed",

"CurrentState": {

"Code": 64,

"Name": "stopping"

},

"PreviousState": {

"Code": 16,

"Name": "running"

The following are the possible state name and state code for an instance:

 0 is for pending
 16 is for running
 32 is for shutting-down
 48 is for terminated
 64 is for stopping
 80 is for stopped
If you execute the above command on an instance that is already stopped, you’ll see both the previous
state and the current state as stopped.

To stop multiple instances together, specify one or more instances ids as shown below.

aws ec2 stop-instances --instance-ids i-5c8282ed i-e5888e46

You can also force an instance to stop. This will not give the system an opportunity to flush the
filesystem level cache. Use this only when you know exactly what you are doing.

aws ec2 stop-instances --force --instance-ids i-dddddd70

4. Terminate an Instance

The following “aws ec2 terminate-instances” command will terminate the instance that is specified in
the –instance-ids field.

As you see from the output, previously this particular instance was in “stopped” state and it is not in
“terminated” state.

Be very careful when you are terminating an instance, as you can’t get your instance back once it is
terminated. Terminate is not same as stop.

# aws ec2 terminate-instances --instance-ids i-44a44ac3

"TerminatingInstances": [

"InstanceId": "i-44a44ac3",
 "CurrentState": {

"Code": 48,

"Name": "terminated"

},

"PreviousState": {

"Code": 80,

"Name": "stopped"

5. Add Name Tag to an Instance

The following “aws ec2 create-tags” command will add a new tag to the specified instance.

In this example, we are adding a tag with Key as “Department”, and it’s Value as “Finance”

aws ec2 create-tags --resources i-dddddd70 --tags Key=Department,Value=Finance

Now you’ll see that the new Tag has been added.

# aws ec2 describe-instances

..

"Tags": [

"Value": "Finance",

"Key": "Department"

},

"Value": "dev-server",

"Key": "Name"

],

..

You can also verify the TAG from the AWS Management Console GUI as shown below.
6. Add Storage (Block Device) to an Instance

First, use the following command to get a list of all block device volumes that are available for you. Look
for those volumes that has the State as “available”

aws ec2 describe-volumes

..

"AvailabilityZone": "us-east-1b",

"Attachments": [],

"Encrypted": false,

"VolumeType": "standard",

"VolumeId": "vol-1d5cc8cc",

"State": "available",

"SnapshotId": "",
 "CreateTime": "2016-04-17T15:08:40.469Z",

"Size": 1

..

From the above, get the VolumeId, and use that in the following “aws ec2 attach-volume” command to
attach that volume to a particular instance.

In the following command, you should also specify the –device option, which will be the the disk name
that will be used at the OS level for this particular volume.

In this example, this volume will be attached as “/dev/sdh” disk.

# aws ec2 attach-volume --volume-id vol-1d5cc8cc --instance-id i-dddddd70 --device /dev/sdh

"AttachTime": "2016-04-17T15:14:10.144Z",

"InstanceId": "i-dddddd70",

"VolumeId": "vol-1d5cc8cc",

"State": "attaching",

"Device": "/dev/sdh"

}
Note: When you attach a volume to an instance from the AWS management console, by default it will
automatically populate the device. But in the AWS EC2 CLI, you have to specify the device name as
shown below.

After attaching the device, you’ll notice that the state changed from “available” to “attached” for this
particular volume.

# aws ec2 describe-volumes

..

"Attachments": [

"AttachTime": "2016-04-17T15:14:10.000Z",

"InstanceId": "i-dddddd70",

"VolumeId": "vol-1d5cc8cc",

"State": "attached",

..

7. Launch a New EC2 Instance

The following command will create a new AWS EC2 instance for you.

This is equivalent to the “Launch Instance” that you’ll perform the AWS management console.

To launch an instance, use “aws ec2 run-instances” command as shown below.

# aws ec2 run-instances --image-id ami-22111148 --count 1 --instance-type t1.micro --key-name stage-
key --security-groups my-aws-security-group
In the above command:

 –image-id Specify the image id for the AMI that you want to launch. You can browse the AWS
marketplace and choose the correct image that is required for your project.
 –count Specify the number of instance that you want to launch from this image. In this case, we
are creating only one new instance.
 –instance-type In this example, I’m launching this instance as a t1.micro type, which doesn’t use
have CPU and RAM.
 –key-name Specify the name of the key pair that you want to use this with system. You should
create your own key pair before launching your instance.
 –security-groups Specify the name of the security groups. You should create a security group
with appropriate firewall rules that are required for your project.
The following is a sample full output of the above command, which display all the information about the
newly launched instance.

"OwnerId": "353535354545",

"ReservationId": "r-d6668103",

"Groups": [

"GroupName": "my-aws-security-group",

"GroupId": "sg-6cbebe01"

],

"Instances": [
{

"Monitoring": {

"State": "disabled"

},

"PublicDnsName": "",

"KernelId": "aki-91afcaf8",

"State": {

"Code": 0,

"Name": "pending"

},

"EbsOptimized": false,

"LaunchTime": "2016-04-17T19:13:56.000Z",

"ProductCodes": [],

"StateTransitionReason": "",

"InstanceId": "i-44a44ac3",

"ImageId": "ami-22111148",

"PrivateDnsName": "",

"KeyName": "stage-key",
"SecurityGroups": [

"GroupName": "my-aws-security-group",

"GroupId": "sg-6cbebe01"

],

"ClientToken": "",

"InstanceType": "t1.micro",

"NetworkInterfaces": [],

"Placement": {

"Tenancy": "default",

"GroupName": "",

"AvailabilityZone": "us-east-1c"

},

"Hypervisor": "xen",

"BlockDeviceMappings": [],

"Architecture": "x86_64",

"StateReason": {
 "Message": "pending",

"Code": "pending"

},

"RootDeviceName": "/dev/sda1",

"VirtualizationType": "paravirtual",

"RootDeviceType": "ebs",

"AmiLaunchIndex": 0

If you get the following error message, then the instance type you’ve selected is not supported for this
AMI. Change the instance type and try again.

# aws ec2 run-instances --dry-run --image-id ami-08111162 --count 1 --instance-type t1.micro --key-
name MyKeyPair

A client error (InvalidParameterCombination) occurred when calling the RunInstances operation: Non-
Windows instances with a virtualization type of 'hvm' are currently not supported for this instance type.

The following are additional parameters that you can pass with the “aws ec2run-instances” command

 –subnet-id Use the appropriate subnet id to launch a EC2 VPC instance

 –block-device-mappings file://mymap.json In this JSON file you can specify the volumes that you
want to attach to the instance that you want to launch
 –user-data file://myuserdata.txt In this text file you can specify the userdata that need to be
executed when the EC2 instance is launched
 –iam-instance-profile Name=myprofile You can also specify your IAM profile that you want to use
while launching the instance

8. Reboot an Instance (and General Options)

To reboot an instance, use “aws ec2 reboot-instances” command as shown below.

aws ec2 reboot-instances --instance-ids i-dddddd70

The are few options that you can use pretty much with most of the AWS EC2 cli commands.

For example, you can use “–dry-run” option pretty much with all the AWS EC2 cli command. As the
name suggests, it will not really execute the command. This will only perform a dry-run and display all
possible error messages without really doing anything.

For example, the following is a dry-run operation when you want to stop an instance.

# aws ec2 stop-instances --dry-run --instance-ids i-dddddd70

A client error (DryRunOperation) occurred when calling the StopInstances operation: Request would
have succeeded, but DryRun flag is set.

When you are performing a dry-run the following are the two possible errors:

 If you have appropriate permission, it will display “DryRunOperation” error, and any other real
error message that are related to that specific command that you are executing.
 If you don’t have permission to execute that particular command, it will display
“UnauthorizedOperation” error
You can also specify the input to the AWS EC2 cli in JSON format using the –cli-input-json option as
shown below.
If you don’t know exactly what kind of information needs to passed for a particular EC2 command in
JSON format, you can use –generate-cli-skeleton as shown below. Once you have the JSON output,
modify the appropriate values, and use it as an input to –cli-input-json option.

# aws ec2 stop-instances --dry-run --force --generate-cli-skeleton --instance-ids i-dddddd70

"DryRun": true,

"InstanceIds": [

"i-dddddd70"

],

"Force": true

The following is an example JSON file that can be used as an input to AWS EC2 CLI command.

# cat stop.json

"DryRun": true,

"InstanceIds": [

"i-dddddd70"

],
 "Force": true

In the following example, we are using the above stop.json file as an value for the –client-input-json
option as shown below. Don’t forget to give “file://”

aws ec2 stop-instances --cli-input-json file://stop.json

9. Change Instance Type

Before changing: In this example, the following instance is of type t1.micro

# aws ec2 describe-instances

..

"InstanceId": "i-44a44ac3",

..

"InstanceType": "t1.micro",

You can change the above instance to a different instance type.

For that, first stop the instance. Without stopping you cannot change the instance type.

aws ec2 stop-instances --instance-ids i-44a44ac3

The following “aws ec2 modify-instance-attribute” is used to change the instance type. In this example,
we are changing the instance type to “m1.small”
aws ec2 modify-instance-attribute --instance-id i-44a44ac3 --instance-type "{\"Value\": \"m1.small\"}"

After changing, the following is the instance type.

# aws ec2 describe-instances

..

"InstanceId": "i-44a44ac3",

..

"InstanceType": "m1.small",

If an instance type is not supported for your particular image, you’ll get the following error message. In
this example, t2.nano is not supported for this particular image.

# aws ec2 modify-instance-attribute --instance-id i-44a44ac3 --instance-type "{\"Value\": \"t2.nano\"}"

A client error (InvalidParameterCombination) occurred when calling the ModifyInstanceAttribute

operation: Virtualization type 'hvm' is required for instances of type 't2.nano'. Ensure that you are using
an AMI with virtualization type 'hvm'.

10. Create a New Image

From your particular instance that is running with all the configuration changes that you’ve done so far,
you can create a new image using the following “aws ec2 create-image” command.

# aws ec2 create-image --instance-id i-44a44ac3 --name "Dev AMI" --description "AMI for development
server"
{

"ImageId": "ami-2d574747"

This is helpful when you want to launch new instance based on this new image that you created which
has your changes in it.

Use the following “aws ec2 describe-images” command to view the details of the new image that you’ve
just created.

# aws ec2 describe-images --image-ids ami-2d574747

"Images": [

"VirtualizationType": "paravirtual",

"Name": "Dev AMI",

"Hypervisor": "xen",

"ImageId": "ami-2d574747",

"RootDeviceType": "ebs",

"State": "available",

"BlockDeviceMappings": [
{

"DeviceName": "/dev/sda1",

"Ebs": {

"DeleteOnTermination": true,

"SnapshotId": "snap-4e665454",

"VolumeSize": 8,

"VolumeType": "standard",

"Encrypted": false

],

"Architecture": "x86_64",

"ImageLocation": "353535354545/Dev AMI",

"KernelId": "aki-91afcaf8",

"OwnerId": "353535354545",

"RootDeviceName": "/dev/sda1",

"CreationDate": "2016-04-17T19:57:57.000Z",

"Public": false,
 "ImageType": "machine",

"Description": "AMI for development server"

11. Delete an Image

When you create an image, it also creates a snapshot.

So, when you are deleting your image you have to do two things.

First, use the “aws ec2 deregister-image” command to dereigser the Image.

aws ec2 deregister-image --image-id ami-2d574747

Next, use the “aws ec2 delete-snapshot” command to delete the snapshot that is associated with your
image.

aws ec2 delete-snapshot --snapshot-id snap-4e665454

12. Enable Instance Termination Protection

It is very easy to delete an running instance by mistake when you execute the terminate command by
mistake (Either from UI or from command line).

By default termination protection is turned off. This means that you can delete your instance by mistake.

To enable termination protection for your instance, use the “aws ec2 modify-instance-attribute”
command, and pass the “–disable-api-termination” option as shown below.
aws ec2 modify-instance-attribute --instance-id i-44a44ac3 --disable-api-termination

Later if you want to disable the termination protection, execute the following command.

aws ec2 modify-instance-attribute --instance-id i-44a44ac3 --no-disable-api-termination

13. Get System Log (View Console Output)

Since you don’t have a physical access to the console for the instances that are running on AWS EC2, use
the following command.

This “aws ec2 get-console-output” command will display whatever was sent to the system console for
your particular instance.

aws ec2 get-console-output --instance-id i-44a44ac3

This is very helpful when you are debugging some issues on your system.

14. Enable Cloudwatch Monitoring for an Instance

The following “aws ec2 monitor-instances” command will enable advanced cloudwatch monitoring
provided by AWS to your specified instance.

# aws ec2 monitor-instances --instance-ids i-44a44ac3

"InstanceMonitorings": [

"InstanceId": "i-44a44ac3",

"Monitoring": {
 "State": "enabled"

Since there are some cost associated with the monitoring of instance, you may want to enable
monitoring temporarily when you are debugging some issue, and later you can disable the montiroing
using the following command.

# aws ec2 unmonitor-instances --instance-ids i-44a44ac3

"InstanceMonitorings": [

"InstanceId": "i-44a44ac3",

"Monitoring": {

"State": "disabled"

]
}

15. AWS EC2 Key Pairs

The following “aws ec2 describe-key-pairs” command will display all keypairs that you’ve created so far
in AWS.

# aws ec2 describe-key-pairs

"KeyPairs": [

"KeyName": "prod-key",

"KeyFingerprint": "61:7c:f1:13:53:b0:3a:01:dd:dd:6c:90"

},

"KeyName": "stage-key",

"KeyFingerprint": "41:6c:d1:23:a3:c0:2a:0a:dc:db:60:4c"

To create a new Keypair use the following “aws ec2 create-key-pair” command. In this example, I’m
creating a key pair with name “dev-servers”. I’ll be using this key-pair for all my dev instances.
# aws ec2 create-key-pair --key-name dev-servers

"KeyName": "dev-servers",

"KeyMaterial": "-----BEGIN RSA PRIVATE KEY-----\n

dYXbKYMRlI59J5XKyPgC/67GL8\nXg

....

n-----END RSA PRIVATE KEY-----",

"KeyFingerprint": "3d:c2:c8:7f:d2:ee:1d:66"

If you have created a keypair by mistake, use the following command to delete it.

# aws ec2 delete-key-pair --key-name dev-servers