- Every EC2 instance must have a root volume, which may or may not be EBS (Elastic Block Store).
- By default, an EBS root volume will be deleted when the instance is terminated. You can change the setting to make EBS volumes persistent.
- You can attach additional EBS volumes to instances, and they are not deleted when the instance is terminated.
Author Archives: Pyongwon Lee
IT (Cloud, Web) Development, Philosophy, Economics.
[AWS] EC2 – Instance Types
An Instance Type determines a particular set of features and sizes (hardware components) that decide the level of workload – Compute Power (vCPU), Memory, Storage Options, Network Performance.
Continue reading “[AWS] EC2 – Instance Types”[AWS] EC2 Purchasing Options
AWS provides various purchasing options for users to optimize their costs based on their needs. On-demand is the base option. You can pay just for what you use. But you can get a discount by reserving instances for a set of periods.
Continue reading “[AWS] EC2 Purchasing Options”[AWS] EC2 Basics
Elastic Compute Cloud (EC2) provides scalable virtual servers (known as instances) in the cloud on-demand.
Continue reading “[AWS] EC2 Basics”[AWS] High Performance Computing (HPC)
High Performance Computing (HPC) is used for the areas that require high computing powers such as financial analysis, machine learning, and weather prediction.
Continue reading “[AWS] High Performance Computing (HPC)”[AWS] AWS Shield
AWS Shield is a managed service to protect DDoS (Distributed Denial of Service) attacks.
- AWS Shield provides always-on detection and mitigation service to minimize application downtime and latency.
[AWS] AWS WAF (Web Application Firewall)
WAF (Web Application Firewall) is a firewall service to protect web applications from common web exploit attacks.
- It is an OSI Layer 7 firewall.
- It monitors HTTP or HTTPS requests to ELB, CloudFront, or API Gateway.
- Blocked traffic returns HTTP 403 (Forbidden) error status.
[AWS] Key Management Service (KMS)
Key Management Service (KMS) is a regional secure key management service (FIPS 140-2 level 2 validated) that provides encryption and decryption. KMS is integrated with most of other AWS services.
- KMS is a regional service, not a global one.
- KMS is NOT an ideal place to save database passwords and API keys. They are stored in Systems Manager Parameter Store.
- You are charged per API call.
- KMS has the audit capability using CloudTrail to provide encryption key usage logs, which are saved in S3.
Scriptorium 