1. An AMI includes the following:

-       A template for the root volume for the instance (for example, an operating system, an application server, and applications)

-       It also contains the Launch permissions that control which AWS accounts can use the AMI to launch instances (AMI may or may not be used by everybody). So only people who have permissions can use your AMI. You can have public AMI as well (Use for anybody).

-       A block device mapping that specifies the volumes to attach to the instance when it's launched.

2. AMI Across regions: You can copy an AMI to the same region or to different regions. 

3. When you are finished launching an instance from an AMI, you can deregister the AMI.

4. Custom AMI: You can customize the instance that you launch from a public AMI and then save that configuration as a custom AMI for your own use. 

5. Instance Type and AMI: You can launch different types of instances from a single AMI.

6. You can use sudo to run commands that require root privileges.

7. The root device for your instance contains the image used to boot the instance. 

7A: EC2 instances support two types for block level storage

-       Elastic Block Store (EBS): It is, somewhat like network attached storage.

-       Instance Store (It is physically attached to EC2 instance)

7B. EC2 Instances can be launched using either Elastic Block Store (EBS) or Instance Store volume as root volumes and additional volumes.

7C. EC2 instances can be launched by choosing between AMIs backed by Amazon EC2 instance store and AMIs backed by Amazon EBS. However, AWS recommends use of AMIs backed by Amazon EBS, because they launch faster and use persistent storage.

7D. Instance Store: Also known as Ephemeral storage. 

7E. Instance store volumes accesses storage from disks that are physically attached to the host computer.

7F. When an Instance stored instance is launched, the image that is used to boot the instance is copied to the root volume (typically sda1).

7G. Instance store provides temporary block-level storage for instances.

8. Your instance may include local storage volumes, known as instance store volumes, which you can configure at launch time with block device mapping.

8A. Key points for Instance store backed Instance

-       Boot time is slower then EBS backed volumes and usually less than 5 min

-       Can be selected as Root Volume and attached as additional volumes

-       Instance store backed Instances can be of maximum 10GiB volume size

-       Instance store volume can be attached as additional volumes only when is the Instance is being launched and cannot be attached once the Instance is up and running

-       Instance store backed Instances cannot be stopped as one of the main reason being when stopped and started AWS does not guarantee the Instance would be launched in the same host.

-       Data on Instance store volume is LOST in following scenarios :-

n  Failure of an underlying drive

n  Stopping an EBS-backed instance where instance store are additional volumes

n  Termination of the Instance

-       Data on Instance store volume is NOT LOST when the instance is rebooted

-       Instance store backed Instances cannot be upgraded

-       When you launch an Amazon EC2 instance store-backed AMI, all the parts have to be retrieved from Amazon S3 before the instance is available.

9. An EBS volume behaves like a raw, unformatted, external block device that you can attach to a single instance and are not physically attached to the Instance host computer (more like a network attached storage).

9A. Key points for EBS backed Instance

-       Boot time is very fast usually less than a min

-       Can be selected as Root Volume and attached as additional volumes

-       EBS backed Instances can be of maximum 16TiB volume size depending upon the OS

-       EBS volume can be attached as additional volumes when the Instance is launched and even when the Instance is up and running

-       Data on the EBS volume is LOST only if the Root Volume is EBS backed and the Delete On Termination flag is enabled (This is default behavior)

Data on EBS volume is NOT LOST in following scenarios :-

-       Reboot on the Instance

-       Stopping an EBS-backed instance

-       Termination of the Instance for the additional EBS volumes. Additional EBS volumes are detached with their data intact     

-       When EBS-backed instance is in a stopped state, various instance and volume-related tasks can be done for e.g. you can modify the properties of the instance, you can change the size of your instance or update the kernel it is using, or you can attach your root volume to a different running instance for debugging or any other purpose

-       EBS volumes are tied to a single AZ in which they are created.

-       EBS volumes are automatically replicated within that zone to prevent data loss due to failure of any single hardware component

-       EBS backed Instances can be upgraded for instance type, Kernel, RAM disk and user data

-       With an Amazon EBS-backed AMI, parts are lazily loaded and only the parts required to boot the instance need to be retrieved from the snapshot before the instance is available.

-       However, the performance of an instance that uses an Amazon EBS volume for its root device is slower for a short time while the remaining parts are retrieved from the snapshot and loaded into the volume.                  

-       Review the rules in your security groups regularly, and ensure that you apply the principle of least privilege—only open up permissions that you require

10. Consider creating a bastion security group that allows external logins, and keep the remainder of your instances in a group that does not allow external logins.

11. Disable password-based logins for instances launched from your AMI. Passwords can be found or cracked, and are a security risk. 

12. When an instance is in a stopped state, you can attach or detach Amazon EBS volumes. You can also create an AMI from the instance, and you can change the kernel, RAM disk, and instance type.

13. Instances with Amazon EBS volumes for the root device default to stop, and instances with instance-store root devices are always terminated as the result of an instance shutdown.

14. All AMIs are categorized as either backed by Amazon EBS, which means that the root device for an instance launched from the AMI is an Amazon EBS volume, or backed by instance store, which means that the root device for an instance launched from the AMI is an instance store volume created from a template stored in Amazon S3.