Don't forget to create account on our site to get access to more material made only for free registered user.  

AWS Developer Certification : Associate Level AWS Sysops Administrator Certification : Assciate Level   AWS Solution Architect Certification : Associate Level  AWS Solution Architect Certification : Associate Level

1.    Regularly patch, update, and secure the operating system and applications on your instance. 

2.    Implement the least permissive rules for your security group.

3.    Use separate Amazon EBS volumes for the operating system versus your data. Ensure that the volume with your data persists after instance termination. 

4.    If you use instance store for database storage, ensure that you have a cluster with a replication factor that ensures fault tolerance.

5.    Design your applications to handle dynamic IP addressing when your instance restarts. 

6.    The best practice for securing your web server is to install support for HTTPS (HTTP Secure), which protects your data with SSL/TLS encryption.

Important Notes

1.    It is strongly recommended that you associate an Elastic IP address (EIP) to the instance you are using to host a WordPress blog. This prevents the public DNS address for your instance from changing and breaking your installation. If you own a domain name and you want to use it for your blog, you can update the DNS record for the domain name to point to your EIP address. You can have one EIP address associated with a running instance at no charge

2.    You can register a domain name with Amazon Route 53 and associate your instance's EIP address with your domain name.

3.    Move your MySQL database to Amazon RDS to take advantage of the service's ability to scale automatically.

4.    If you have Joomla CMS installation, which is automatically configured using the public DNS address for your EC2 instance. Once you stop and restart the instance, the public DNS address changes (unless it is associated with an Elastic IP address) and your website will not work anymore because it references resources at an address that no longer exists (or is assigned to another EC2 instance). 

5.    You can launch multiple EC2 instances from your AMI and then use Elastic Load Balancing to distribute incoming traffic for your application across these EC2 instances. 

6.    You can use Auto Scaling to maintain a minimum number of running instances for your application at all times. Auto Scaling can detect when your instance or application is unhealthy and replace it automatically to maintain the availability of your application. You can also use Auto Scaling to scale your Amazon EC2 capacity up or down automatically based on demand, using criteria that you specify.

7.    Auto Scaling with Elastic Load Balancing to ensure that you maintain a specified number of healthy EC2 instances behind your load balancer. Note that these instances do not need public IP addresses, because traffic goes to the load balancer and is then routed to the instances.

8.    subnet can be across Az

9.    Increase the Availability of Your Application on Amazon EC2 , create a VPC with one public subnet in two or more Availability Zones. 

10. When you use ELB and Auto scaling, pre-requisite is an AMI which will be used by Auto-scaling to launch new instance based on AMI.

11. If you have some scripts, which needs to be executed as soon as your instance started. Please add this script in User data, while configuring Auto-scaling.

12. When you are using load balancer in front of your instances, then it is needed that in your security group, you must allow HTTP traffic and health checks from the load balancer.

13. You must assign the IAM role when you create the new instance. You can't assign a role to an instance that is already running. For existing instances, you must create an image of the instance, launch an instance from that image, and assign the IAM role as you launch the instance. 

14. Instances require an AWS Identity and Access Management (IAM) role that enables the instance to communicate with Amazon EC2 Simple Systems Manager (SSM).