EC2 instances best practices: - Implement least permissive rules possible in your security groups. - Use Systems Manager Session Manager to access your instances without opening up port 22. - Manage the software on your instances. - Use separate EBS volumes for the operating system versus your data. - Ensure that the volume with your data persists after instance termination. - Use the instance store available for your instance to store temporary data only. - Regularly backup your EBS volumes using EBS snapshots. - Create an AMI from your instance to save its configuration as a template.
What is the least privilege you can give to a security group?
What is the purpose of SSM?
What is the default monitoring statistic for EC2?