Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

Migrating EC2 Resources to Another Region

  1. Home
  3. AWS Certified Solutions Architect Professional (SAP-C02)
  5. Migrating EC2 Resources to Another Region

  • Migrating EC2 Resources to Another Region

  • We shall now discuss more about Migrating EC2 Resources to Another Region and get ready to Certify Now!
  • EC2 is a web service
  • EC2 provides resizable compute capacity
  • Migrating an instance involves
    • copying the data and images
    • ensuring that the security groups and SSH keys are present
    • then restarting fresh instances.

SSH Keys

  • AWS does not keep any SSH private keys after they are generated
  • public keys are made available to EC2 instances when they are running
  • retrieve a fingerprint of each key from  API, SDK, CLI or the AWS Management Console.
  • SSH public keys are only stored per region.
  • AWS does not copy or synchronize configured SSH keys between regions.
  • can log in to an existing Linux instance in the source region, obtain a copy of the public key (from
  • ~/.ssh/authorized_keys), and import this public key into the target region.
  • Auto Scaling launch configurations and CloudFormation templates might refer to SSH keys using the key pair name.

Key pairs in the AWS Management Console

Security Groups

  • restrict ingress traffic (or in VPC, ingress and egress traffic) to a group of EC2 instances.
  • Each rule in a security group can refer to the source (or in VPC, the destination) by
    • a CIDR notation IPv4 address range (a.b.c.d/x), or
    • by using the security group identifier (sg-XXXXXXXX).
  • Each security group can exist within the scope of only one region.
  • The same name can exist in multiple regions but have different definitions of what traffic is
  • permitted to pass.
  • Every instance being launched must be a member of a security group.
  • review configured security groups to ensure that the required level of network access restrictions is in place.
  • To export a copy of the definitions of existing security groups (using the command line tools), run the following command: ec2-describe-group –H -–region <sourceregionname> > security_groups.txt

Amazon Machine Images

  • It is a special type of preconfigured operating system image
  • used to create a virtual machine (an EC2 instance) within the EC2 environment.
  • AMI is assigned identifier, of form “ami-XXXXXXXX”, where ”X” is a hexadecimal value (0-9, A-F).
  • Each AMI is unique per region.
  • AMIs do not span multiple regions.
  • the same content of an AMI can be available in other regions
  • Each region has its own unique AMI ID for its copy of this data.
  • can create own AMIs from running instances
  • Migration of AMIs across regions is supported using the EC2 AMI Copy function
  • AMI Copy enables you to copy an AMI to as many regions as you want from the AWS Management Console, the Amazon EC2 CLI, or the Amazon EC2 API.
  • AMI Copy is available for AMIs backed by EBS and instance store-backed AMIs, and is operating system agnostic.
  • Each copy of an AMI results in a new AMI with its own unique AMI ID.
  • Any changes made to the source AMI during or after a copy are not propagated to the new AMI as part of the AMI copy process.
  • You must recopy the AMI to the target regions to copy the changes made to the source AMI.

Boost your chances to qualify and become AWS Certified SysOps Administrator Now!

Menu