Security Groups

• Region specific
• Default: inbound blocked, outbound allowed
• If you allow inbound → that outbound is automatically allowed too

EC2 Purchasing Options

On Demand — pay as you go, highest cost

Reserved — 30-70% cheaper, commit for 1yr or 3yr

• Standard — no changes allowed
• Convertible — can change instance type, OS etc.

Savings Plan — like reserved but more flexible (commit to spend, not instance type)

Spot Instances — up to 90% discount

• You set a max price — if spot price goes above it, instance gets terminated
• One-time request → terminates and stays gone
• Persistent request → tries to recreate after termination
• Not suitable for production/critical apps
• Spot Fleet — manage multiple spot instances automatically with launch pools, budget, and allocation strategy (lowest price / diversified / capacity optimized)

Allocation Strategies:

• Lowest Price — cheapest pool always
• Diversified — spread across all pools (safer)