Penetration Testing Policy for Amazon EC2
http://aws.amazon.com/security/penetration-testing/ read this if you need to conduct pen and security testing on / from EC2 instances
Aws
EC2 Site Architecture Diagrams - RightScale Cloud Management Support Portal
http://support.rightscale.com/12-Guides/EC2_Best_Practices/EC2_Site_Architecture_Diagrams#Multiple_Availability_Zone_Setup
EC2 Site Architecture Diagrams - RightScale Cloud Management Support Portal
http://support.rightscale.com/12-Guides/EC2_Best_Practices/EC2_Site_Architecture_Diagrams#Multiple_Availability_Zone_Setup Web architecture site design diagrams from RightScale. It tells you basic ideas how to design redundant web application infrastructure in amazon cloud
Sören Bleikertz - On Amazon EC2's Underlying Architecture
http://openfoo.org/blog/amazon_ec2_underlying_architecture.html Some description of EC2 Internals. EC2s are XEN VMs, mine is currently using Xen 3.0.3-rc5-8.1.14.f , which appears to be F14 Xen package re-build on RHEl5.x (this is by looking at compiler version) . Some info in the article appears to a bit outdated
Summary of the Amazon EC2 and Amazon RDS Service Disruption
http://aws.amazon.com/message/65648/ Postmortem for the April-2011 EC2/EBS outage. It looks like a human errors plus unfortunate cascade of events lead to a requests storm that brought down EBS storage. Also, it appears that Amazon mis-estimated spare storage capacity needed for recovery from such events.
[slideshare] Netflix in the cloud 2011 - Adrian Cockcorft
http://www.slideshare.net/adrianco/netflix-in-the-cloud-2011 Slides from Adrian Cockcorft, Netflix director of cloud systems about current state [for 2011] of Netflix’s AWS-based architecture
http://techblog.netflix.com/2010/12/5-lessons-weve-learned-using-aws.html
http://techblog.netflix.com/2010/12/5-lessons-weve-learned-using-aws.html Notes from netflix tech blog about some key points of their EC2-based infrastructure design. Note that netflix is not affected by the current EBS problems in AWS US-EAST region. Their key point seems to be to equally split your infrastructure between 3 AZs (availability zones) and run at ~30% capacity, so if 2 AZs fail (as we have now) you would still running in one AZ @ 90%
Who is affected by EC2? - EC2Disabled.com [by Amazon AWS outage of 21 April 2011]
http://ec2disabled.com/ The subj. looks really bad!
AWS is down: Why the sky is falling - justinsb's posterous
http://justinsb.posterous.com/aws-down-why-the-sky-is-falling A blog post explaining nature of the current Amazon AWS outage. The deal is that several so-called availability zones (AZ) failed simultaneously in amazon US-EAST region, even though amazon’s FAQ describe such event to be unlikely. Many interesting comments – read them!
[Amazon AWS] PCI DSS Level 1 Compliance FAQs
http://aws.amazon.com/security/pci-dss-level-1-compliance-faqs/ Amazon AWS is “PCI DSS 2.0 Level 1 -compliant Shared Hosting Provider”. i.e. you can build your PCI-DSS compliant infrastructure using EC2, S3, EBS and VPC to store and process payment card data