1. Answers
  2. Protecting EC2 Instances from DDoS Attacks with AWS Shield

How do I protect EC2 instances from DDoS attacks with AWS Shield?

In this guide, we will demonstrate how to protect your EC2 instances from DDoS attacks using AWS Shield. AWS Shield provides protection against DDoS attacks, which can help ensure your applications remain available and performant. We will create an EC2 instance and apply AWS Shield protection to it.

Here is the complete Pulumi program to achieve this:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create a new EC2 instance
const ec2Instance = new aws.ec2.Instance("webServer", {
    instanceType: "t2.micro",
    ami: "ami-0c55b159cbfafe1f0",  // Amazon Linux 2 AMI
    tags: {
        Name: "WebServer",
    },
});

// Enable AWS Shield protection for the EC2 instance
const shieldProtection = new aws.shield.Protection("webServerProtection", {
    resourceArn: ec2Instance.arn,
    name: "WebServerProtection",
    tags: {
        Environment: "Production",
    },
});

// Export the EC2 instance's public IP
export const publicIp = ec2Instance.publicIp;

Key Points

  • EC2 Instance: We create an EC2 instance with a specified instance type and AMI.
  • AWS Shield Protection: AWS Shield protection is applied to the EC2 instance using its ARN.
  • Tags: Tags are added to both the EC2 instance and the Shield protection for better resource management.

Summary

In this guide, we created an EC2 instance and protected it from DDoS attacks using AWS Shield. We used Pulumi to define and deploy the infrastructure. AWS Shield helps safeguard your applications against DDoS attacks, ensuring high availability and performance.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up