Host and Instance Features
AWS is constantly evolving its security capabilities at both the
host and instance level of operations. These features provide
isolation and separation of operations for host hardware and the
instances running on those hosts. With the introduction of
AWS Nitro
System
In addition to providing highly secure, logically isolated,
multi-tenant compute services, AWS also provides means of
deploying compute to dedicated hardware using
Dedicated
Instances,
Dedicated
Hosts, and
Bare
Metal
There are little to no performance, security, or physical differences between Dedicated Instances and instances deployed on Dedicated Hosts. However, Dedicated Hosts give customers additional control over how instances are placed on a physical server and how that server is utilized. When customers use Dedicated Hosts, they have control over instance placement on the host using the Host Affinity and Instance Auto-placement settings. If customers want to use AWS, and have an existing software license that requires that the software be run on a particular piece of hardware for some minimum amount of time, Dedicated Hosts allow visibility into the host’s hardware, enabling customers to meet licensing requirements.