Mount as EBS volume inside a EC2 instance

By default, if you provision and attach additional EBS volumes for an EC2 instance, they don’t get mounted by default.

The boot EBS is usually /dev/xvda1. Each additional EBS volume should be /dev/xvdb and so on.

First format the new volume:

sudo mkfs -t ext4 /dev/xvdb

Make a mount mount directory like /data, then mount it with:

sudo mount /dev/xvdb /data

Now you should see the new volume available:

$ df -h
Filesystem      Size  Used Avail Use% Mounted on
devtmpfs        3.9G     0  3.9G   0% /dev
tmpfs           3.9G     0  3.9G   0% /dev/shm
tmpfs           3.9G  432K  3.9G   1% /run
tmpfs           3.9G     0  3.9G   0% /sys/fs/cgroup
/dev/xvda1       20G  8.8G   12G  44% /
tmpfs           798M     0  798M   0% /run/user/1000
/dev/xvdb       7.8G   36M  7.3G   1% /data

Add a line to /etc/fstab to mount on startup:

/dev/xvdb /data ext4 defaults,nofail 0 2

These steps are from multiple places, mainly answers to this question.

Installing Oracle Instant Client and Tools in an AWS EC2

I’m using the AWS Amazon Linux 2 AMI on my EC2. To download the Oracle Instant Client get the download urls for the instant client and instant client tools from:

Download using curl and install with rpm:

curl instant-client-url-from-page-above --output instant-client.rpm
rpm -i instant-client.rpm
curl instant-client-tools-from-page-above --output instant-client-tools.rpm
rpm -i instant-client-tools.rpm

To connect using sql-plus:


Enter password when prompted.

Connecting to an AWS RDS Oracle instance from an EC2 in same VPC

I’ve created an RDS Oracle instance and I want to connect to it from an EC2 instance. I created both in the same VPC.

By default, even though they’re in the same VPC, the EC2 will not be able to connect to the Oracle instance because you still need to configure the Security Group to allow inbound traffic.

Let’s summarize the setup like this – both are in VPC1:

EC2 : Security Group SG-111

RDS Oracle instance: Security Group SG-222

Edit SG-222 for the Oracle instance, and add an inbound rule. Instead of adding a CIDR block range, start typing SG-111… and it will list matching SGs with that id – click to select the id for Security Group associated to the EC2. You’ve now allowed inbound traffic to your RDS Oracle instance from the EC2.