Skip to main content

Introduction to EC2

Hands-On Lab


Photo of Christophe Limpalair

Christophe Limpalair

VP of Growth in Marketing





AWS EC2 is one of the core services of the AWS ecosystem that you absolutely must know to be successful in a cloud-related career. Even if your app doesn't run on EC2, utilizing EC2 instances for development and to perform other tasks is critical to a well-architected AWS solution. In this learning activity, we are going to create an EC2 instance, create and customize a security group to allow access, and createa key pair in order to ensure our access is secure.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.


In this lab, we will cover the following objectives:

  • Create an EC2 instance
  • Understand instance types and select a t2.micro instance
  • Create and customize a security group
  • Create a key pair to SSH into the instance

Before we begin, make sure you are in the N. Virginia region. You can find your current region in the top right of the page (beside the "Support" link in the navigation bar). If you are in a different region, click on it and choose N. Virginia. This is required for the lab environment to function properly.

Launch a New Instance

The written portion of the this lab provides the steps necessary to complete it. Watch the video guide for detailed instruction.

  • Navigate to EC2 Dashboard by clicking the Services dropdown menu from the navigation bar at the top of the AWS website. Click EC2 under the Compute section to launch the EC2 Dashboard.

  • Use the Launch Instance button to create a new instance.

  • Select the Amazon Linux AMI at the top of the list (if you don't see it immediately, click the Quick Start tab on the left).

  • Leave the default selection of t2.micro Instance Type and click the Next: Configure Instance Details button in the bottom right.

  • Take note of the Network and Subnet settings, but they should remain unchanged for this lab. Ensure the Auto-assign Public IP setting is set to Enable. All other settings can remain unchanged. Once you've verified these details, click the Next: Add Storage button in the bottom right.

  • This page will allow us to automatically provision additional Elastic Block Storage volumes and connect them to our EC2 instance, which we could use to configure additional storage. Check the Elastic Block Storage section later in this written guide for more information. For this lab, we can leave the defaults and click the Next: Add Tags button in the bottom right.

  • We can use the default entry with the "Name" key to give our instance a fitting name. Given the nature of this lab in particular, "learning-ec2" seems to be an appropriate name. In the "Value" column, type the name learning-ec2. Click the Next: Configure Security Group button in the bottom right.

  • Near the top of the page, you should see the Assign a security group label that lets us choose to create a new security group or select an existing one. For this lab, we will want the Create a new security group option. Since an SSH rule is included by default, we can move on. (Note: In practice, it is safer to restrict the Source setting. The default setting allows all sources.)

  • Click the Review and Launch button in the bottom right.

  • Review the settings and click the Launch button in the bottom right. We will receive a prompt about a key pair.

  • Choose to Create a new key pair and type in a Key pair name of first-instance.

  • Use the Download button and save the file to your Downloads directory.

  • Finally, click the Launch Instances button to instruct AWS to launch an instance with the setting's we've defined. Once you see it, click the View Instances button.

Our new instance is now launching. We need to wait for it to be in a State of running and the Status checks need to show 2/2. This may take a few moments, so let's take a quick look around AWS.

Useful Sections to Notice

Viewing EBS Volumes

Let's start by taking a look at the Elastic Block Store (EBS) volume being created. You may remember it being mentioned earlier in the lab when configuring our instance. This is where you can see a list of all volumes associated to your account and current region.

  • Navigate to the EBS Volumes dashboard. In navigation list in the left side of the page, click the Volumes link under the Elastic Block Store label.

If you have multiple instances and/or multiple volumes per instances, you will see them all listed here (notice that you can see the one that was created for our new instance). You can also use this dashboard to view information about the volume, including which instance a volume belongs to.

Viewing Security Groups

Check out the Security Groups dashboard of AWS. This dashboard allows us to view and edit the security groups associated with your account and current region.

  • Click the Security Groups link under the Network & Security label in the navigation list on the left side of the page.

You can select a group from the list and change its inbound/outbound rules, etc, in the pane at the bottom of the list. There's no need to change anything for this guide, but this dashboard will come in handy down the road.

Viewing Key Pairs

Let's also take a look at the Key Pairs dashboard.

  • Click the Key Pairs link under the Network & Security label in the navigation list on the left side of the page.

This dashboard gives you the ability to manage key pairs for your EC2 instances. A key pair can be associated to either a single instance or multiple instances. You can create and delete them from here.

Connect to the Instance with SSH

Now that our new instance has had a little time to start running, let's go check to see if it's ready to connect. Let's go back to the list of instances on AWS.

  • Click the Instances link from the list on the left side of the page).

Keep in mind that instance should show running as its Instance State, and 2/2 checks... as its Status Checks before we should connect via SSH. If your instance isn't ready yet, wait a few moments before continuing. Once it's ready:

  • Ensure only the learning-ec2 instance is selected, then click the Connect button above the list to view connection details.

  • Copy the "Example" command near the bottom and open a terminal window.

  • Navigate your terminal to the directory containing the key pair you we downloaded earlier. If you followed along, yours will be in your Downloads folder. Run the cd ~/Downloads command to point terminal there.

  • To ensure the key pair is not publicly viewable, change its permissions by running the chmod 400 first-instance.pem command.

  • Paste the command you copied from AWS a moment ago and run it. You will be asked to accept the finger print, then you will be logged into your instance.

From here, you can install software, modify settings, etc.

Congratulations! You just created a new EC2 Instance with AWS and logged into it remotely using SSH!