Introduction to EC2
VP of Growth in Marketing
AWS EC2 is one of the core services of the AWS ecosystem that you absolutely must know to be successful in a cloud-related career. Even if your app doesn't run on EC2, utilizing EC2 instances for development and to perform other tasks is critical to a well-architected AWS solution. In this learning activity, we are going to create an EC2 instance, create and customize a security group to allow access, and createa key pair in order to ensure our access is secure.
In this lab, we will cover the following objectives:
- Create an EC2 instance
- Understand instance types and select a t2.micro instance
- Create and customize a security group
- Create a key pair to SSH into the instance
Before we begin, make sure you are in the
N. Virginia region. You can find your current region in the top right of the page (beside the "Support" link in the navigation bar). If you are in a different region, click on it and choose
N. Virginia. This is required for the lab environment to function properly.
Launch a New Instance
The written portion of the this lab provides the steps necessary to complete it. Watch the video guide for detailed instruction.
Navigate to EC2 Dashboard by clicking the Services dropdown menu from the navigation bar at the top of the AWS website. Click EC2 under the Compute section to launch the EC2 Dashboard.
Use the Launch Instance button to create a new instance.
Amazon Linux AMIat the top of the list (if you don't see it immediately, click the Quick Start tab on the left).
Leave the default selection of
t2.microInstance Type and click the Next: Configure Instance Details button in the bottom right.
Take note of the Network and Subnet settings, but they should remain unchanged for this lab. Ensure the Auto-assign Public IP setting is set to
Enable. All other settings can remain unchanged. Once you've verified these details, click the Next: Add Storage button in the bottom right.
This page will allow us to automatically provision additional Elastic Block Storage volumes and connect them to our EC2 instance, which we could use to configure additional storage. Check the Elastic Block Storage section later in this written guide for more information. For this lab, we can leave the defaults and click the Next: Add Tags button in the bottom right.
We can use the default entry with the "Name" key to give our instance a fitting name. Given the nature of this lab in particular, "learning-ec2" seems to be an appropriate name. In the "Value" column, type the name
learning-ec2. Click the Next: Configure Security Group button in the bottom right.
Near the top of the page, you should see the Assign a security group label that lets us choose to create a new security group or select an existing one. For this lab, we will want the Create a new security group option. Since an SSH rule is included by default, we can move on. (Note: In practice, it is safer to restrict the Source setting. The default setting allows all sources.)
Click the Review and Launch button in the bottom right.
Review the settings and click the Launch button in the bottom right. We will receive a prompt about a key pair.
Choose to Create a new key pair and type in a Key pair name of
Use the Download button and save the file to your
Finally, click the Launch Instances button to instruct AWS to launch an instance with the setting's we've defined. Once you see it, click the View Instances button.
Our new instance is now launching. We need to wait for it to be in a State of
running and the Status checks need to show
2/2. This may take a few moments, so let's take a quick look around AWS.
Useful Sections to Notice
Viewing EBS Volumes
Let's start by taking a look at the Elastic Block Store (EBS) volume being created. You may remember it being mentioned earlier in the lab when configuring our instance. This is where you can see a list of all volumes associated to your account and current region.
- Navigate to the EBS Volumes dashboard. In navigation list in the left side of the page, click the Volumes link under the Elastic Block Store label.
If you have multiple instances and/or multiple volumes per instances, you will see them all listed here (notice that you can see the one that was created for our new instance). You can also use this dashboard to view information about the volume, including which instance a volume belongs to.
Viewing Security Groups
Check out the Security Groups dashboard of AWS. This dashboard allows us to view and edit the security groups associated with your account and current region.
- Click the Security Groups link under the Network & Security label in the navigation list on the left side of the page.
You can select a group from the list and change its inbound/outbound rules, etc, in the pane at the bottom of the list. There's no need to change anything for this guide, but this dashboard will come in handy down the road.
Viewing Key Pairs
Let's also take a look at the Key Pairs dashboard.
- Click the Key Pairs link under the Network & Security label in the navigation list on the left side of the page.
This dashboard gives you the ability to manage key pairs for your EC2 instances. A key pair can be associated to either a single instance or multiple instances. You can create and delete them from here.
Connect to the Instance with SSH
Now that our new instance has had a little time to start running, let's go check to see if it's ready to connect. Let's go back to the list of instances on AWS.
- Click the Instances link from the list on the left side of the page).
Keep in mind that instance should show
running as its Instance State, and
2/2 checks... as its Status Checks before we should connect via SSH. If your instance isn't ready yet, wait a few moments before continuing. Once it's ready:
Ensure only the
learning-ec2instance is selected, then click the Connect button above the list to view connection details.
Copy the "Example" command near the bottom and open a terminal window.
Navigate your terminal to the directory containing the key pair you we downloaded earlier. If you followed along, yours will be in your Downloads folder. Run the
cd ~/Downloadscommand to point terminal there.
To ensure the key pair is not publicly viewable, change its permissions by running the
chmod 400 first-instance.pemcommand.
Paste the command you copied from AWS a moment ago and run it. You will be asked to accept the finger print, then you will be logged into your instance.
From here, you can install software, modify settings, etc.
Congratulations! You just created a new EC2 Instance with AWS and logged into it remotely using SSH!