AWS Free tier which include 750 hours per month instance usage. 30 GB of storage. Expire 12 months after sign-up. You can find more information here about AWS free tire.
Prerequisite Before launching
To launch an instance in AWS first you need to sign-up or open an account. Opening an account in the AWS cloud require some information about you like name, postal address, email, a valid credit card and a phone number. During the sign-up procedure Amazon checks the validity of the card and also check 1 dollar availability. They didn’t make the real transaction just only check whether the card is real. After card verification they made a phone call on the provided phone number. A PIN number will be shown up on the registration screen which will need to enter from receiving phone key pad.
It takes seven steps to launch an EC2 Linux instances which are
- Choose AMI
- Choose Instance Type
- Configure Instance
- Add Storage
- Tag Instance
- Configure Security group
Let’s start the how tooo’s
Login to you AWS account and click on EC2
You will see the EC2 dashboard of AWS which looks like the below image. Click on launch instance.
Step 1: Choose Amazon Machine Image (AMI)
It’s the first step before launching an instance. from here you will choose the operating system. As we are using the free tire its better to check the “Free tire only” checkbox from the left menu.
Select operating system from the menu which you want to install. In our case we will select Ubuntu 14.04 LTS.
Step 2: Choose Instance Type
In this stage we will select the type of instance. t2.micro is eligible for free tire. Make sure t2.micro is selected. If you want to know about instance type you can find it here.
Click on “Configure instance detail” at the bottom of the page
Step 3: Configure Instance
In this stage we will configure our instance.
insert the number of instance you want. since we are using free tire so insert your number of instance carefully. I leave it default means 1.
Most crucial and vital part of the AWS instance is selecting the network and subnet which actually require some knowledge about VPC.
So what is a VPC?
According to AWS a Virtual Private Cloud (VPC) is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC. During the creation of VPC you can specify a range of IP address for the VPC in the form of Classless Inter-Domain Routing (CIDR) block. After creating the VPC you can create subnet inside that VPC.
Always remember that the subnet is a subset of VPC. you cannot create a subnet which address space is larger than VPC.
Lets explain the VPC and subnet with examples. Say you create a VPC and addressing it with 192. 168. 37. 0/24. Now you have to create a subnet in that VPC. You can create the subnet which will be a subset of that VPC means the subnet will look like this 192. 168. 37. 0/16 or 192. 168. 37. 128/25 etc. There is some reserve IP address on each subnet that you cannot use or assign to an instance. Usually first four IP and the last IP address in each CIDR block is reserved. Keep this in your mind when creating your subnet.
VPC is a big topic which i’ll try to explain some other day, but if you are interested about VPC you can find it here.
Next Enable “Auto-assign Public IP”.
After that You can select that shutdown behavior of the instance like stop, terminated etc.
You can protect your instance from accidental deletion or termination by click on “Enable termination protection”.
I leave the other options as default.
Next click on Add storage. You can also review and launch your instance from this stage.
Step 4: Add Storage
From this stage you can select the storage type and size of storage. 30 GB is allocated for the free tire user. default value is 8 GB. Choose your HDD size or you can leave it default.
Click on Tag Instance
Step 5: Tag Instance
Tagging helps you to categorize your server by different ways like purpose, owner etc. You can find more information about tagging here.
Step 6: Configure Security group
In this stage you can configure security for your instance like allow/deny ssh, http, smtp etc like you did in your Linux firewall.
Have a look at the source field. It’s showing “Anywhere 0. 0. 0. 0”, means anywhere from the world you can access this server, which increase the security risk of the server. There is an option in Source filed call “MyIP” which is actually detected your (home/office or the place from where you are login to your account) internet IP and assign that IP automatically in the Source field. It means you can only access to the server from that IP. You can chose that options also.
Step 7: Review
The final and last step before launch is the Review section. From this section you can review your instance and if needed you can make additional changes from here.
Click to launch
After clicking on launch a window will pop up and ask you to select a key pair or create a new key pair. This key will require to login this instance. Select “create a new key pair” and give it a name.
Click on download Key Pair and save the .pem file in your disk. Click “Launch Instances”
After some time you will see a confirmation message that your instance is launching.
Click on View instances
You will see a page like bellow
You will see your newly created instance in this page. You will find information related to your instance in this page. Check the Public DNS and Public IP value in Description tab we will need that information for connecting the instance.
Connect the instance
After successfully launch the instance its time to login. You can login to the instance from Windows, Linux and Mac. I’ll show you how to login this instance from different OS.
Login from Linux
Login with private key from Linux is very simple. Just copy your .pem file downloaded earlier from AWS into your local server. and follow the below procedure.
Give permission to the .pem file
#chmod 600 training.pem
#ssh -i training.pem user@yourawsinstance
Follow the same procedure for Mac.
Login form Windows
Login from windows to aws linux instance require an ssh client like putty. The .pem file need to be converted so that putty can understand it. For this puttygen is also required for converting the file.
Open the .pem file using puttygen by click on “Load” button. You will see a message like below.
Click ok and give a passphrase and confirm it in “Key passphrase” and “Confirm Key passphrase” field. The passphrase will require during login but the purpose of the passphrase has not authenticated the user rather its use for the safety of the key. if the key is stolen its need the passphrase to log in. Click save private key on puttygen and make sure that the file type is .ppk selected.
Save the file in your disk.
Open putty, enter your AWS Public IP or Public DNS in Host Name field.
Click on SSH->Auth from Category and put the location of your key.
Click open. For first time login putty will show you a security alert. click yes
Provide user name and press enter. It will ask the passphrase before login. Provide the passphrase and you are connected.
Woofs. that’s it for today.
Login to the AWS instance in this way is very secure. Because without the key you won’t able to login to the server.
Check my “How to SSH with Key” article so that you can implement this feature in your local server also.
That’s all for today. hope to see you soon with some new how tooo’s.
If you enjoyed the post, please share it with your network and let me know your thoughts in the comments.
About the Author: Imtiaz is working in a financial organization in Bangladesh and having experience in system, network and security administration. Feel free to contact with him on LinkedIn or Twitter.