EC2 No-Frills Recipe
What follows is a no-frills, bare bones, recipe for a free-while-it-lasts tier compute instance on AWS. They are my notes from a lesson I'm following.
As with most things I post on here, it's slim on helpfulness (read: details) and fat on aiding my poor memory-making circuits. Your mileage will vary. But if you like gists of things, read on:
||fancy term for a virtual firewall. In other words mapping (allowed) services and their related protocols to ports.
||I'm sure it's more nuanced than that but for our purposes this the OS flavor you want.
- Before you do anything, ensure you're in the intended region (eg. I'm using US East (N. Virginia) ). You can usually set zones/regions while creating stuff... but eyes can glaze over, y' know? Best to start on the good foot.
- Find EC2 service in AWS and click to launch a new instance:
- Machine Image : just pick the first one (Amazon Linux 2 AMI)
- Instance Types : select a T2 micro
- do check "protect against accidental termination". click next
- Add Storage : seriously - just click next
- Tags : whatever nobody cares spawn whatever labels you want. Next.
- Security Groups : K start paying attention:
- wire up the ports you want to open, remembering that cidr values of
::0/0 basically mean accessible to all and sundry. Which is the sort of thing you'd want for a web server. For other things... not so much. Click launch ! :)
- Keypair Prompt : This whole endeavour will require assymetric encryption, so:
- if you already have a key pair, you'd like to use, select that and skip the steps below. Otherwise
- select create a new keypair in the dropdown box, then:
- Give it a name
- Cannot emphasises this enough: DOWNLOAD THE PRIVATE KEY RIGHT AWAY and store it in a safe place. (AWS will keep a copy of the public key)
- Wait for AWS to spin up your shiny new server! You will see it's been assigned an a public ip address, amongst other things.
- SSH to your instance*:
- Your username will always be ec2-user so connecting boils down to variants of
ssh ec2-user@<ip-address> -i <keyname>.pem presuming you're not on a public network or similar that blocks port 22.
- Another (easiest?) way is to install the
Secure Shell App chrome extension*, import a key pair (2 key files), and then come back and click the connect button for your instance.
- Update all packages (as root user)
> sudo su
> yum update -y
- The box is up to date - now do / install whatever you like! like a wee testable, reachable web server:
yum install httpd -y
service httpd start