Deploying Linux Elastic Compute Cloud (EC2)
Create a Security Group
A Security Group operates at the subnet level to manage inbound and outbound traffic for resources in the VPC. In this lab, we will:
- Create a Security Group with inbound rules to allow:
- SSH (Source: MY IP ADDRESS).
- ALL ICMP IPv4 (Source: Everywhere).
- Set outbound rules to allow all traffic.
Steps:
Navigate to VPC Dashboard > Security Groups > Click Create Security Group.
/2-deploying-linux-EC2/image.png)
In the Create Security Group screen:
- Fill in the Security Group Name and Description.
- Select the VPC created earlier.
- Add Inbound Rules:
- SSH: Source = MY IP ADDRESS.
- ALL ICMP IPv4: Source = Everywhere.
- For Outbound Rules, choose All Traffic.
Click Create Security Group.
/2-deploying-linux-EC2/image-1.png)
/2-deploying-linux-EC2/image-2.png)
A confirmation screen will appear after successful creation.
/2-deploying-linux-EC2/image-3.png)
Deploy Linux EC2 Instance
Note: For cost savings, use t2.micro (Free Tier). However, in us-east-1, performance may not be adequate. Using t2.medium is recommended for better performance.
Instance Configuration:
- Type: t2.medium.
- Resources: 2 vCPU, 4 GB RAM, Medium Network Bandwidth.
Steps to Launch:
Go to EC2 Dashboard and click Launch Instance.
/2-deploying-linux-EC2/image-4.png)
In the Launch an Instance screen:
- Name and Tags: Enter a name for your instance.
- Application and OS Images: Select Amazon Linux 2023 AMI.
- Instance Type: Choose t2.medium.
- Key Pair: Click Create New Key Pair.
/2-deploying-linux-EC2/image-5.png)
/2-deploying-linux-EC2/image-6.png)
In the Create Key Pair dialog:
- Provide a Key Pair Name, select RSA, and set format to .pem.
- Click Create Key Pair and save the file to your computer.
/2-deploying-linux-EC2/image-7.png)
Network Settings:
- Select Edit.
- VPC: Choose the VPC you created earlier.
- Subnet: Select public1.
- Enable Auto-assign Public IP.
- For Firewall, select the Security Group created earlier.
Click Launch Instance.
/2-deploying-linux-EC2/image-8.png)
A confirmation screen will indicate the instance was created successfully.
/2-deploying-linux-EC2/image-9.png)
Connect to EC2 Instance via SSH
- In the EC2 Dashboard, select the instance and click Connect.
- Go to the SSH Client tab and copy the sample SSH command.
ssh -i "demo-s3-tables-kp.pem" ec2-user@ec2-<instance-public-ip>.compute-<region>.amazonaws.com
/2-deploying-linux-EC2/image-10.png)
Navigate to the directory containing your key pair file and paste the SSH command into your terminal.
Confirm a successful connection.
/2-deploying-linux-EC2/image-11.png)
Create an IAM Role and Attach to EC2 Instance
Step 1: Create IAM Role
Go to IAM Dashboard > Click Roles > Create Role.
/2-deploying-linux-EC2/image-12.png)
In Select Trusted Entity:
- Choose AWS Service.
- Use case: EC2.
/2-deploying-linux-EC2/image-13.png)
In Add Permissions:
- Add the permissions AmazonS3FullAccess and AmazonS3TablesFullAccess.
/2-deploying-linux-EC2/image-14.png)
Review and provide a name for the role.
Click Create Role.
/2-deploying-linux-EC2/image-15.png)
/2-deploying-linux-EC2/image-16.png)
Step 2: Attach IAM Role to EC2 Instance
Open the instance details, go to Actions > Security > Modify IAM Role.
/2-deploying-linux-EC2/image-17.png)
In the Modify IAM Role screen:
- Select the role you just created.
- Click Update IAM Role.
/2-deploying-linux-EC2/image-18.png)
A confirmation message will show a successful role attachment.
/2-deploying-linux-EC2/image-19.png)