Launching EC2 instances is one of the most basic tasks AWS cloud users perform. AWS makes it easy to complete the EC2 instance launch process, but there are still many steps involved.
While there are multiple ways to create an EC2 instance, this tutorial walks through these steps in AWS Console. It also provides input on important considerations and key concepts.
The AWS Console, alternatively called the AWS Management Console, is a GUI to provision and manage resources and deployments on AWS. It is a collection of management consoles for the various services that make up the AWS cloud.
Step 1. Select a region
One of the most important steps is to select the desired AWS region. This can be done from the top navigation bar of the AWS Console.
Step 2. Navigate to the EC2 Console
Once you select the desired AWS region, go to the EC2 Console. From the same landing page, search for EC2 (Figure 1). Your landing page in the management interface will likely display EC2 among the most commonly used services in the account.
Once you arrive at the EC2 Console, from the left navigation menu, choose the Instances option.
Under Instances is a list of the EC2 instances deployed in the account. There is also a Launch instances button on the top right section of this page; clicking on that button brings you to the EC2 instance launch flow (Figure 2).
Step 3. Create the EC2 instance
An EC2 instance is a virtual server deployed in the AWS cloud. The first server-specific configuration to choose is the Amazon Machine Image (AMI). An AMI is a base server image stored in the cloud (Figure 3). It contains the OS, preinstalled software as well as data included in the EC2 instance when it launches.
AWS offers a set of AMIs for OSes, including the following:
- Amazon Linux
- Apple macOS
- Red Hat Enterprise Linux
- Microsoft Windows
AWS Marketplace allows external vendors to publish their own AMIs and make them available to AWS customers.
Developers can also create their own AMIs. Unique AMIs can customize any of the available images with preinstalled software and files or other elements. Developers can expose an AMI privately -- only to a configurable list of AWS accounts -- or publicly for others to use.
Step 4. Choose an instance type
After selecting the AMI, the next step is to choose an instance type (Figure 4). There are close to 500 types of EC2 instances in instance families. They are grouped by characteristics in terms of compute, memory, storage and networking resources. Most instances are billed by the minute. Pricing is proportional to the resources allocated to it, such as memory, vCPUs, Elastic Block Store (EBS)/SSD storage and the network's data throughput rate.
To select an EC2 instance, you must understand the application infrastructure requirements and the right EC2 instance type to meet them. Under-provisioned EC2 instances encounter performance problems, while over-provisioned instances result in an unnecessarily high bill.
After selecting the instance type, move to the Configure Instance Details section (Figure 5). This section includes the following:
- parameters related to the number of instances to launch;
- optional Spot Instances, which can be configured to a maximum per-hour cost;
- network (virtual private cloud, subnets, public IP assignment, DNS configuration);
- permissions (AWS Identity and Access Management roles assigned to the EC2 instance);
- tenancy (shared, dedicated, host);
- termination protection;
- detailed monitoring in one-minute intervals or the five-minute default;
- file systems, where you can attach the instance to an Amazon Elastic File System (EFS) volume;
- domain directory to join a directory managed by the AWS Directory Service;
- shutdown behavior (stop or terminate the instance if an OS-level shutdown occurs); and
- user data, where you can add commands executed at launch.
Step 5. Configure storage
Most EC2 instances attach to an EBS volume, which is configured in this section. Specify the storage size in gigabytes and the storage type options (Figure 6). Options include various generations of general-purpose SSD or provisioned IOPS as well as older-generation magnetic volumes (not recommended). Storage-optimized instance types, such as EC2 C5d, come with built-in SSD storage.
Users can also choose a shared file system powered by the EFS service.
Step 6. Tag the instance
A consistent tagging strategy across AWS resources is an operational best practice. Therefore, appropriately tagging the new instance is important.
Specify a Name tag to easily identify the EC2 instance in the console after it's launched (Figure 7).
Step 7. Build in security
Security groups in AWS determine a set of access rules for both incoming and outgoing traffic in the EC2 instance (Figure 8). The settings include port ranges, IPs or security group IDs assigned to resources trying to access an EC2 instance. Limit incoming traffic to only the set of parameters strictly required to access an EC2 instance. Avoid generic rules that allow open access to a wide range of ports and IP addresses.
You can either select an existing security group or create a new one.
Step 8. Enable SSH access with a key
The last step is to create an EC2 key or select an existing one (Figure 9). The key is used to enable Secure Shell (SSH) access into the EC2 instance.
With Windows instances, the private EC2 key helps generate an admin password to access the instance. AWS stores a copy of the public key inside the EC2 instance. Users keep the private key.
It's the developer's responsibility to store the generated key file in a secure location, given that this file enables someone to access the EC2 instance and run commands in it.
Once this step is completed, the EC2 instance goes into a pending state, which typically lasts less than one minute. The instance then transitions into a running state, and it's ready to be used.
Even though the AWS Console offers an intuitive way to launch EC2 instances, AWS users have to do a lot of manual work. For that reason, many prefer a different interface in the long term. This is particularly true for situations where they will launch multiple EC2 instances over time.
Other ways include the AWS Command Line Interface or services like AWS CloudFormation for infrastructure as code. These methods apply automation, standardization and repeatability to EC2 instance creation. There is minimal to no manual intervention.