5.2 Create Your First EC2 Instance Part 1
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
3 hours 27 minutes
in this video,
we will create our first easy to instance
we will create our first security group.
We will create a P K. I keep pair for you, see two instance
and create a Web server on our instance.
In our last video, we introduced the fundamentals of the sea, too.
In this video, we will lap it up
and create our first easy to instance, step by step.
So from the management console, let's type easy to then enter.
This takes us to the EEC to dashboard
under. The resource is
you can see that we have zero in running instances
or any other related instance types.
We do have one security group that is part of our default. VPC
more on VP sees in upcoming lessons
and of course, we are in the U. S. East North Virginia region.
So let's click. Launch instance
Here is where we can select our Amazon machine images
and Amazon machine image is basically a pre built virtual machine.
If we scroll down,
we could see the variety of platform types that are available to us.
Let's click free tier
to filter just those images that come is part of our free tier subscription.
For the purposes of our course,
we will be working primarily with the Amazon Lennox machine image.
There are two types of images.
HTM, which stands for a hardware virtual machine,
and P V, which stands for power. Virtual
the differences between the two are related to how they boot
and what special hardware extensions that they can take advantage of.
We will leave it as the default value,
so click select.
This takes us to the choose instance type screen.
This is where we can see a full list
and description of the various
AM I sizes and performance levels that are available.
Let's leave it as the default T to micro instance and click configurations.
This is where we configure our instance details.
By default. We run one instance,
but we have the ability to launch his many as we need.
Purchasing option is where we could select the type of instance, such as on demand reserved or spot
that we discussed. In our last lesson.
I will select
request spot instances to demonstrate the concept further.
Here are the current prices, for instance, type
rated per hour.
If anyone has ever traded stocks
this is similar to creating a limit order
where we provide the target price that we would buy it
with spot instances. We provide the maximum amount that we're willing to pay for a spot instance per hour.
I will bid five cents.
Many of these are self explanatory,
but a useful description pops up
when we hover over them.
Network is important,
and we will dive in much deeper. During our VPC lessons.
We will allow Amazon to assign our instance an I P. Address
are out of scope for our course.
Scroll down further.
Actually, I will. Just my screen so that we could see the options at the bottom
under advanced details
is where we can script the creation of our instances.
We will actually do this in the future lesson, so stay tuned.
Next. Let's click. Add storage.
This brings us to the root volume.
The route volume is like the C drive on your computer,
and it is where the system will boot from
by default. The volume is eight Gibby Bites.
Volume type refers to the type of underlying disc that the instance will use,
and by default,
the boot volume gets deleted when we terminate the instance.
And, of course,
since this is a boot, Dr Essentially
it's system files are not encrypted.
Let's click. Add volume.
Here we can add additional storage.
This storage is designed to persist,
so I noticed that the dolly on termination check boxes not selected,
and we have the option of encrypting the files on the drive.
Since this is just a demonstration,
I will cancel adding the additional volume.
Next, let's click. Add tags.
Here we can add tags that can help us to identify the purpose of the instance.
So I will just add a couple of tags.
Next we click Configure Security Group.
The security group is basically the firewall. For instance,
let's create a new one. For instance,
I will call this cyber ery demo D M Z,
and then copy and paste the name into the description
S s Ages allowed
sssh allows us to securely interact with our instance from its command line.
We will need to add more ports since our instance will be a Web server.
So let's add H T T p for Internet traffic
and H T T P s
for SSL traffic
We can restrict who can access our instance from the Internet.
If I select my I P,
then it automatically will populate my I P address.
I will leave it as anywhere for now.
And then you see below that Amazon is warning me to restrict which I p addresses can reach our instance.
This is actually a security best practice.
Next, let's click review and launch.
This takes us to the review
of our spot instance Request.
We selected the Amazon Lennox. Am I
a tea to micro instance,
with just the instant storage.
Next we review our security group
noticed that our security group creates rules for I p Version four
and I pee Version six.
The instance. Details just contains a bit more detailed information about our instance.
Next we expand storage
where we see our route volume
and then we expand tags.
What we can see. The tags that we created,
everything looks as we expect.
So let's attempt to launch our instance
when we click Launch were prompted to either select an existing keep hair or create a new pair.
So, as a quick analogy,
I think of the key pair
as a lock box and the key
represents the public key
while the private key can be compared to the key that opens the lock box.
So let's select creating new key pair.
Then we give it a name.
I will name this one. Cyber Eri
underscored d m z.
Then we click download key pair
A W s then generates a private key for us in a text file.
This will be the key that we must use to access our E c two instance
A W s ensures that we acknowledge this fact
that we have the private key in our possession.
Then we click, create spot instance
and we see that our instance creation has failed.
Perhaps the spot instances unavailable at the rate that I set my bid for.
So let's go back to our am I
and remove the spot instance request
and just used the on demand option
Acknowledge the private key warning again
and launch our instance
This time our launch is successful.
We can click view instances to see the real time status of our instance
are instances pending
down here we can view the public i p address that a W S has assigned, for instance,
copy this to the clipboard because we will need it to access our instance.
Great job, everyone.
Now that we have our instance up and running, feel free to take a break
in the next part of our lab. We will log into our instance from the command line interface. See you in the next video.