MSDN Documentation

Introduction to Amazon EC2

Amazon Elastic Compute Cloud (EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. With Amazon EC2, you get access to the compute resources that you need to build and deploy your applications.

Key Concepts

  • Instances: Virtual servers in the cloud.
  • AMIs (Amazon Machine Images): Templates that contain the software configuration (operating system, application server, and applications) required to launch an instance.
  • Instance Types: Different configurations of CPU, memory, storage, and networking capacity.
  • Regions and Availability Zones: Geographic locations for deploying your resources.
  • Virtual Private Cloud (VPC): A logically isolated section of the AWS cloud where you can launch AWS resources.
  • Security Groups: Act as virtual firewalls for your instances to control inbound and outbound traffic.

Launching Your First EC2 Instance

This section guides you through the process of launching a basic EC2 instance.

  1. Navigate to the EC2 dashboard in the AWS Management Console.
  2. Click on "Launch Instance".
  3. Choose an Amazon Machine Image (AMI). For beginners, Amazon Linux 2 or Ubuntu Server are good choices.
  4. Select an Instance Type. t2.micro or t3.micro are free tier eligible and suitable for testing.
  5. Configure Instance Details (leave defaults for now).
  6. Add Storage: The default 8 GiB EBS volume is usually sufficient for a basic setup.
  7. Add Tags: Useful for organization, e.g., a 'Name' tag with a descriptive value.
  8. Configure Security Group: Create a new security group that allows SSH (port 22) access from your IP address.
  9. Review and Launch: Launch the instance. You'll be prompted to create or select a key pair. Download and save your key pair (.pem file) securely.

Understanding Security Groups

Security Groups act as stateful firewalls that control inbound and outbound traffic to your instances. You define rules that allow or deny traffic based on protocol, port range, and source/destination IP addresses or other security groups.

  • Inbound Rules: Control traffic coming into your instance.
  • Outbound Rules: Control traffic leaving your instance.
  • Stateful: If you allow an inbound request, the response is automatically allowed to pass outbound.
Important: For SSH access, ensure your inbound rules for TCP port 22 are configured to allow traffic from your specific IP address for enhanced security. Avoid opening it to 0.0.0.0/0 unless absolutely necessary and understood.

Connecting via SSH

Once your instance is running, you can connect to it using SSH. You will need your key pair file and the public IP address or DNS name of your instance.

For Linux/macOS:

chmod 400 your-key-pair.pem
ssh -i your-key-pair.pem ec2-user@your-instance-public-ip-or-dns

Replace your-key-pair.pem with the name of your downloaded key file, and your-instance-public-ip-or-dns with the Public IPv4 address or Public IPv4 DNS from your EC2 instance details.

For Windows: Use an SSH client like PuTTY. You'll need to convert your .pem file to PuTTY's .ppk format using PuTTYgen.

Elastic IPs

An Elastic IP address is a static, public IPv4 address designed for dynamic cloud computing. You can allocate an Elastic IP address to your AWS account and associate it with an instance. If an instance is stopped or terminated, you can reassociate the Elastic IP with another instance.

Tip: Elastic IPs are free when associated with a running instance. However, you are charged for Elastic IPs that are allocated but not associated with an instance.

EC2 Storage Options

EC2 instances can be provisioned with various storage options:

  • Amazon Elastic Block Store (EBS): Persistent block storage volumes for use with EC2 instances. Ideal for operating systems, databases, and file systems.
  • Instance Store Volumes: Temporary block-level storage attached to the host computer. Data is lost when the instance is stopped, terminated, or the host fails. Useful for caching or temporary data.
  • Amazon S3: Object storage service, often used for storing and retrieving any amount of data from anywhere on the web.

Monitoring EC2 Instances

AWS provides tools to monitor the performance and health of your EC2 instances:

  • Amazon CloudWatch: Collects and tracks metrics, collects and monitors log files, and sets alarms. Basic EC2 metrics are available for free.
  • AWS Health Dashboard: Provides information about AWS service health and account-specific events.

Key metrics to monitor include CPU Utilization, Network In/Out, Disk Read/Write Operations, and Status Checks.