Amazon EC2 (Elastic Compute Cloud) is a cornerstone AWS service that provides resizable virtual servers, known as “instances,” in the cloud. It allows you to run applications on the AWS infrastructure, giving you complete control over your computing resources, including the operating system, networking, and storage, much like a physical server but with the elastic scalability and pay-as-you-go flexibility of the cloud.
Key Takeaways
- EC2 provides virtual servers called “Instances.” This is the fundamental compute service in AWS.
- Instances are launched from an Amazon Machine Image (AMI), which is a template containing the operating system and software.
- Instance Types define the hardware profile of your instance, including CPU, memory, storage, and networking capacity (e.g.,
t2.micro,c5.large). - Security Groups act as a virtual, stateful firewall for an instance, controlling inbound and outbound traffic. By default, all inbound traffic is denied.
- Key Pairs are used for securely connecting to Linux instances via SSH. You download the private key, and AWS stores the public key.
- Instances get a Private IP Address from their VPC subnet and can optionally have a Public IP Address for internet access.
AWS EC2 Explained
Now that we understand the basics of AWS, let’s look at the most fundamental compute service: Amazon Elastic Compute Cloud, or EC2. If you need to run a web server, an application server, or even a virtual router in the cloud, EC2 is where you will start. We’re going to dive into the core components you need to know to launch and connect to your first virtual server.
Core Components of an EC2 Instance
When we launch an EC2 instance, we are essentially building a virtual server from a set of components. Let’s look at the most important ones.
- Amazon Machine Image (AMI): An AMI is a pre-configured template for your instance. It includes the operating system (e.g., Amazon Linux, Ubuntu, Windows Server) and can also include pre-installed application software. You can choose from AMIs provided by AWS, the AWS Marketplace, or even create your own.
- Instance Type: This determines the hardware resources for your instance. AWS offers a wide variety of instance types optimized for different tasks. For example, “t” series (like
t2.micro) are general-purpose and burstable, while “c” series are compute-optimized. Your choice affects both performance and cost. - Amazon EBS (Elastic Block Store): EBS provides persistent block-level storage volumes for use with EC2 instances. Think of an EBS volume as a virtual hard drive. It persists independently from the life of an instance, so if you terminate the instance, the data on the EBS volume can be preserved.
- Networking: When you launch an instance, it must be placed in a VPC (Virtual Private Cloud) and a specific Subnet within that VPC. It automatically receives a private IP address from the subnet’s range and can optionally be assigned a public IP address for internet connectivity.
- Security Group: This is a virtual firewall for your EC2 instance that controls inbound and outbound traffic. Security groups are stateful, meaning if you allow an inbound connection, the return traffic is automatically allowed. By default, security groups block all incoming traffic.
- Key Pair: For Linux instances, a key pair is used to securely authenticate when you connect via SSH. It consists of a public key that AWS stores on the instance and a private key that you download and store securely. You cannot download the private key after you create it, so you must save it in a safe place.
Let’s Launch an EC2 Instance
Let’s walk through the high-level steps to launch a basic EC2 instance in the AWS Console. This process beautifully illustrates how all the components come together.
1. In the AWS Console, navigate to the EC2 service and click Launch instances.
2. Choose an AMI: We’ll start by selecting an AMI. A good choice for beginners is the “Amazon Linux” AMI, which is maintained by AWS and is eligible for the Free Tier.
3. Choose an Instance Type: Next, we select the hardware. The t2.micro instance type is also Free Tier eligible and is perfect for learning and small tests.
4. Configure a Key Pair: This is a critical step for access. We’ll be prompted to create a new key pair. Give it a name (e.g., aws-key) and download the .pem file. Store this file securely!
5. Network Settings: Here we can select the VPC and subnet. For now, the default VPC is fine. We will also configure the Security Group. Click “Edit” and create a new security group that allows inbound SSH traffic (port 22) from your current IP address for security. Without this rule, you won’t be able to connect.
6. Launch: Review the summary and click Launch instance. In a minute or two, your virtual server will be running in the cloud!
Connecting to Our Instance
Once the instance state is “running,” we can connect to it. Select the instance in the console, and in the details pane, find its Public IPv4 address.
Using a terminal on your local machine (macOS, Linux, or Windows with WSL/PuTTY), you can connect using SSH. The command will look like this. Make sure you are in the same directory where you saved your .pem key file.
# First, ensure your key file has the correct permissions
chmod 400 aws-key.pem
# Connect to the instance using SSH
ssh -i "aws-key.pem" ec2-user@YOUR_PUBLIC_IP_ADDRESSReplace YOUR_PUBLIC_IP_ADDRESS with the IP of your instance. The default username for Amazon Linux is `ec2-user`. If you successfully connect, you’ll have a command prompt on your new cloud server!
Conclusion
We’ve now seen how Amazon EC2 acts as the foundational compute service within AWS. We learned that an instance is a virtual server built from components like an AMI, an instance type, and EBS storage. We also covered the critical role of networking, Security Groups, and key pairs in launching and securing our instance. Having hands-on experience launching and connecting to an EC2 instance is a fundamental skill for anyone working with AWS and is a core topic in certifications like the AWS Certified Solutions Architect.
Leave a Reply