Based on AWS Cloud Quest Learning Experience
-
AWS Management Console access
-
Basic understanding of cloud computing
-
Selected AWS Region (Cloud Quest typically uses us-east-1)
-
Log into AWS Management Console
-
Navigate to EC2 service
-
Click "Launch Instance" button
The AMI provides the information required for launching an instance.
-
Select Amazon Linux 2 AMI
-
This is a free-tier eligible option
-
Comes with common tools pre-installed
The Instance Type specifies the hardware of the host computer used for this instance. The instance types are grouped based on their compute, memory and storage capabilities.
-
Select t2.micro for free tier
-
Specifications:
-
1 vCPU
-
1 GB RAM
-
Variable ECU (Elastic Compute Units)
-
-
Key pair: Proceed without a keypair name (not recommended for irl scenarios, only suitable for lab environment) Amazon EC2 uses public key cryptography to encrypt and decrypt login information. Public key cryprography uses a public key to encrypt a piece of data and the recipient uses the private key to decrypt the data. The public and private keys are known as key pair.
-
Network: Lab VPC A Virtual Private Cloud resides in an AWS Region, but the Subnet resides within a single AZ (Availability Zone)
-
Subnet: Choose the one which represents your desired Availability Zone! For this example, we need to choose Subnet 1 for the AZ us-east-1a
-
Auto-assign Public IP: Enable
-
Keep other settings as default
The Firewall settings on AWS are known as Security Groups. The Security Groups control the traffic for one or more instances. Rules can be added to a security group for it to allow traffic from its associated instances.
-
Name the security group
-
Specify its characteristics in the description
-
Choose security group type (for this lab example, HTTP must be used)
-
Default: 8 GB root volume
-
Volume type: GP2 (General Purpose SSD)
-
Delete on termination: Yes
- Upload the user data file provided by the quest.
-
Review all configurations
-
Click "Launch"
-
Launch instance
-
Wait for instance state: "Running"
-
Check status checks: "2/2 checks passed"
-
Note the public IP address
# Example SSH command
ssh -i "your-key-pair.pem" ec2-user@your-public-ip
-
Always use security groups to control traffic
-
Keep your key pair file secure
-
Use tags to identify resources
-
Monitor instance metrics
-
Stop or terminate instances when not needed
-
Cannot connect to instance:
-
Check security group rules
-
Verify key pair permissions
-
Confirm instance is running
-
-
Instance launch fails:
-
Check service limits
-
Verify AMI availability
-
Review error messages
-
-
Free tier includes:
-
750 hours per month of t2.micro
-
30 GB of storage
-
1 GB of snapshots
-
-
Monitor usage to avoid charges
-
Stop instances when not in use
# Check instance status
aws ec2 describe-instances
# Stop instance
aws ec2 stop-instances --instance-ids i-1234567890abcdef0
# Start instance
aws ec2 start-instances --instance-ids i-1234567890abcdef0
# Terminate instance
aws ec2 terminate-instances --instance-ids i-1234567890abcdef0
-
Use principle of least privilege
-
Regularly update security groups
-
Use strong key pairs
-
Enable CloudTrail for auditing
-
Monitor AWS Trusted Advisor recommendations
-
Learn about Auto Scaling
-
Explore Elastic Load Balancing
-
Study AWS networking concepts
-
Practice with different instance types
-
Learn about AWS CLI commands
-
AWS Documentation
-
Cloud Quest game scenarios
-
AWS Well-Architected Framework
-
AWS Free Tier details
This guide is based on the AWS Cloud Quest learning experience and represents a simplified version of AWS instance creation. In production environments, additional security and configuration considerations may be necessary.