Tutorial: Creating an EC2 Instance On AWS CLI Using MacOS:

By: Christopher Quiles

Introduction:

Think of an EC2 server as a virtual computer that you can use for whatever you like. It includes the same things a basic computer does such as a CPU, operating system, hard drive, network card, firewall for security, and ram for storage. In cloud terminology we call this an EC2 instance. In this tutorial we’ll walk through the process of creating an EC2 instance while using the AWS Command Line Interface. In the process, I’ll provide you with links to detailed sources. I’ll also be completing the project myself, to give you an example of what the results will look like on your end. You will see it labeled in the tutorial as “My Terminal” and “My Console.”

Installation:

First, you need to install an AWS Command Line Interface (CLI). “The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.” Click the link to follow the installation steps. https://aws.amazon.com/cli/

However, since we are using MacOS and ultimately looking to save time with a simpler process, I suggest using https://brew.sh/ for an efficient installation. Watch this video for a step by step process. https://youtu.be/fzqRGWQX2LM

Configure the AWS CLI

In this step we’re going to configure the command line. According to Wikipedia, “A configure script is an executable script designed to aid in developing a program to be run on a wide number of different computers. It matches the libraries on the user’s computer, with those required by the program before compiling it from its source code.”

You are going to need your AWS Access Key ID and AWS Secret from your Access Key located in the IAM section of AWS under security credentials of the user you have created. These are your account credentials, keep them private! Once you have these, type in your terminal “AWS configure” and you should see the options below appear in your terminal.

Also, you should know the default format of “AWS” commands can be in JSON, text, or table.

The region us-east-2 (Ohio) can be used for this lab. However, if you don’t know the name to your closest region, you can list them by typing the following.

Key Pair:

The AWS EC2 command stores the public key and outputs the private key for you to save to a file. Right now, we’ll go over what you need to put into your terminal to create key pairs on your command line. Also the steps to install a key pair inside your terminal are located at https://docs.aws.amazon.com/cli/latest/userguide/cli-services-ec2-keypairs.html.

Enter the following command to create your key-pair:

Replace areas where it says (MyKeyPair) with your own key-pair name.

Then type in the following command in your terminal to check your key pair is there:

My Terminal:

My Console:

Security Group

A security group is a virtual firewall which you can set rules to limit access to your instance. It does this filtering function at the TCP and IP layers, from their respective ports, and source/destination addresses.

First, we need to get our VPC ID. Type in the following command in your CLI.

The image below will show you where you can find your VPC-ID after your enter the command above.

My Terminal:

Now let’s create our security group. Type in the command below in your terminal.

Place the name of your keypair with the parts of the command that says “example” and “examplename” and place your VPC-id where is says “vpcidhere”.

My Terminal:

Make sure you save your Group ID for when we got to create the instance.

My Console:

Inbound Rules and Port 22 SSH:

Now we need to add inbound rules to our security group. Including allowing Port 22 SSH access. An example can be found at the following link: https://docs.aws.amazon.com/cli/latest/reference/ec2/authorize-security-group-ingress.html.

Next, you’ll need to copy and paste your security group id. Also, you will need to find your IP address. AWS has a website for this: http://checkip.amazonaws.com/.

Type the command below in your terminal:

Replace (examplename) with your security group name and replace (exampleipaddress) with your ip address.

The /32 after your IP Address is your CIDR notation. It is the highest number of bits allowed in In IPv4.

My Terminal:

You should see a similar command picture below on your terminal, after placing the command up top.

My Console:

Amazon Machine Image (AMI)

In case you don’t have experience with instances, Amazon Machine Images also called AMI’s are a required part of an EC2 instance. It is the basic software package you install on your instance. You can launch as many EC2 instances you want from the same AMI.

In my opinion, the easiest way to get your AMI code is to go into your EC2 Dashboard inside your console and click on Launch Instances.

Then find Amazon Linux 2 AMI and copy & paste the AMI code.

Now, in order to create our EC2 we will have to go and grab our security group ID from the console. It is located inside the EC2 Dashboard under Security Groups.

Next we need our subnet id and you can also get this from your AWS console. Go to your VPC dashboard and click on subnets. You will have a default subnet for each availability zone depending on the region you choose.

Keep in mind, all the information we retrieved from our console we can also get from our AWS CLI. For example, to get our subnet ID we would type the following command:

My Terminal:

A similar screen will appear in your terminal.

Let’s launch our EC2 instance:

An Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It provides elasticity to your computing so you can build failure-resistant apps in the cloud.

Here’s an AWS reference where you can find more information on launching an EC2 on CLI. https://docs.aws.amazon.com/cli/latest/userguide/cli-services-ec2-instances.html

We are going to be using t2.micro as our instance type because it is the only one available in the free tier. Type the command below in your terminal using the CLI.

Replace the (x’s) with your own parameter values and replace (keypairname) with your personal “keypairname.”

My Terminal:

You should see a similar page on your end.

My Console:

dfIt may take a few minutes for the instance to get up and running.

Connect our EC2 Instance to the internet:

First, copy the IPv4 public IP Address from your EC2 inside the AWS console. This could be found under the description tab underneath your running EC2. The example below is what your IP address should like on your end.

My Terminal:

Next, we need to change the chmod of the instance to chmod 400. We need to do this in order to give the user read permission, and it also removes all other permission as well. To make this happen, place the command below inside your terminal via CLI.

Replace (keypairname) with the name of your keypair.

Let’s connect our EC2 instance to the internet form the CLI. Copy and paste your IP Address and type the following in your terminal:

Replace (keypairname) with the name of YOUR key-pair and (ipaddress) with your IP.

My Terminal:

The EC2 instance is now up and running and connected to the internet.

Terminate:

To complete, let’s terminate the resources we have created.

First let’s delete our key-pair:

Replace (keypairname) with YOUR key pair name.

Now let’s delete our instance:

Replace the (x’s) with your instance ID number

Since our security group is attached to an instance, we can’t delete the security group without first deleting the EC2 instance.

Replace the (x’s) with your security group number.

My Terminal:

In your terminal you should now see your instance deleted as well.

My Console:

The instance is now terminated.

Viola! We’re all done. Thank you for checking out this tutorial. Hopefully you found this helpful.