We believe your privacy is very important. We use cookies to track your behaviour and provide a better experience
Backend Helpers | Automation and Software Development for Cloud Applicationses
Amazon EC2 is a service that provides computer power in the cloud. In this post we explore the basis of this service.
You need a valid AWS account to access any AWS service including EC2. You can create a free account by going to this link and filling the registration form:
In the following steps we are going to create a user with access to EC2 resources management
{ "Version": "2012-10-17", "Statement":[{ "Effect":"Allow", "Action":["ec2:*"], "Resource":"*" } ] }
In the following steps we are going to create a security group with access to EC2 resources:
The next screen will ask you to choose one or more security policies, search for the ec2-intro-post
and click next step button
Review if the data you entered is correct and click the create group button:
export AWS_ACCESS_KEY_ID="MY_KEY" export AWS_SECRET_ACCESS_KEY="MY_AWS_SECRET_ACCESS_KEY" export AWS_DEFAULT_REGION="eu-west-1"
AWS-cli is a command line interface written in python that is used to send commands and get information from AWS. As any standard package from python can be installed via pip:
pip3 install awscli
You can verify if the aws client was successfully installed in your system with the following command:
aws help
Amazon EC2 provides virtual private servers on demand. Users can create, destroy and modify resources such as disk, network interfaces, CPU, memory, etc. All the physical infrastructure is run by Amazon. This represents a very interesting opportunity for companies that can focus on building products without taking care of operational aspects such as physical security, hardware maintenance, etc.
aws help ec2
Amazon EC2 is hosted in multiple locations across the world. Each location is composed of Regions and Availability Zones. The following command shows a list of these regions and zones:
aws ec2 describe-regions
A security group behaves like a virtual firewall that controls the access to one or more EC2 instances. In the following steps we are going to create a security group and define custom rules for accessing instances. We also are going to associate this security groups to a user.
aws ec2 describe-security-groups
aws ec2 create-security-group --group-name "security_test" \ --description "Security group for testing"
The command aws ec2 authorize-security-group-ingress
is used to grant ec2 instances access via ssh:
aws ec2 authorize-security-group-ingress --group-name security_test \ --protocol tcp --port 22 --cidr 0.0.0.0/0
Note: 0.0.0.0/0
makes port 22 reachable from internet.
The command aws ec2 create-key-pair
creates a ssh key pair:
aws ec2 create-key-pair --key-name example_key \ --query 'KeyMaterial' --output text > ~/.ssh/example_key.pem
An AMI is a template that contains software configuration (Operative System, Applications, etc). An instance is a running copy of this template. Several instances may be created from a single AMI.
Amazon Linux is Linux distribution similar to Red Hat/ CentOs with the advantage that is developed and maintained by Amazon. The following functionalities are provided by this AMI:
We will choose for this post an AMI ami-047bb4163c506cd98
which is available only for eu-west-1
region . In the following link you can find a list of Amazon Linux AMIs for every region .
You can see the ami list using the aws ec2 describe-images
command:
aws ec2 describe-images --image-ids '["ami-047bb4163c506cd98"]'
EC2 provides multiple instances types. Every time chose a combination of resources such as memory, CPU, disk, etc. In this post we will use a small instance for general purpose computation with the code t2.nano
. In the following link you will find more information about the different options you have
The following command list all the instances by account:
aws ec2 describe-instances
The command aws ec2 run-instances
may be used to run a ec2 instance:
aws ec2 run-instances --image-id ami-047bb4163c506cd98 \ --instance-type t2.nano --key-name example_key \ --security-groups security_test
aws ec2 describe-instances
Run the command aws ec2 describe-instance
to get the public url for your instance in the value PublicDnsName. The username for amazon linux is ec2-user
ssh -i ~/.ssh/example_key.pem ec2-user@ec2-34-244-29-203.eu-west-1.compute.amazonaws.com
aws ec2 terminate-instances --instance-ids i-0f98d98291e4a5649