Say Hi

Dynamically Load Ansible Inventory with EC2 IP

2024-05-20

Introduction

Amazon Elastic Compute Cloud (EC2) is a core service of AWS that provides resizable compute capacity in the cloud. In this guide, I'll walk you through the process of setting up and connecting to an EC2 instance.

Prerequisites

Before we start, make sure you have:

  1. An AWS account
  2. Basic understanding of SSH
  3. A terminal (for Mac/Linux) or PuTTY (for Windows)

Step 1: Launch an EC2 Instance

  1. Sign in to the AWS Management Console
  2. Navigate to the EC2 Dashboard
  3. Click on "Launch Instance"
  4. Choose an Amazon Machine Image (AMI) - I recommend Amazon Linux 2 for beginners
  5. Select an instance type (t2.micro is free tier eligible)
  6. Configure instance details (default settings work for most use cases)
  7. Add storage (default 8GB is sufficient for basic use)
  8. Add tags (optional but recommended for organization)
  9. Configure security group:
    • Allow SSH (port 22) from your IP address
    • Allow HTTP (port 80) and HTTPS (port 443) if you're hosting a web server
  10. Review and launch
  11. Create a new key pair, download it, and store it securely
  12. Launch the instance

Step 2: Connect to Your Instance

For Mac/Linux:

  1. Open a terminal
  2. Change the permissions of your key pair file: 
    chmod 400 your-key-pair.pem
  3. Connect using SSH: 
    ssh -i your-key-pair.pem ec2-user@your-instance-public-dns

For Windows (using PuTTY):

  1. Convert your .pem file to .ppk using PuTTYgen
  2. Open PuTTY
  3. Enter your instance's public DNS in the Host Name field
  4. Navigate to Connection > SSH > Auth
  5. Browse and select your .ppk file
  6. Click Open and login as "ec2-user"

Step 3: Update and Install Software

Once connected, update your system:

sudo yum update -y

Install necessary software (example for a web server):

sudo yum install -y httpd
sudo systemctl start httpd
sudo systemctl enable httpd

Step 4: Configure Security

  1. Set up a non-root user:

    sudo adduser newuser
sudo passwd newuser
sudo usermod -aG wheel newuser

  2. Configure SSH to use key authentication only:

    sudo nano /etc/ssh/sshd_config

    Set PasswordAuthentication no

    sudo systemctl restart sshd

Step 5: Set Up a Basic Firewall

sudo yum install -y firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload

Best Practices

  1. Keep your instance updated: Regularly run sudo yum update -y
  2. Use security groups effectively: Only open necessary ports
  3. Monitor your instance: Set up CloudWatch alarms for CPU, disk, and network usage
  4. Create regular backups: Use EBS snapshots or AWS Backup
  5. Use IAM roles instead of access keys: If your application needs AWS access

Conclusion

You now have an EC2 instance up and running! This is just the beginning of what you can do with EC2. As you get more comfortable, explore features like Auto Scaling, Load Balancing, and different instance types to optimize for your specific workloads.

Remember, while the t2.micro instance is free tier eligible, other resources like EBS volumes beyond 30GB or Elastic IP addresses that aren't attached to running instances will incur charges. Always monitor your AWS Billing Dashboard to avoid unexpected costs.

Back to all posts