Launch Instance

For launching your first instance, we are going to use the launch wizard in the Amazon EC2 console.

1.1 Launch Single Linux Instance

You can launch a Linux instance using the AWS Management Console. This tutorial is intended to help you launch your first instance quickly, so it doesn’t cover all possible options. For more information about the advanced options, see Launching an Instance. Launch an instance:

  1. Open the Amazon EC2 console at
  2. From the console dashboard, choose Launch Instance.


  1. The choose an Amazon Machine Image (AMI) page displays a list of basic configurations, called Amazon Machine Images (AMIs), that serve as templates for your instance. Select the HVM edition of the Amazon Linux AMI (not Amazon Linux 2).


  1. On the Choose an Instance Type page, you can select the hardware configuration of your instance. Select the t2.micro type, which is selected by default. Notice that this instance type is eligible for the free tier. Then select Next: Configure Instance Details.


  1. On the Configure Instance Details page, make the following changes:

5.1 Select Create new IAM role.


5.2 In the new tab that opens, select Create role.


5.3 With AWS service pre-selected, select EC2 from the top of the list, then click Next: Permissions.


5.4 Enter s3 in the search and select AmazonS3ReadOnlyAccess from the list of policies, then click Next: Review. This policy will give this EC2 instance access to read and list any objects in Amazon S3 within your AWS account.


5.5 Enter a role name, such as ec2-s3-read-only-role, and then click Create role.


5.6 Back on the EC2 launch web browser tab, select the refresh button next to Create new IAM role, and click the role you just created.


5.7 Scroll down and expand the Advanced Details section. Enter the following in the User Data test box to automatically install Apache web server and apply basic configuration when the instance is launched:

yum update -y
yum install -y httpd
service httpd start
chkconfig httpd on
groupadd www
usermod -a -G www ec2-user
chown -R root:www /var/www
chmod 2775 /var/www
find /var/www -type d -exec chmod 2775 {} +
find /var/www -type f -exec chmod 0664 {} +
  1. Accept defaults and Choose Next: Add tags.

  2. Click Next: Configure Security Group.

    7.1 On type SSH, select Source as My IP

    7.2 Click Add Rule, select Type as HTTP and source as Anywhere

    • Note that best practice is to have an Elastic Load Balancer inline or the EC2 instance not directly exposed. However, for simplicity in this lab, we are opening the access to anywhere. Later modules will secure access with Elastic Load Balancer.

    7.3 Select Add Rule to add both SSH and HTTP, and on source, select My IP

    Security Group

    7.4 Click Review and Launch.


  3. On the Review Instance Launch page, check the details, and then click Launch.

  4. If you do not have an existing key pair for access instances, a prompt will appear. Click Create New, then type a name such as lab, click Download Key Pair, and then click Launch Instances.


This is the only chance to save the private key file. You’ll need to provide the name of your key pair when you launch an instance, and you’ll provide the corresponding private key each time you connect to the instance.

  1. Click View Instances.
  2. When your instance is launched, its status will change to running, and it will need a few minutes to apply patches and install Apache web server.


  1. You can connect to the Apache test page by entering the public DNS, which you can find on the description tab or instances list. Take note of this public DNS value.