In this post, I recorded all steps regarding how to launch a free tier AWS instance and how to use a client to access the instance.
1. Launch a EC2 Instance
1.1 Access Amazon AWS site :
1.2 Log in AWS Management Console:
Click Compute - EC2 to access EC2 dashboard.
By default, you will have a default VPC created when you created your account. You will have three pre-created subnets inside default VPC to isolate resources and one route table, also one default Internet gateways that can be used to provide access to inside resources from outside default VPC, and one allow any any Network ACL with two rules inside. Default security group will be created for you with some default inbound and outbound rules.
There will be no Elastic IPs, no Endpoints, no NAT Gateways, etc..
Note: You may want to create your own VPC, but the process will be different than this post. You will need to do following steps to get your VPC functional properly with outside:
- Create a new VPC - for example : 51sec-VPC
- Create at least a new Subnet for your EC2 instances : for example 10.10.0.0/24 for your public network
- Create a new Internet Gateways and assigned to this new VPC
- Create a default route : 0.0.0.0/0 and gateway will be previous step created Internet Gateway.
- Create your new EC2 instance in new created VPC. During creating EC2 instance step, you can create your own Security Group (Firewall) and new Key pair. If you already has existing one, you can choose existing security group and key pair.
- Optional but strongly suggested : Allocate a new Elastic IP. But remember, first Elastic IP is free when it assigned to a running Instance. Else it will be charged for 0.005 for each hour when it is not assigned to a running Instance.
- Now your Instance should be good to communicate with Internet
- One Year Free Tier: Linux Instance 750 hours / month, Windows Instance 750 hours / month.
The following table lists Free Tier Usage Limit.
1.3 Launch Amazon Linux 2017.03.1 (HVM), SSD Volume Type Instance:
1.4 Configure Instance:
1.5 Create a new key pair and download it
1.6 Check new created instance from EC2 Dashboard
From the instance description tab, we can see there is a new public ip 52.60.229.194 assigned to it.
Youtube Video:1. Launch AWS Instance - Ubuntu
2. Access Linux Instance
2.1 Linux Machine
2.1 Putty on Windows
2.2 SecureCRT on Windows
After you entered correct ssh ip address, choose right public key pair file and entered right user name ec2-user, you will get the following screen:
__| __|_ ) _| ( / Amazon Linux AMI ___|\___|___| https://aws.amazon.com/amazon-linux-ami/2017.03-release-notes/ 2 package(s) needed for security, out of 2 available Run "sudo yum update" to apply all updates. [ec2-user@ip-172-31-30-151 ~]$ sudo su [root@ip-172-31-30-151 ec2-user]#
YouTube Video: 2. SSH Access AWS Instance - SecureCRT
2.4 SCP to Instance
3. Access Windows Instance
3.1 RDP
Make sure security group allows RDP access from Internet.
Download remote desktop file:
Generate your administrator password with your public key pair file:
Double Click downloaded RDP file and enter your decrypted administrator password, you should be able to connect to your windows instance.
4. Troubleshooting Access Issues
a. Without Proper Security Group Rules (Stateful Firewall Rules)
Default Security Group Rule will allow you access your EC2 instance. Following screenshot shows ssh (tcp 22) and icmp allowed from all networks.
b. VPC network ACLs - inbound and outbound rules
c. VPN Routing Tables and Internet Gateway
No comments:
Post a Comment