Creating an AWS Linux Web Service

Posted on 2016-06-02 by jimbelton

This how-to is loosely based on this Amazon Getting Started page.

To create an AWS Linux web service:

  1. Create an AWS account. You need a credit card.
    1. Browse to http://aws.amazon.com/
    2. Click Create an AWS Account
    3. Follow the bouncing ball…
  2. Create an IAM user
    1. Browse to https://console.aws.amazon.com/iam/
    2. Click Groups on the side menu
    3. Click the Create New Group button
    4. Enter Administrators for Group Name and click Next Step
    5. Select the AdministratorAccess check box and click Next Step
    6. Click the Create Group button
    7. Click Users on the side menu
    8. Click the Create New Users button
    9. Enter a user name (e.g. jim) and click Create
    10. Click Download Credentials and save them
    11. Click Close
    12. Click the newly created user
    13. Click Security Credentials
    14. Click Manage Password
    15. Select the Assign a custom password radio button
    16. Enter the Password twice and click Apply
    17. Add the user to Administrators group
  3. Determine your account id:
    1. Open the AWS console
    2. Click on the drop down next to your name and select My Account
    3. Record your Account Id
  4. Log out of the AWS console
  5. Browse to https://aws-account-id.signin.aws.amazon.com/console/
  6. Sign in with the user name and password you created above
  7. Follow these instructions to set up a key pair:
    1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
    2. From the top bar, make sure the drop down next to you IAM user name is Oregon
    3. If not, open it and select US West (Oregon)
    4. Select the Key Pairs option on the side menu
    5. Click Import Key Pair
    6. Enter a Key pair name that’s easy for you to remember
    7. Browse to your public key (e.g. ~/.ssh/id_rsa.pub), then click Import

  8. Test whether you have a default VPC:

    1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/
    2. In the top bar, verify that Oregon is the selected region
    3. In the side menu, click the Your VPCs option
    4. If the list has a default VPC (a VPC with a CIDR block of 172.31.0.0/16), use it
    5. Otherwise, check out the tutorial (I had a default when I ran this)
  9. If you don’t need to set up a database, skip setting up private networks
  10. Create a bucket for your app:
    1. Open the Amazon S3 console at https://console.aws.amazon.com/s3/.
    2. Click Create Bucket
    3. In the Bucket Name box, specify a name for the bucket (e.g. app-name)
      • This name must be unique across all existing bucket names in Amazon S3
    4. In the Region box, select Oregon
    5. Click Create
  11. Create and configure your security group
    1. Determine your external IP address by browsing to http://checkip.amazonaws.com
    2. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
    3. In the top bar, verify that Oregon is the selected region
    4. From the side menu, select Security Groups, then click Create Security Group.
    5. Enter WebServerSG as the name of the security group, and provide a description.
    6. Select your VPC from the list and select the Inbound tab.
    7. Click Add Rule, then select RDP from the Type drop down.
    8. Under Source, select Custom IP
    9. If you are connecting through an ISP or from behind your firewall without a static IP address, you should give a range of addresses in case your ISP/firewall gives you a different one. If you get this wrong, your access may stop working in future. 0.0.0.0/0 allows everyone to access your instance using RDP#.#.#.0/24where the three numbers are the first three numbers of your external IP address work if your ISP/firewall is allocating your possible addresses from a class C network.
    10. Click Add Rule, then select SSH from the Type drop down and enter the same Custom IP range.
    11. Click Add Rule, and then select HTTP from the Type drop down.
    12. Click Create.

  12. Create an IAM role with full access to AWS:

    1. Browse to https://console.aws.amazon.com/iam/.
    2. From the side menu, select Roles, and then click Create New Role.
    3. Enter a name for the role (e.g. instance) and then click Next Step.
    4. Under AWS Service Roles, select Amazon EC2.
    5. On the Attach Policy page, check the check box next to PowerUserAccess.
    6. Click Next Step.
    7. Click Create Role.
  13. Launch an EC2 instance
    1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
    2. In the top bar, verify that Oregon is the selected region
    3. From the side menu, select Instances, and then click Launch Instance.
    4. On the Choose an Amazon Machine Image page, check Free tier only.
    5. Find Amazon Linux AMI and click the Select button next to it
    6. Make sure the t2.micro instance is selected and click Next: Configure Instance Details.
    7. On the Configure Instance Details page, do the following:
      1. Select your VPC from Network and select one of your public subnets from Subnet.
      2. Ensure that for Auto-assign Public IP, Enable is selected. Otherwise, your instance will not get a public IP address or a public DNS name.
      3. Select your IAM role (e.g. instance) from IAM role.
      4. Click Review and Launch.
    8. On the Review Instance Launch page, click Edit security groups.
    9. On the Configure Security Group page, click the Select an existing security group radio button
    10. Select the WebServerSG security group that you created, and then click Review and Launch.
    11. On the Review Instance Launch page, click Launch.
    12. In the Select an existing key pair or create a new key pair dialog box:
      1. Select Choose an existing key pair, then select the key pair you added.
      2. Click the I acknowledge… check box, and then click Launch Instances.
    13. From the side menu, select Instances to see the status of your instance.
      • Initially, the status of your instance is pending
      • After the status changes to running, your instance is ready for use.
    14. Click the Connect button
    15. Copy the Public DNS name (e.g. ec2-54-186-136-60.us-west-2.compute.amazonaws.com)
    16. From a command tool, run: ssh ec2-user@public-dns-name
    17. Run: sudo yum update
    18. Enter y when prompted

About jimbelton

I'm a software developer, and a writer of both fiction and non-fiction, and I blog about movies, books, and philosophy. My interest in religious philosophy and the search for the truth inspires much of my writing.
This entry was posted in programming and tagged , , . Bookmark the permalink.

Leave a Comment

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s