This how-to is loosely based on this Amazon Getting Started page.
To create an AWS Linux web service:
- Create an AWS account. You need a credit card.
- Browse to http://aws.amazon.com/
- Click Create an AWS Account
- Follow the bouncing ball…
- Create an IAM user
- Browse to https://console.aws.amazon.com/iam/
- Click Groups on the side menu
- Click the Create New Group button
- Enter Administrators for Group Name and click Next Step
- Select the AdministratorAccess check box and click Next Step
- Click the Create Group button
- Click Users on the side menu
- Click the Create New Users button
- Enter a user name (e.g. jim) and click Create
- Click Download Credentials and save them
- Click Close
- Click the newly created user
- Click Security Credentials
- Click Manage Password
- Select the Assign a custom password radio button
- Enter the Password twice and click Apply
- Add the user to Administrators group
- Determine your account id:
- Open the AWS console
- Click on the drop down next to your name and select My Account
- Record your Account Id
- Log out of the AWS console
- Browse to https://aws-account-id.signin.aws.amazon.com/console/
- Sign in with the user name and password you created above
- Follow these instructions to set up a key pair:
- Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
- From the top bar, make sure the drop down next to you IAM user name is Oregon
- If not, open it and select US West (Oregon)
- Select the Key Pairs option on the side menu
- Click Import Key Pair
- Enter a Key pair name that’s easy for you to remember
- Browse to your public key (e.g. ~/.ssh/id_rsa.pub), then click Import
-
Test whether you have a default VPC:
- Open the Amazon VPC console at https://console.aws.amazon.com/vpc/
- In the top bar, verify that Oregon is the selected region
- In the side menu, click the Your VPCs option
- If the list has a default VPC (a VPC with a CIDR block of
172.31.0.0/16
), use it - Otherwise, check out the tutorial (I had a default when I ran this)
- If you don’t need to set up a database, skip setting up private networks
- Create a bucket for your app:
- Open the Amazon S3 console at https://console.aws.amazon.com/s3/.
- Click Create Bucket
- In the Bucket Name box, specify a name for the bucket (e.g. app-name)
- This name must be unique across all existing bucket names in Amazon S3
- In the Region box, select Oregon
- Click Create
- Create and configure your security group
- Determine your external IP address by browsing to http://checkip.amazonaws.com
- Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
- In the top bar, verify that Oregon is the selected region
- From the side menu, select Security Groups, then click Create Security Group.
- Enter
WebServerSG
as the name of the security group, and provide a description. - Select your VPC from the list and select the Inbound tab.
- Click Add Rule, then select RDP from the Type drop down.
- Under Source, select Custom IP
- If you are connecting through an ISP or from behind your firewall without a static IP address, you should give a range of addresses in case your ISP/firewall gives you a different one. If you get this wrong, your access may stop working in future.
0.0.0.0/0
allows everyone to access your instance using RDP.#.#.#.0/24
where the three numbers are the first three numbers of your external IP address work if your ISP/firewall is allocating your possible addresses from a class C network. - Click Add Rule, then select SSH from the Type drop down and enter the same Custom IP range.
- Click Add Rule, and then select HTTP from the Type drop down.
- Click Create.
-
Create an IAM role with full access to AWS:
- Browse to https://console.aws.amazon.com/iam/.
- From the side menu, select Roles, and then click Create New Role.
- Enter a name for the role (e.g. instance) and then click Next Step.
- Under AWS Service Roles, select Amazon EC2.
- On the Attach Policy page, check the check box next to PowerUserAccess.
- Click Next Step.
- Click Create Role.
- Launch an EC2 instance
- Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
- In the top bar, verify that Oregon is the selected region
- From the side menu, select Instances, and then click Launch Instance.
- On the Choose an Amazon Machine Image page, check Free tier only.
- Find Amazon Linux AMI and click the Select button next to it
- Make sure the
t2.micro
instance is selected and click Next: Configure Instance Details. - On the Configure Instance Details page, do the following:
- Select your VPC from Network and select one of your public subnets from Subnet.
- Ensure that for Auto-assign Public IP, Enable is selected. Otherwise, your instance will not get a public IP address or a public DNS name.
- Select your IAM role (e.g. instance) from IAM role.
- Click Review and Launch.
- On the Review Instance Launch page, click Edit security groups.
- On the Configure Security Group page, click the Select an existing security group radio button
- Select the
WebServerSG
security group that you created, and then click Review and Launch. - On the Review Instance Launch page, click Launch.
- In the Select an existing key pair or create a new key pair dialog box:
- Select Choose an existing key pair, then select the key pair you added.
- Click the I acknowledge… check box, and then click Launch Instances.
- From the side menu, select Instances to see the status of your instance.
- Initially, the status of your instance is
pending
- After the status changes to
running
, your instance is ready for use.
- Initially, the status of your instance is
- Click the Connect button
- Copy the Public DNS name (e.g. ec2-54-186-136-60.us-west-2.compute.amazonaws.com)
- From a command tool, run: ssh ec2-user@public-dns-name
- Run: sudo yum update
- Enter y when prompted