Open in app

Sign in

Write

Sign in

Setting up and protecting an EC2 instance with security groups in AWS!

Christopher Lawshe
5 min readNov 5, 2022

--

As another step on my road to becoming a cloud DevOps engineer, I completed a project deploying an EC2 instance in AWS — complete with SSH and HTML accessibility.

Before we get started there’s a couple of things I needed to complete this project:

  • Active AWS free-tier account
  • Access to a computer with a terminal application (PowerShell, Terminal, CMD, etc.)

STEP 1: Launch an EC2 instance in my AWS Virtual Private Cloud

First things first — I had to login to my AWS account to access the portal. Once logged in, I was brought to the Console Home page where I can access a few of the many AWS services offered by Amazon.

(If you do not have an AWS account you can sign up for free using this link)

From here I accessed the EC2 service by clicking the logo in my ‘Recently Visited’ menu. If you don’t have anything listed in ‘Recently Visited’ you can search ‘EC2’ in the search bar at the top and ‘EC2’ will pop right up for you.

I was brought to my EC2 menu page. From here you can view and access a ton of information about existing EC2 instances in your VPC. For this project, I had to create one from scratch. I accomplished this by clicking the orange ‘Launch Instance’ button on the screen.

To create the new EC2 instance I had to give it a name, select an AMI with an operating system, pick an instance type, create a new key pair and configure the network settings. For this project I left the AMI as default AWS Linux, chose t2.micro as the Instance type (free), and enabled SSH from my computer IP .

For the new key pair, I gave it a name and downloaded the .pem file and stored it in a safe location (IMPORTANT!). The other settings were left as their defaults. Then I just needed to click the orange ‘Launch Instance’ button to create the EC2 instance.

STEP 2: Create a Security Group to allow inbound HTML and SSH access to my EC2 instance

Now that my EC2 instance was up and running I needed to create a security group to configure SSH and HTTP/S settings. To do this I needed to acces the EC2 menu again. Once I arrived in the EC2 menu I scrolled down in the menu on the left side until I reached the ‘Network & Security’ section and clicked ‘Security Groups’.

Once I arrived on the next page I had to click the orange ‘Create Security Group’ button on the screen. The new screen allows me to add rules to the security group. I created three new rules:

  • One to allow inbound SSH access directly from my IP address
  • One to allow inbound HTTP access
  • One to allow inbound HTTPS access

One I successfully created the three new rules I just needed to create the group by clicking the ‘create security group’ button. To verify the rule took hold I accessed my new created EC2 instance and clicked the ‘Security’ tab and checked the ‘Inbound Rules’ menu to see if it reflected my changes. (It did!)

STEP 3: SSH into my EC2 instance

The final step was to connect to my EC2 instance via SSH and configure a couple things. To do so, I clicked the ‘connect’ button from the new instance page where I verified the new security group rules in the previous step. AWS was so kind as to give me a simple set of steps to get SSH’d into the new instance for the first time with my new private key. All I had to do was open PowerShell and follow the instructions! (See Below)

All I did was navigate in my PowerShell terminal window to the folder containing my key pair document and copied the ssh command provided by AWS. After answering ‘yes’ to the subsequent prompt in the terminal, I was in!

From here I want to install Apache on my system and setup a web page to verify my HTTP/S functionality. To do this I need to type the following commands into my EC2 linux system:

sudo yum install -y httpdsudo service httpd start

These commands install the and start the Apache service on my system. From here I need to access a specific directory in my system to setup a web page and verify HTTP/S on my system.

cd /var/www/html

The above command tells the system to enter the correct directory to setup a web page for your system to have accessible through the internet.

sudo vim index.html

The above command simultaneously creates a new file named ‘index.html’ and enters me into the text editor to make necessary changes to the file. Next I type “i” on my keyboard to enter ‘insert mode’ and edit my file. Then I typed the following text into the file:

<html>
        <head>
                <title> LUIT Week 5 Project Complete! </title>
        </head>
        <body> "Hello World!"   </body>
</html>

To save this text I hit [esc] and [enter] on my keyboard and safely exited the file. To verify the changes took hold to the file I typed:

cat index.html

If the file was saved successfully the text above should be displayed on my screen verbatim how I type it in the vim text editor screen. (It did!)

Next I ran a command to ensure that the Apache server was started and running on the system:

sudo chkconfig httpd on

After that I needed to get my EC2 instance public IP address. This was found from the ‘EC2 Instances’ screen listed on the left-pane menu. Once I found the new created instance the IP address was listed on the screen under ‘Public IPv4 address’.

The final step was to copy this address and paste it in my web browser to see if all my work was worth it……..IT WAS! (See Below)

MISSION ACCOMPLISHED!
AWS
Ec2
Security
Amazon

--

--

Christopher Lawshe
Christopher Lawshe

Written by Christopher Lawshe

22 Followers
6 Following

IT enthusiast — looking to learn from and connect with IT professionals to help push the world forward through Cloud DevOps

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams