How to launch a single EC2 instance via AWS CLI

Photo by Jexo on Unsplash

How to launch a single EC2 instance via AWS CLI

Rather than launching the EC2 instance via Management Console, to save you time, there is a good alternative as launching the sandbox EC2 instance via AWS CLI. This tutorial shows how to launch a single free-tier eligible EC2 instance with a newly created SSH key pair by using AWS CLI.

In this tutorial, we launch the EC2 instance with the following settings:

  1. EC2 instance name: "MyFirstInstance"

  2. AMI ID: ami-0f34c5ae932e6f0e4 (Amazon Linux 2, us-east-1 region)

  3. Instance type: t2.micro

  4. SSH keypair name: "DemoKeyPair"

  5. Security group name: "AWSSSH" that allows SSH traffic on port 22 from <your_public_ip_address>

Make sure to replace the values as needed for your specific configuration. Before you run the commands, ensure that you have configured your AWS CLI with the appropriate credentials and default region.

Create SSH key pair

You can create an SSH key pair named DemoKeyPair using the AWS CLI and save the private key to a file on your local machine. Here's how:

  1. Open a terminal or command prompt on your local machine.

  2. Run the following command to create a new key pair:

     aws ec2 create-key-pair --key-name DemoKeyPair --query 'KeyMaterial' --output text > DemoKeyPair.pem

    This command creates a new key pair with the name DemoKeyPair, extracts the private key material from the response, and saves it to a file named DemoKeyPair.pem in your current directory.

  3. Change the permissions of the private key file to ensure that it is kept secure:

     chmod 400 DemoKeyPair.pem

    This command sets the permissions of the DemoKeyPair.pem file so that only the owner can read it, and no one else can write to it.

Now you have a key pair named DemoKeyPair in AWS, and the private key is saved in the DemoKeyPair.pem file on your local machine. You can use this private key to SSH into EC2 instances that are launched with the DemoKeyPair key pair.

Create Security Group

You can launch an EC2 instance with the specified settings using the AWS Command Line Interface (CLI) as follows:

  1. Create a Security Group named AWSSSH that allows SSH traffic on port 22 from the specified IP address:

     aws ec2 create-security-group --group-name AWSSSH --description "Security group for SSH access"
  2. Add a rule to the security group to allow inbound traffic on port 22 from the specified IP address:

     aws ec2 authorize-security-group-ingress --group-name AWSSSH --protocol tcp --port 22 --cidr <your_public_ip_address>/32

Launch EC2 instance

Launch the EC2 Instance with the specified name, AMI, instance type, SSH key pair, and the newly created security group

aws ec2 run-instances --image-id ami-0f34c5ae932e6f0e4 --instance-type t2.micro --key-name DemoKeyPair --security-groups AWSSSH --count 1 --tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=MyFirstInstance}]'
To specify AZ for EC2 instance use --placement AvailabilityZone=us-east-1a option

Please make sure that:

  • You have the specified key pair (DemoKeyPair) already created in the region where you're launching the instance.

  • The security group doesn't conflict with any existing security group with the same name.

  • Your CLI is configured with the appropriate permissions, credentials, and default region.

SSH into EC2 instance

Before SSH into the EC2 instance, we need to get the Public IP address of our newly launched EC2 instance.

You can retrieve the public IP address of a recently launched EC2 instance using the AWS CLI by querying the instance attributes. Here's how you can do that:

  1. Find the Instance ID: After launching the instance, you'll receive an instance ID in the response. If you already know the instance ID, you can skip to the next step. Otherwise, you can list all instances and find the one you need by running:

     aws ec2 describe-instances --query 'Reservations[*].Instances[*].[InstanceId, Tags[?Key==`Name`].Value | [0], State.Name]' --output table

    This will display a table with the instance IDs, names (if tagged), and their current state. Find the instance ID you are interested in.

  2. Retrieve the Public IP Address: Using the instance ID, you can run the following command to get the public IP address:

     aws ec2 describe-instances --instance-ids i-1234567890abcdef0 --query 'Reservations[*].Instances[*].PublicIpAddress' --output text

    Be sure to replace i-1234567890abcdef0 with the actual instance ID of the instance you're interested in.

This command will return the public IP address of the specified EC2 instance in text format, which you can then use to connect to the instance via SSH or for other purposes.

Now we can access remotely our EC2 instance. To SSH into the machine use the following command:

ssh -i DemoKeyPair.pem ec2-user@<ec2_instance_public_ip_address>