☁️ Launching Your First AWS EC2 Instance + Security Groups Explained (Step-by-Step)

---

When I first started using AWS, I’ll admit — the EC2 dashboard felt like a cockpit. So many buttons, tabs, and checkboxes. But once I got comfortable with launching an EC2 instance and understanding Security Groups, everything else started to make sense.

In this blog, I’ll walk you through exactly how I launched my first free-tier EC2 instance and configured the security group rules properly — without accidentally leaving everything open to the internet. 😅

---

🧱 What Is an EC2 Instance?

Think of EC2 (Elastic Compute Cloud) as your personal Linux or Windows server in the cloud. You can SSH into it, install stuff, host websites, run scripts, etc.

For learning purposes (or real workloads if you're thrifty), AWS offers Free Tier EC2 instances — perfect for beginners.

---

🔐 What Are Security Groups?

This is the part that confused me at first:

A Security Group is like a virtual firewall for your EC2 instance.

It controls:

• What kind of traffic (HTTP, SSH, etc.) is allowed

• From where (your IP, anywhere, internal only)

If your EC2 instance seems unreachable — it's probably your Security Group blocking traffic.

---

🚀 Step-by-Step: Launching an EC2 Instance (Free Tier)

✅ Prerequisites:

• AWS account (free-tier enabled)

• A little patience — AWS UI is weirdly slow sometimes

---

🔹 Step 1: Go to EC2 Dashboard

• Log in to AWS Console → Search for EC2

• Click "Launch Instance"

---

🔹 Step 2: Configure Instance Details

• Name: Anything (e.g., devops-test-server)

• Amazon Machine Image (AMI):
  Choose Amazon Linux 2023 or Ubuntu 22.04 LTS

• Instance Type:
  Select t2.micro or t3.micro (Free Tier eligible)

---

🔹 Step 3: Create a New Key Pair 🔑

• Click Create new key pair

• Name it (e.g., my-ec2-key)

• Choose .pem (for Linux/Mac) or .ppk (for Windows/PuTTY)

• Download the key file and don’t lose it – you’ll need this to SSH later

---

🔹 Step 4: Configure Network Settings (Security Group)

This is the important part 👇

🛡️ Create a new Security Group:

• Inbound rules: Click "Add rule"

  | Type | Port | Source | | --- | --- | --- | | SSH | 22 | Your IP (recommended) | | HTTP | 80 | Anywhere (for public web access) |

  (Optional: add HTTPS port 443 if you’re hosting secure sites)

• Outbound rules: Leave as default (allows all)

---

🔹 Step 5: Storage Settings

• Default 8GB is fine — don’t touch unless needed

---

🔹 Step 6: Launch Instance

• Click Launch

• Wait 1–2 minutes until instance is “Running”

---

🧪 Step 7: Connect to Your Instance

Once it's running, click Connect:

If using SSH (Linux/Mac):

chmod 400 my-ec2-key.pem
ssh -i my-ec2-key.pem ec2-user@<your-public-ip>

If using Windows (PuTTY):

• Convert .pem to .ppk using PuTTYgen

• Use PuTTY to SSH into ec2-user@<your-ip>

---

🔍 Quick Note on Security Groups

You can always edit Security Groups later:

• Go to EC2 → Network & Security → Security Groups

• Select your group → Click Edit Inbound Rules

• Add/Remove ports (e.g., 8080 for a custom app)

Always restrict access when not needed. For example:

• Allow SSH only from your IP

• Don’t expose DB ports like 3306 (MySQL) to public

---

🔐 Security Group Best Practices (DevOps Mindset)

---

🧠 What I Learned

• EC2 is just a cloud-hosted Linux server — but with more power and responsibility

• Security Groups are as important as your code — one open port can be a disaster

• Naming and organizing your firewall rules helps long-term maintenance (and team sanity)