Table of Contents

  1. Introduction
  2. What is Amazon EC2?
  3. Key Components You Need to Know
  4. Prerequisites and Setup
  5. Step-by-Step: Launching Your First EC2 Instance
  6. Connecting to Your Instance
  7. Understanding Instance Types and Configurations
  8. Security Groups and Network Settings
  9. User Data Scripts and Automation
  10. Managing Your Instances: Stopping vs. Terminating
  11. Cost Optimization and Free Tier Benefits
  12. Advanced Topics: IAM Roles and Elastic IPs
  13. Troubleshooting Common Issues
  14. Next Steps and Resources
  15. Conclusion

Introduction

Amazon EC2 (Elastic Compute Cloud) stands as one of the most powerful and widely-used services in the AWS ecosystem[1]. Whether you’re a developer looking to host applications, a data scientist setting up computing environments, or an infrastructure engineer managing cloud resources, understanding EC2 is essential in today’s cloud-first world.

This comprehensive guide takes you from complete beginner to confident EC2 user. By the end, you’ll be able to launch, configure, secure, and manage virtual machines in the AWS cloud with confidence. We’ll cover everything from basic concepts to practical hands-on steps, ensuring you have both the theoretical knowledge and practical skills needed to excel.

What is Amazon EC2?

At its core, Amazon EC2 is a web service that provides resizable compute capacity in the cloud[1]. Think of an EC2 instance as a virtual computer running in AWS data centers that you can access and control remotely.

Why EC2 Matters

EC2 revolutionizes how organizations think about computing infrastructure:

  • Scalability: Launch one instance or thousands, scaling up or down based on demand
  • Cost-Effectiveness: Pay only for what you use, with no upfront capital investment
  • Flexibility: Choose from various operating systems, instance types, and configurations
  • Control: Full administrative access to your instances
  • Global Reach: Deploy instances in multiple AWS regions worldwide
  • Integration: Seamlessly works with other AWS services like S3, RDS, and CloudWatch

What You Can Do With EC2

Once connected to your EC2 instance, you have complete server-like capabilities[3]:

  • Install and run software applications
  • Host websites and web applications
  • Set up databases
  • Run Python scripts and data processing jobs
  • Schedule automated tasks
  • Create development and testing environments
  • Build machine learning pipelines

Key Components You Need to Know

Before launching your first instance, understand these essential components[5]:

Amazon Machine Image (AMI)

An AMI is a template that contains the software to run on your instance, such as the operating system[5]. Common AMI options include:

  • Amazon Linux: AWS’s optimized Linux distribution
  • Ubuntu: Popular Linux distribution with strong community support
  • Windows Server: For applications requiring Windows
  • Custom AMIs: Pre-configured images with your software already installed

Instance Type

Instance types determine the computing power, memory, and network performance of your virtual machine. They’re categorized by family:

  • t2 (General Purpose): Balanced compute, memory, and networking; ideal for web servers and small databases
  • m5 (General Purpose): Similar to t2 but with more consistent performance
  • c5 (Compute Optimized): High-performance processors for batch processing and media transcoding
  • r5 (Memory Optimized): Large amounts of RAM for in-memory databases
  • i3 (Storage Optimized): High sequential read/write access to large data sets

For beginners and free tier users, t2.micro is the recommended starting point[1][6].

Key Pair

A key pair is a set of security credentials consisting of a public key and private key[5]. The public key resides on your instance, while you keep the private key on your computer. This enables secure SSH access to your instance[1].

Virtual Private Cloud (VPC)

A VPC is a virtual network dedicated to your AWS account[5]. It defines IP ranges, subnets, and security rules. For beginners, using the default VPC is perfectly adequate[3].

Security Groups

Security groups act as virtual firewalls, controlling inbound and outbound traffic to your instances[2]. You’ll configure rules to allow specific traffic types (SSH, HTTP, HTTPS) from particular sources.

Prerequisites and Setup

What You Need

Before starting, ensure you have[1]:

  1. An AWS Account: Visit aws.amazon.com and create a free account
  2. Basic AWS Console Familiarity: Understanding how to navigate the AWS Management Console
  3. A Web Browser: Chrome, Firefox, Safari, or Edge
  4. A Text Editor: For managing configuration files (VS Code, Notepad++, etc.)

Free Tier Eligibility

If your AWS account was created after July 15, 2025, and you haven’t used up all your credits, you can complete this tutorial at no cost using Free Tier benefits[5]. The t2.micro instance type is included in the Free Tier, making it perfect for learning.

Step-by-Step: Launching Your First EC2 Instance

Step 1: Access the AWS Management Console

  1. Navigate to the AWS Console at console.aws.amazon.com
  2. Log in with your AWS credentials
  3. You’ll land on the AWS Management Console home page

Step 2: Navigate to EC2

  1. From the Services menu, search for EC2
  2. Click on EC2 to open the EC2 Dashboard
  3. You’ll see various EC2 options in the left sidebar

Step 3: Launch an Instance

  1. Click the Launch instance button (or Launch Instances depending on your console version)
  2. This opens the EC2 Launch Instance Wizard, a web-based form with all configuration options[4]

Step 4: Configure Your Instance Details

Name and Tags:

  • Give your instance a descriptive name, such as “Demo EC2” or “My First Server”
  • This helps you identify instances when you have multiple running

Choose an Amazon Machine Image (AMI):

  • Select Amazon Linux 2 or Ubuntu Server (both free tier eligible)
  • Amazon Linux is AWS-optimized and recommended for beginners[1]

Choose Instance Type:

  • Select t2.micro (this is free tier eligible)[1][6]
  • This provides 1 vCPU, 1 GB of memory, and low to moderate network performance

Step 5: Configure Key Pair

  1. You’ll be prompted to select or create a key pair[1]
  2. For new users: Click “Create a new key pair”
  3. Enter a descriptive name (e.g., “my-first-keypair”)
  4. Choose RSA as the key pair type
  5. Choose .pem format (for Mac/Linux) or .ppk format (for Windows with PuTTY)
  6. Click Create key pair and save the downloaded file in a secure location

Important: Store your private key file securely. You’ll need it to connect to your instance via SSH. Never share it with others.

Step 6: Configure Network Settings

  1. Choose the default VPC (unless you need custom networking)[1]
  2. Allow SSH traffic from your IP address (or “My IP” for convenience)
  3. Allow HTTP traffic from the internet (if hosting a web server)
  4. Allow HTTPS traffic if you plan to use SSL/TLS certificates

These settings determine who can connect to your instance and how.

Step 7: Configure Storage

  1. The default storage configuration (8-20 GB EBS volume) is suitable for most beginners
  2. You can increase this if you plan to store large amounts of data
  3. Leave encryption disabled for your first instance

Step 8: Configure User Data (Optional)

In the Advanced details section, you can add a User Data script[1]. This script runs automatically when your instance starts:

#!/bin/bash
echo "Welcome to my EC2 instance!" > /home/ec2-user/welcome.txt
yum update -y
yum install -y httpd
systemctl start httpd

This example updates the system and installs a web server.

Step 9: Review and Launch

  1. Review all your configurations in the summary panel
  2. Verify your AMI, instance type, key pair, and security group settings
  3. Click Launch instance[4]
  4. A success banner confirms your instance is launching

Congratulations! Your first EC2 instance is now starting up.

Connecting to Your Instance

After launching, you need to connect to your instance to use it. There are two primary methods depending on your operating system.

Method 1: SSH Connection (Mac/Linux/Windows 10+)

Step 1: Find Your Instance Details

  1. Go to the EC2 Dashboard
  2. Click Instances in the left sidebar
  3. Select your instance from the list
  4. In the details panel, note the Public IPv4 address

Step 2: Prepare Your Key File

On Mac/Linux, set proper permissions on your key file:

chmod 400 /path/to/your-key.pem

Step 3: Connect via SSH

ssh -i /path/to/your-key.pem ec2-user@your-instance-public-ip

Replace your-instance-public-ip with the actual IP address from Step 1.

For Ubuntu AMIs, use ubuntu instead of ec2-user:

ssh -i /path/to/your-key.pem ubuntu@your-instance-public-ip

Method 2: EC2 Instance Connect (Browser-Based)

AWS provides a browser-based terminal for easy access:

  1. Select your instance in the EC2 Dashboard
  2. Click Connect at the top
  3. Choose the EC2 Instance Connect tab
  4. Click Connect to open a terminal in your browser

This method requires no key file management and is perfect for quick access.

Method 3: Remote Desktop (Windows Instances)

For Windows instances[6]:

  1. Right-click your instance and select Connect
  2. Choose the RDP client tab
  3. Download the .rdp file
  4. Decrypt the password using your key pair
  5. Open the .rdp file and enter your password
  6. You’ll connect to your Windows desktop

Understanding Instance Types and Configurations

Instance Type Families

Choosing the right instance type is crucial for performance and cost optimization[2]:

FamilyUse CaseExample
General Purpose (t2, m5)Web servers, small databases, developmentt2.micro, m5.large
Compute Optimized (c5)Batch processing, media transcoding, high-performance computingc5.large, c5.xlarge
Memory Optimized (r5, x1)In-memory databases, real-time analytics, SAP HANAr5.xlarge, x1.32xlarge
Storage Optimized (i3, h1)NoSQL databases, data warehousing, Elasticsearchi3.large, h1.8xlarge
GPU Instances (p3, g4)Machine learning, graphics rendering, video encodingp3.2xlarge, g4dn.xlarge

Naming Convention

Instance type names follow a pattern: family.size

  • Family: Indicates the category (t, m, c, r, etc.)
  • Generation: A number indicating the hardware generation (t2, t3, t4)
  • Size: micro, small, medium, large, xlarge, 2xlarge, etc.

For example, t2.micro is a t-family (general purpose), 2nd generation, micro size instance.

Free Tier Considerations

If you’re using the free tier[5][6]:

  • Stick to t2.micro instances exclusively
  • Monitor your usage to avoid overage charges
  • Set CloudWatch alarms to notify you if you exceed free tier limits
  • Terminate unused instances promptly

Security Groups and Network Settings

Security groups are fundamental to EC2 security[2]. They act as stateful firewalls controlling traffic to and from your instances.

Creating Inbound Rules

For SSH Access:

  • Protocol: TCP
  • Port: 22
  • Source: Your IP address (or 0.0.0.0/0 for public access, not recommended)

For HTTP Web Traffic:

  • Protocol: TCP
  • Port: 80
  • Source: 0.0.0.0/0 (allow from anywhere)

For HTTPS Web Traffic:

  • Protocol: TCP
  • Port: 443
  • Source: 0.0.0.0/0 (allow from anywhere)

For Custom Applications:

  • Specify the protocol (TCP/UDP)
  • Specify the port your application uses
  • Restrict the source IP range when possible

Best Practices

  • Principle of Least Privilege: Only open ports you actually need
  • Restrict SSH Access: Don’t allow SSH (port 22) from 0.0.0.0/0
  • Use Security Group References: Link security groups together for internal communication
  • Review Regularly: Audit your security group rules quarterly
  • Document Your Rules: Add descriptions explaining why each rule exists

User Data Scripts and Automation

User Data scripts enable you to automate instance initialization, saving time and ensuring consistency[1][2].

User Data Basics

User Data scripts run as the root user when your instance first starts. They’re perfect for:

  • Installing software packages
  • Updating the operating system
  • Configuring services
  • Downloading configuration files
  • Running initialization scripts

Example 1: Basic Web Server Setup

#!/bin/bash
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "<h1>Hello from $(hostname -f)</h1>" > /var/www/html/index.html

This script:

  1. Updates all packages
  2. Installs Apache HTTP Server
  3. Starts the service
  4. Enables it to start on reboot
  5. Creates a simple homepage

Example 2: Python Development Environment

#!/bin/bash
yum update -y
yum install -y python3 python3-pip git
pip3 install flask requests pandas numpy
git clone https://github.com/your-username/your-repo.git /home/ec2-user/app
cd /home/ec2-user/app
python3 app.py

Example 3: Creating a Startup Notification

#!/bin/bash
echo "Instance started successfully at $(date)" > /home/ec2-user/startup.txt

This creates a file documenting when the instance started[1].

Important Considerations

  • Scripts must start with #!/bin/bash
  • Commands run as root, so use sudo carefully
  • Keep scripts idempotent (safe to run multiple times)
  • Avoid interactive commands (they’ll hang)
  • Log output to files for debugging: >> /var/log/user-data.log 2>&1

Managing Your Instances: Stopping vs. Terminating

Understanding the difference between stopping and terminating is crucial for cost management[3].

Stopping an Instance

What happens: The instance shuts down gracefully, but the EBS volume and associated resources remain.

When to use:

  • Temporarily pause an instance
  • Save costs (stopped instances incur minimal charges)
  • Troubleshoot issues
  • Plan to restart later

Cost implications: Minimal charges for EBS storage, but no compute charges

How to stop:

  1. Select your instance in the EC2 Dashboard
  2. Click Instance StateStop
  3. Confirm the action

Terminating an Instance

What happens: The instance is permanently deleted. EBS volumes are deleted (unless configured otherwise), and all data is lost.

When to use:

  • Permanently remove an instance
  • Clean up after testing
  • Free up resources
  • Reduce costs completely

Cost implications: No charges after termination (except for retained EBS volumes)

How to terminate:

  1. Select your instance in the EC2 Dashboard
  2. Click Instance StateTerminate
  3. Confirm the action

Warning: Termination is permanent. Always verify you’re terminating the correct instance.

Instance Lifecycle States

  • Pending: Instance is starting up
  • Running: Instance is active and available
  • Stopping: Instance is shutting down
  • Stopped: Instance is stopped but not terminated
  • Terminating: Instance is being deleted
  • Terminated: Instance is permanently deleted

Cost Optimization and Free Tier Benefits

Free Tier Eligibility

AWS offers a generous free tier for new accounts[5]:

  • 750 hours per month of t2.micro instance usage
  • 30 GB of EBS storage
  • 1 GB of data transfer out
  • Valid for 12 months from account creation

This is enough to run a single t2.micro instance continuously for a full month at no cost.

Cost Optimization Strategies

1. Right-Size Your Instances

  • Start with t2.micro and upgrade only if needed
  • Monitor CloudWatch metrics to identify underutilized instances
  • Use smaller instance types for development/testing

2. Use Reserved Instances

  • Commit to 1-year or 3-year terms for significant discounts
  • Ideal for predictable, long-running workloads
  • Can save up to 72% compared to on-demand pricing

3. Use Spot Instances

  • Purchase unused capacity at up to 90% discount
  • Suitable for fault-tolerant, flexible workloads
  • Can be interrupted by AWS with 2-minute notice

4. Implement Auto Scaling

  • Automatically adjust instance count based on demand
  • Scale up during peak hours, scale down during off-peak
  • Optimizes costs while maintaining performance

5. Stop Unused Instances

  • Stop rather than terminate instances you might need later
  • Significantly reduces costs while preserving data
  • Restart immediately when needed

6. Monitor Your Usage

  • Use AWS Billing Dashboard to track costs
  • Set up CloudWatch alarms for cost anomalies
  • Review your bill monthly

7. Clean Up Resources

  • Terminate instances you no longer need
  • Delete unattached EBS volumes
  • Remove unused Elastic IPs (they incur charges when unattached)

Tracking Free Tier Usage

To avoid unexpected charges:

  1. Go to AWS Billing Dashboard
  2. Click Free Tier in the left sidebar
  3. Review your current usage against free tier limits
  4. Set up billing alerts for when you approach limits

Advanced Topics: IAM Roles and Elastic IPs

As you progress beyond basics, these advanced features become important.

IAM Roles for EC2

What are IAM Roles?

IAM roles allow EC2 instances to securely access other AWS services without storing credentials on the instance[2].

Why use them?

  • Security: No hardcoded AWS credentials on your instance
  • Flexibility: Easily modify permissions without restarting instances
  • Auditability: Track which instance performed which actions
  • Best Practice: Recommended by AWS security guidelines

How to attach an IAM role[2]:

  1. Create an IAM role with appropriate permissions
  2. Create an instance profile for the role
  3. When launching an instance, select the instance profile
  4. Or attach to a running instance via the EC2 Dashboard

Example use case: Your instance needs to read files from S3. Instead of storing AWS credentials on the instance, attach an IAM role with S3 read permissions.

Elastic IP Addresses

What is an Elastic IP?

An Elastic IP is a static public IPv4 address associated with your AWS account[2]. Unlike regular public IPs that change when you stop/start an instance, Elastic IPs remain constant.

When to use Elastic IPs:

  • Hosting DNS records pointing to your instance
  • Applications requiring a fixed IP address
  • Failover scenarios where you remap the IP to another instance
  • Email server configurations

How to attach an Elastic IP[2]:

  1. In the EC2 Dashboard, click Elastic IPs (under Network & Security)
  2. Click Allocate Elastic IP address
  3. Select your region and click Allocate
  4. Select the new Elastic IP and click Associate
  5. Choose your instance and network interface
  6. Click Associate

Cost consideration: Elastic IPs are free when associated with a running instance, but incur charges ($0.005/hour) when unassociated.

Troubleshooting Common Issues

Can’t Connect via SSH

Problem: “Connection refused” or “Connection timed out”

Solutions:

  • Verify the instance is in Running state
  • Check the security group allows SSH (port 22) from your IP
  • Confirm you’re using the correct key pair
  • Verify the correct username (ec2-user for Amazon Linux, ubuntu for Ubuntu)
  • Check your network firewall isn’t blocking port 22

Verification command:

ssh -vvv -i /path/to/key.pem ec2-user@your-ip

The verbose output helps identify the issue.

Instance Won’t Start

Problem: Instance stuck in “Pending” state

Solutions:

  • Wait a few minutes (instances can take time to start)
  • Check CloudWatch logs for errors
  • Verify your account hasn’t hit instance limits
  • Try terminating and relaunching
  • Contact AWS Support if the issue persists

High CPU/Memory Usage

Problem: Instance running slowly or becoming unresponsive

Solutions:

  • SSH into the instance and check running processes: top or ps aux
  • Review CloudWatch metrics in the EC2 Dashboard
  • Identify and stop resource-intensive processes
  • Consider upgrading to a larger instance type
  • Implement auto-scaling to distribute load

Disk Space Issues

Problem: “Disk full” errors or inability to write files

Solutions:

  • Check disk usage: df -h
  • Find large files: du -sh /*
  • Delete unnecessary files or logs
  • Expand the EBS volume (requires downtime)
  • Mount an additional EBS volume for more space

Losing Data After Restart

Problem: Files disappear after stopping/starting instance

Causes:

  • Data stored in instance store (ephemeral storage) is lost
  • EBS volumes should persist, but check volume attachments

Solutions:

  • Use EBS volumes for persistent data
  • Back up important data to S3 or other durable storage
  • Understand which storage types persist across restarts

Next Steps and Resources

Learning Path

After mastering the basics, explore these topics in order:

  1. VPC and Networking: Create custom VPCs, subnets, and route tables
  2. Load Balancing: Distribute traffic across multiple instances
  3. Auto Scaling: Automatically adjust instance count based on demand
  4. Amazon RDS: Managed relational databases
  5. Amazon S3: Object storage for backups and data
  6. CloudWatch: Monitoring and logging
  7. AWS Lambda: Serverless computing
  8. Docker and ECS: Container orchestration

Official AWS Resources

  • AWS EC2 Documentation: Official comprehensive guide covering all EC2 features
  • AWS EC2 Tutorial - Launch Your First Instance: Official beginner tutorial (10 minutes)
  • AWS Getting Started with EC2: Step-by-step guide for launching and connecting
  • AWS Free Tier: Information on free tier benefits and tracking usage

Video Tutorials

  • AWS EC2 Full Course (Cloud Champ): Comprehensive hands-on course covering EC2 fundamentals to advanced topics, including user data scripts, SSH access, Elastic IPs, instance types, security groups, and IAM roles
  • Quick Guide to Mastering AWS EC2 Instances: Beginner-friendly tutorial covering EC2 basics, instance creation, connection methods, and stopping vs. terminating instances

Written Guides

  • How to Create an EC2 VM in AWS (Step-by-Step Guide for Beginners): Detailed walkthrough of creating an EC2 instance with user data script examples
  • A Beginner’s Guide to AWS EC2 Service: Overview of EC2 concepts and free tier considerations
  • AWS EC2 Tutorial for Beginners (DataCamp): Practical guide including environment setup and basic operations
  • Amazon Web Services Tutorial (GeeksforGeeks): Comprehensive AWS tutorial covering EC2 and related services

Practice Projects

To solidify your learning, try these projects:

  1. Host a Static Website: Launch an instance, install a web server, and host a simple website
  2. Create a Development Environment: Set up Python, Node.js, or your preferred development stack
  3. Build an Auto-Scaling Application: Create multiple instances and configure load balancing
  4. Implement Backup Strategy: Regularly snapshot EBS volumes and backup to S3
  5. Monitor and Alert: Set up CloudWatch alarms for CPU, memory, and disk usage

Community and Support

  • AWS Forums: Ask questions and learn from the community
  • Stack Overflow: Search for solutions to common problems (tag: amazon-ec2)
  • AWS Support Plans: Premium support for production environments
  • AWS Certification: Consider AWS Solutions Architect Associate certification to validate your knowledge

Conclusion

You’ve now completed a comprehensive journey from EC2 beginner to confident user. You understand the fundamental concepts, can launch and manage instances, secure your infrastructure, and optimize costs.

Key Takeaways:

  • EC2 is powerful yet accessible: With just a few clicks, you can launch a virtual machine in the cloud
  • Security matters: Always configure security groups properly and use key pairs for SSH access
  • Cost awareness is essential: Monitor your usage, leverage the free tier, and clean up unused resources
  • Automation saves time: User Data scripts enable consistent, repeatable deployments
  • There’s always more to learn: EC2 integrates with dozens of AWS services offering endless possibilities

The cloud computing landscape is rapidly evolving, and EC2 remains at its core. Whether you’re building a simple blog, a complex microservices architecture, or a data science pipeline, EC2 provides the flexible, scalable foundation you need.

Your next steps: Choose one of the practice projects above, implement it, and document what you learn. Join the AWS community, ask questions, and continue expanding your cloud expertise. The skills you’ve gained in this guide are foundational to becoming a proficient cloud architect and engineer.

Welcome to the cloud. You’re now ready to build amazing things.