Skip to main content
This article is a concise, step-by-step walkthrough for launching, inspecting, connecting to, and terminating an Amazon EC2 instance. It covers the EC2 launch wizard, choosing an AMI and instance type, creating or selecting a key pair for SSH, configuring networking and security groups, and basic instance lifecycle actions. Access the EC2 console and launch an instance
  • In the AWS Console search bar type “EC2” and open the EC2 service.
  • Verify you’re in the intended AWS Region (this guide uses us-east-1). The UI and steps are the same across regions.
  • Click Launch instance (or go to Instances → Launch instances) to open the EC2 launch wizard.
A screenshot of the AWS EC2 management console (US East - N. Virginia) showing resource summaries, account attributes, service health, availability zones, and a prominent "Launch instance" button. The left sidebar displays EC2 navigation items like Instances, Images, and Elastic Block Store.
The EC2 launch wizard guides you through the required configuration choices. Below is a streamlined explanation of each step, with practical advice. Launch wizard steps at a glance
StepWhat to selectNotes
Name & AMIGive the instance a name and pick an AMIAMIs define the OS and preinstalled software. AMI IDs are region-specific.
Instance typeChoose instance family and sizet2.micro is commonly used for free-tier demos (1 vCPU, 1 GiB RAM).
Key pairCreate or select a key pair for SSHDownload the PEM file once — AWS will not re-provide it.
Network & SecuritySelect VPC/subnet and configure security groupsRestrict SSH access to your IP; avoid 0.0.0.0/0 in production.
Storage & advancedConfigure root volume and optional advanced settings8 GiB is sufficient for a basic Ubuntu instance.
  1. Name and AMI
  • Assign a descriptive Name tag (example: web-server).
  • Choose an AMI (Amazon Machine Image). Common options include Amazon Linux, Ubuntu, and Windows. Marketplace images (Nginx, etc.) are also available.
  • For this demo we select Ubuntu 22.04 (64-bit x86). AMI IDs differ by region, so you may see alternate IDs.
A screenshot of the AWS EC2 "Launch instance" page showing the Name field set to "web-server" and the AMI/OS selection area. The right-hand Summary panel shows an Amazon Linux 2023 AMI, a t2.micro instance type, storage details, and a "Launch instance" button.
  1. Instance type
  • Select the instance type that matches your CPU, memory, and performance needs.
  • For simple demos and free-tier accounts, t2.micro is frequently used (1 vCPU, 1 GiB RAM). Choose larger types for production workloads.
A screenshot of the AWS EC2 launch-instance interface showing an Ubuntu AMI selected, instance type t2.micro, and the Summary panel with storage, security group, and a "Launch instance" button.
  1. Key pair (for SSH)
  • A key pair enables secure SSH access to Linux instances without passwords.
  • Either select an existing key pair or create a new one. If creating, give it a name (e.g., ec2-demo) and download the PEM private key file (.pem).
  • Save the PEM securely — AWS does not retain a copy.
A screenshot of the AWS EC2 console showing a "Create key pair" dialog where a key pair named "ec2-demo" is being created. RSA is selected as the key type and .pem as the private key format, with the "Create key pair" button highlighted.
After downloading the PEM file, secure its file permissions before use (on Linux/macOS: chmod 400 ec2-demo.pem). Store it safely and back it up — you cannot re-download the same PEM from AWS later.
  1. Network settings and security groups
  • Pick a VPC and subnet (fresh accounts typically have a default VPC and subnets).
  • Configure a security group: this is a virtual firewall controlling inbound/outbound traffic.
    • For SSH access, add an inbound rule for TCP port 22 and limit the source to your client IP or range.
    • The wizard may default to 0.0.0.0/0 (anywhere). Restrict this in production to reduce exposure.
A screenshot of the AWS EC2 launch-instance console showing security group rules and storage configuration on the left. On the right is a summary panel with instance details (Ubuntu AMI, t2.micro, 8 GiB) and a "Launch instance" button.
Do not leave SSH (port 22) open to 0.0.0.0/0 in production. Limit inbound SSH access to the specific IP addresses or ranges that require connectivity.
  1. Storage and advanced settings
  • Configure the root EBS volume size (8 GiB is common for a basic Ubuntu instance).
  • Additional advanced options exist (user data, IAM role, monitoring, etc.) but are not required for a basic demo.
Launch and inspect the instance
  • Click Launch and wait for the instance to be created. It first appears in the Instances list with state “pending” and transitions to “running” after boot.
  • The Instances view shows the instance ID, public/private IPv4 addresses, instance type, AMI, VPC and subnet IDs, and more metadata.
A screenshot of the AWS EC2 console showing an Instance summary for a running t2.micro web-server (instance ID, public/private IPs, VPC and subnet IDs, and AMI details). The left sidebar shows the EC2 navigation menu.
Instance details and security group review
  • Click the instance ID to view detailed information: public IPv4 address (if assigned), public DNS, private IP, associated key pair name, and tags.
  • Under Security, inspect the security group(s) attached and their inbound/outbound rules. Security groups are stateful: if inbound is allowed, return traffic is permitted automatically.
A screenshot of the AWS EC2 Security Groups console showing details for security group sg-01c42ae4a41e45f7e named "launch-wizard-5." The inbound rules list shows SSH (TCP port 22) allowed from 0.0.0.0/0.
Networking and monitoring
  • The Networking tab displays IP addresses, network interface(s), and any attached Elastic IPs. EC2 instances can have multiple ENIs when needed.
  • The Monitoring tab provides CPU, network, disk, and status check metrics. Immediately after launch, graphs may be empty until metrics are collected.
A screenshot of the AWS EC2 Management Console showing an EC2 instance's Networking tab. It displays networking details like the public and private IPv4 addresses, subnet ID, VPC ID, and network interface information.
A screenshot of the AWS EC2 web console showing the Monitoring tab for an instance, with multiple empty metric widgets (CPU utilization, network in/out, disk reads/writes, status checks) that show no data. The left sidebar displays EC2 navigation items like Instances, Images, and Elastic Block Store.
Actions and instance lifecycle
  • From the Instances list select the instance and open the Actions menu to:
    • Edit user data, networking, and security group attachments
    • Change the instance state: Stop, Reboot, Start, or Terminate
A screenshot of the AWS EC2 console showing the Instances view with a single running instance named "web-server" (i-0cc486a7972a8a004), type t2.micro, and a public IPv4 address. The Actions menu/Instance settings is open on the right, showing options like Edit user data and networking.
Connect to the instance with SSH Example commands (Linux/macOS): 
# Restrict PEM permissions (required on many systems)
chmod 400 ec2-demo.pem

# SSH to the instance (replace <public-ip> with the instance's public IPv4)
ssh -i ec2-demo.pem ubuntu@<public-ip>
  • On first connect you may be prompted to accept the host key (type “yes”).
  • After successful authentication you will see the remote shell prompt, e.g.:
ubuntu@ip-172-31-90-1:~$ ls -la
Windows options Stop vs Terminate
  • Stop: powers off the instance and preserves the EBS root volume. You can later Start it again.
  • Terminate: deletes the instance and (by default) its associated root volume; data not backed up will be lost.
References This completes the quick demo: launching an EC2 instance, inspecting its configuration, connecting via SSH, and managing its lifecycle.

Watch Video

Practice Lab