Creación de Instancia EC2

To get started with EC2, we need to create a security group for our instance, or in simpler terms, we need to configure the security to be used on our server. To do this, we need to go to the EC2 service itself and select
Network & Security -> Security Groups
on the left panel:

Next, press the Create Security Group button, and you'll enter a menu where you start filling everything in step by step:

Security group name - this is the name of the group by which you'll be able to find it and which will be displayed when selected; Description - this is the description of the group. Here you can specify what roles this security group will provide for and what it is created for; VPC - this is a service that allows AWS users to launch AWS resources into a virtual network that they define. We're not particularly interested in this right now, so we'll leave the default VPC for our educational instance.

Next, let's move on to creating inbound rules:

Let's go through what we do step by step:

1. We need 3 inbound rules: SSH, HTTP, HTTPS;
2. To create the first one, select the SSH type, and in the Source field, we need to set the connection via Anywhere IPv6;
3. The other necessary parameters will be filled in automatically;
4. We need to do the same for HTTP and HTTPS.

After we have created the Inbound Rules, we can create the Security Group and get the following result:

Great! Now we can proceed to launch an instance that will use the security group we just created.

First, go to the main page and click on the Launch Instance button:

You will see a large menu with configurations. Let's go through it step by step.

We will be working with Amazon Linux, as it is one of the configurations available in the free tier, which we want to stick to, so we selected it, and EC2 notified us that such a configuration was available in the free tier:

Next, we need to select the instance type. Here, we are given a lot of different options, but the choice of free tier is limited as well. Therefore, we will go with t3.micro, which is a fairly weak server, but it should be enough to demonstrate EC2 capabilities:

Now, let's talk about the key pair for your instance.

Key pair in AWS EC2 is a set of keys for secure connection to your virtual servers, or EC2 instances. This pair consists of a public key and a private key.

The public key is uploaded to AWS and automatically embedded into EC2 instances upon their creation. This key is used to encrypt data that can only be decrypted with the corresponding private key.

The private key is downloaded to your local computer when the key pair is created and is not stored in AWS. You use it to connect to instances via SSH (Linux/Unix) or RDP (Windows). The private key serves as proof of your identity and provides secure access to instances, as only the owner of the private key can decrypt data encrypted with the public key.

Using key pairs is a recommended method for authentication and securing connections to EC2 instances, replacing traditional passwords that can be easily guessed or stolen. Essentially, it is a key component of the EC2 security system, ensuring confidentiality and integrity of access to cloud resources.

As you can see, we are creating such a key pair with the RPA type, but overall it doesn't matter much, as in any case, the private key will be stored locally, and the public key will be stored on EC2. This way, our instance will be maximally secure.

Como puedes ver, estamos creando tal par de claves con el tipo RPA, pero en general no importa mucho, ya que en cualquier caso, la clave privada se almacenará localmente, y la clave pública se almacenará en EC2. De esta manera, nuestra instancia estará maximamente segura.

Ahora necesitamos configurar la red para nuestra instancia. Esta es exactamente la razón por la que creamos el grupo de seguridad. Por el momento, no necesitamos cambiar nada excepto los grupos de seguridad, ya que todo lo demás debería permanecer por defecto por ahora, pero vamos a entender qué significa cada parámetro:

1. VPC (Nube Privada Virtual): Especifica la red privada virtual dentro de la cual operará tu instancia. VPC proporciona un espacio aislado en la nube donde puedes lanzar y gestionar recursos de AWS. "vpc-086ae5f6544261c92" es el identificador de tu VPC;

2. Subred: Una subred es una porción segmentada de la VPC que define un rango de direcciones IP dentro de tu VPC. Puedes elegir una subred específica o dejar "Sin preferencia" para la selección automática;

3. Asignación automática de IP pública: Si está habilitada, a tu instancia de EC2 se le asigna automáticamente una dirección IP pública, permitiéndole comunicarse con internet. Si está deshabilitada, la instancia solo tendrá una dirección IP privada y no podrá interactuar directamente con internet;

4. Cortafuegos (grupos de seguridad): Los grupos de seguridad actúan como un cortafuegos virtual, controlando el tráfico entrante y saliente hacia tu instancia. Puedes crear un nuevo grupo de seguridad con reglas específicas o elegir uno existente:

   • Crear grupo de seguridad: Elige esto si deseas configurar un nuevo grupo de seguridad;
   • Seleccionar grupo de seguridad existente: Elige esto para usar un grupo de seguridad ya creado. En el ejemplo, el "GuideSecurityGroup" ya está seleccionado.

At the moment, we don't need to delve into storage operations, as we'll handle that in the next section.

Por el momento, no necesitamos profundizar en las operaciones de almacenamiento, ya que lo manejaremos en la siguiente sección.