Chapter 2. EC2 Recipes

Launching an Instance


One of the first things most people want to do after they get signed up with AWS is to launch an instance.


Create the necessary prerequisite resources and then use the run_instances method to create an instance.


If you are launching an instance, most likely you will want to log in to that instance once it is up and running. In the interest of security, AWS uses passwordless SSH for instance access. This requires the use of a public/private keypair that is used to control access to your instance. The public key is installed on the newly launched instance by EC2 and registered as an authorized key with the SSH software on the instance. Then, when you log into the instance, you provide the private key and the SSH software is able to cryptographically compare the public and private keys and determine if the login attempt should be allowed or not. So, prior to running our first instance, we need to create an SSH keypair.

In addition to the keypair, we also need to create a security group. Security groups are a distributed firewall used to control access to your instances. By default, all ports on your instance will be disabled so no access would be possible. If we want to access the instance via SSH, we need to create a security group that contains a specific rule that will enable access to the instance on the specific port we want to use for SSH (default is 22).

Example 2-1 shows a convenience function that does all of ...

Get Python and AWS Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.