Connecting to EC2 Instances

Get working knowledge of different EC2 connection options.

We'll cover the following

Secure shell for Linux instances
- Setup and connection steps
Remote desktop for Windows instances
- Setup and connection steps
AWS Systems Manager Session Manager (Instance Connect)
- Setup and connection steps
Best practices for secured connection

Connecting to Amazon EC2 instances is crucial to managing and working with virtual servers in the AWS cloud. In this lesson, we will learn about different methods for connecting EC2 instances. Different methods for connecting to EC2 instances are available, including SSH (Secure Shell) for Linux instances, Remote Desktop for Windows instances, and AWS Systems Manager Session Manager’s Instance Connect feature. Let us take a deeper look into each of these methods:

Secure shell for Linux instances

Secure shell (SSH) is a cryptographic Cryptography is a technique, that is used to protect information so that only intended person can read it. network protocol used for secure communication. It is commonly used to provide a secure and encrypted connection between a client and a server, allowing users to access and manage remote systems securely. SSH is widely used in various applications, including remote command-line access, file transfer, and tunneling.

Press + to interact

Setup and connection steps

SSH requires a key pair to create a connection with the EC2 instance. A key pair consists of a public and a private key, a set of credentials to prove identity when connecting to an EC2 instance. We can divide the SSH connection into three major parts as follows.

Key pair creation: When launching an EC2 instance, we can specify a key pair during the instance creation process. This key pair consists of a public key added to the EC2 instance and a private key securely downloaded to the local machine.
Permission setting for private key: Ensure that the downloaded private key file has the correct permissions to be executed. For example, use chmod 400 to restrict access to the owner only.
Connect using SSH:
- Open a terminal on your local machine.
- Use the ssh command to connect to the EC2 instance using the private key:

Replace /path/to/private-key.pem with the path to your private key file, ec2-user with the appropriate user for the Linux distribution, and instance-ip-address with the public IP or DNS of your EC2 instance.

Remote desktop for Windows instances

Remote Desktop Protocol (RDP), a network protocol offered by Microsoft, provides a graphical interface to connect to a Windows-based computer over a secure network connection. RDP allows users to interact with a remote desktop as if they were sitting in front of it, accessing its desktop environment, applications, and resources. It facilitates secure communication between remotely connected machines over an encrypted channel.

Press + to interact

RDP is normally used in a client-server architecture; it operates on TCP and uses port 3389 by default. RDP offers secure remote access to Windows-based EC2 Instances.

Setup and connection steps

Download and install remote desktop client: Download and install a Remote Desktop Client on your local machine, for example, Microsoft Remote Desktop for Windows and macOS.
Administrator password retrieval: When launching a Windows EC2 instance, retrieve the administrator password by decrypting the Windows Administrator password from the EC2 Console using the key pair specified during instance creation. Upload the private key file or paste the contents of the private key and decrypt the password.
Connect using a remote desktop: Open the Remote Desktop Client. Enter the public IP or DNS of your Windows EC2 instance and provide the administrator username and password retrieved earlier.

AWS Systems Manager Session Manager (Instance Connect)

AWS Session Manager allows to securely connect to the EC2 instances without managing SSH keys or opening inbound ports. It creates a temporary, secure session directly from the AWS console or CLI. It simplifies administration and improves security by eliminating the need for complex bastion hosts.

Setup and connection steps

IAM Role configuration: Ensure that your EC2 instance has an AWS Identity and Access Management (IAM) role with the necessary permissions for Systems Manager.
Session Manager installation: AWS Systems Manager Agent (SSM Agent) must be installed and running on the EC2 instance. Most Amazon Machine Images (AMIs) come with SSM Agent pre-installed.
Systems Manager Console connection: In the AWS Management Console, navigate to Systems Manager, go to “Session Manager,” and select “Start Session” for the desired EC2 instance.
Browser-based SSH or Remote Desktop access: Use the browser-based AWS Management Console to securely access your EC2 instance without the need for external SSH keys or Remote Desktop client software.

Best practices for secured connection

Security groups: Ensure that the security group associated with your EC2 instances only allows incoming traffic on the relevant ports, 22 for SSH and TCP 3389 for Remote Desktop.
Key pair management: Keep your private key files secure and rotate them periodically for enhanced security.

Understanding these connection methods is important for managing EC2 instances securely and efficiently. It is important to identify the specific requirements of each use case and choose the most suitable method based on the operating system and preferred workflow. Always follow AWS best practices for security and access management.

Get hands-on with 1300+ tech skills courses.

Introduction

AWS Fundamentals

Understanding Cloud Computing Essentials— From Zero to Hero

Identity and Access Management

Securing AWS Resources: Managing Access with IAM

AWS IAM Permission Boundaries

Using AWS IAM Access Analyzer

Compute Services

Understanding AWS Compute Services — From Zero to Hero

Amazon EC2: Elastic Compute Cloud

Working with Instances: An Amazon EC2 Walkthrough

Managing Instance Volumes Using EBS

Networking

Understanding Networking Services in AWS—From Zero to Hero

Controlling VPC Traffic Using Network ACLs

Managing Peer Connections between Amazon Virtual Private Clouds

Accessing AWS Services over AWS PrivateLink Using VPC Endpoints

Monitoring IP Traffic Using VPC Flow Logs

Route 53

Serverless Computing

Getting to Know AWS Lambda

Building and Deploying Serverless Applications with AWS SAM

Developing RESTful Microservices with API Gateway and DynamoDB

Building a WebSocket-Based Chat Application Using API Gateway

Mastering AWS AppSync Lambda Resolvers

Application Integration

Getting Started with Amazon Simple Queue Service (SQS)

Handling Amazon SNS Notifications with AWS Lambda

Build a Fanout Serverless Architecture using SNS, SQS, and Lambda

Decoupling Serverless Applications with Amazon EventBridge

Getting Started with AWS Step Functions

Containers

Getting Started with Amazon ECS

Create an EKS Cluster and Deploy an Application

High Availability and Scalability

Managing Application Traffic Using Elastic Load Balancers

Understanding Auto Scaling Group (ASG) in AWS

Mastering Amazon EC2 Dynamic Scaling Policies

Storage

Understanding AWS Storage Options—From Zero to Hero

Simple Storage Service (S3)

Working with AWS S3 Cross-Region Replication

Resizing Images with S3 Batch Operations and AWS Lambda

Managing Data Access with Amazon S3 Access Points

File Storage and Transfer

Getting Started with Amazon FSx for Windows File Server

Databases

Working with Relational Databases: A Beginner's Guide to AWS RDS

Getting Started with Amazon Aurora Database Engine

Working with NoSQL Databases: A Beginner's Guide to AWS DynamoDB

Exploring Graphs with Amazon Neptune

Getting Started with Amazon Keyspaces

Achieving Ultra-Fast Performance Using Amazon MemoryDB for Redis

Improving Database Performance with Amazon ElastiCache for Redis

Migration and Transfer

Use of AWS Database Migration Service from Aurora MySQL to S3

Security and Compliance

Getting Started with AWS Key Management Service (KMS)

Encrypting S3 Buckets and EBS Volumes Using KMS

Protecting Web Applications Using AWS WAF

Managing Aurora DB Credentials and API Keys Using Secrets Manager

Finding Vulnerabilities on EC2 Instances Using AWS Inspector

Deployment Services

Mastering AWS Deployment Services—From Zero to Hero

CloudFormation

Getting to Know AWS CloudFormation

AWS CloudFormation Updates: Change Sets and Stack Policies

Mastering AWS CloudFormation Helper Scripts

Machine Learning

Understanding Machine Learning Services on AWS—From Zero to Hero

Deploying a Machine Learning Model with Amazon SageMaker

Getting Started with Amazon Fraud Detector

Build an Educative Chatbot with Conversational AI Using AWS Lex

Content Delivery and Optimization

Analytics

Analyzing S3 Data and CloudTrail Logs Using Amazon Athena

Getting Started with Amazon EMR

Getting Started with Amazon Redshift

Building ETL Pipelines on AWS

Create a Data Lake with Lake Formation and Analyze It with Athena