Skip to main content
AWS Fundamentals Tutorial
CHAPTER 04 Beginner

AWS EC2 Fundamentals

Updated: May 15, 2026
25 min read

# CHAPTER 4

AWS EC2 Fundamentals

1. Introduction

When people talk about "servers in the cloud," they are almost always talking about Amazon Elastic Compute Cloud, or EC2. EC2 is the foundational service of AWS. It allows you to rent virtual computers, choose their operating system, define their CPU and RAM power, and launch them in minutes. In this chapter, we will dissect the components of an EC2 instance, understand AMIs, and launch your very first Linux web server into the cloud.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Define what an EC2 instance is.
  • Understand the purpose of an Amazon Machine Image (AMI).
  • Differentiate between EC2 Instance Types (Compute vs Memory optimized).
  • Explain the role of Security Groups as virtual firewalls.
  • Launch an EC2 instance via the AWS Management Console.

3. Beginner-Friendly Explanation

Imagine buying a new laptop. You walk into a store. You choose the brand (Apple or Windows). You choose the power (8GB RAM or 64GB RAM). You pay, take it home, plug it in, and connect it to your Wi-Fi.

EC2 (Elastic Compute Cloud) is doing exactly this, but digitally.

  • The Brand (OS): You choose an AMI (Amazon Machine Image) like Linux or Windows.
  • The Power: You choose an Instance Type (e.g., t2.micro for low power, m5.large for high power).
  • The Wi-Fi (Networking): You place it in a VPC and configure a Security Group (Firewall) to decide who on the internet is allowed to connect to it.

You click "Launch," and within 30 seconds, your new computer is running in a data center halfway across the world, ready for your commands.

4. Amazon Machine Images (AMI)

When you launch an EC2 instance, it cannot be a blank hard drive; it needs an Operating System. An AMI is a pre-configured template. AWS provides free AMIs for Amazon Linux, Ubuntu, Red Hat, and Windows Server. You can also create your own custom AMI. If you configure a server perfectly, take a "snapshot" of it (creating a custom AMI), and then use that AMI to launch 10 identical clones instantly.

5. EC2 Instance Types

Not all servers do the same job. AWS categorizes servers by their hardware balance:
  • General Purpose (T and M series): Good balance of CPU, RAM, and network. Great for web servers. (e.g., t2.micro - the Free Tier instance).
  • Compute Optimized (C series): High CPU. Great for video rendering or heavy math.
  • Memory Optimized (R series): High RAM. Great for massive in-memory databases.
  • Storage Optimized (I series): Fast hard drives. Great for big data and data warehousing.

*(Naming tip: t2.micro -> t is the family, 2 is the generation, micro is the size).*

6. Security Groups (The Firewall)

A Security Group is a virtual firewall attached directly to your EC2 instance. It controls traffic going IN (Inbound) and OUT (Outbound). By default, when you launch an EC2 instance, the Security Group denies all inbound traffic. If you install a website on your server, no one can see it until you explicitly add an Inbound Rule allowing HTTP traffic on Port 80.

7. Elastic IPs

When you stop and start an EC2 instance, AWS automatically assigns it a brand new public IP address. If you pointed your domain name (www.myapp.com) to that IP, your website will break every time you reboot the server. An Elastic IP is a static, fixed public IPv4 address that you reserve from AWS. You attach it to your instance, and it never changes, even if you reboot.

8. Mini Project: Launch a Linux EC2 Server

Let's launch your first cloud computer.

Step-by-Step Tutorial:

  1. 1. Go to the AWS Console. Ensure your Region is set correctly (e.g., us-east-1 N. Virginia).
  1. 2. Search for EC2 and click Launch Instance.
  1. 3. Name: Enter MyFirstWebServer.
  1. 4. AMI: Select Amazon Linux 2023 AMI (Ensure it says "Free tier eligible").
  1. 5. Instance Type: Select t2.micro (Free tier eligible).
  1. 6. Key Pair (Login): Click Create new key pair. Name it my-aws-key. Choose RSA and .pem. Click Create. A file will download to your computer. Keep it safe!
  1. 7. Network Settings: Check the boxes for Allow SSH traffic, Allow HTTPS traffic, and Allow HTTP traffic. (This creates your Security Group automatically).
  1. 8. Click Launch Instance in the bottom right.

Congratulations! In about 30 seconds, your virtual server will be online.

9. Best Practices

  • Least Privilege Security Groups: Never open Port 22 (SSH) to the entire internet (0.0.0.0/0). Hackers constantly scan AWS for open SSH ports. Always restrict Port 22 strictly to your personal home IP address.

10. Common Mistakes

  • Losing the Key Pair: In Step 6, you downloaded a .pem file. AWS does not keep a copy of this file. If you lose it, you can *never* log into that EC2 instance again. Treat .pem files like physical keys to your house.

11. Exercises

  1. 1. Match the Instance Type family to the use case: T-Series, C-Series, R-Series. (Web server, Video Encoding, In-Memory Database).
  1. 2. What is the fundamental difference between a standard Public IP address provided by EC2 and an Elastic IP address?

12. MCQs with Answers

Question 1

You are launching a new EC2 instance to host a simple WordPress blog. Which of the following components provides the base operating system (like Ubuntu or Windows) for the virtual server?

Question 2

After launching an EC2 web server, you type its public IP address into your browser, but the page times out and fails to load. The server is definitely running. What is the most likely cause of this issue?

13. Interview Questions

  • Q: Explain the purpose of a Security Group in AWS EC2. Is a Security Group stateful or stateless, and how does it differ from a Network Access Control List (NACL)?
  • Q: Describe a scenario where an architect would intentionally choose a Compute Optimized (C-family) instance over a Memory Optimized (R-family) instance.

14. FAQs

Q: Does AWS charge me if I stop my EC2 instance but leave it in my account? A: You are not charged for the EC2 compute power (the CPU/RAM) while it is stopped. However, the virtual hard drive (EBS volume) attached to it is still taking up space in AWS data centers. You *will* be charged a few pennies for the storage space until you completely Terminate the instance.

15. Summary

In Chapter 4, we explored Amazon EC2, the core compute engine of the cloud. We learned that an EC2 instance is defined by its operating system template (AMI) and its hardware profile (Instance Type). We highlighted the critical security perimeter surrounding the instance, identifying Security Groups as virtual firewalls that explicitly deny traffic until allowed. Finally, we executed our knowledge by successfully launching a Free Tier Linux server into the cloud.

16. Next Chapter Recommendation

Your server is running, but how do you actually get inside it to install software? Proceed to Chapter 5: Connecting to EC2 Servers.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter AWS Identity and Access Management (IAM)
Next Chapter Connecting to EC2 Servers

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 5

Related Quizzes 6

🎥 Related Videos 1