Create AWS EC2 instance using CLI

In the previous tutorial we saw how to create AWS EC2 instance using the console. In this tutorial, we will learn how to create AWS EC2 instance using the CLI (Command Line Interface).

create AWS EC2 instance using CLI

What is Amazon CLI

Amazon CLI stands for Amazon Client Line Interface. It is a command line tool to perform most of the functions that you can perform on the Amazon Console. The advantage of the tool is that it allows you to write scripts to perform most of the tasks and also gives a chance to automate repeated tasks. Before we start using the amazon CLI we need to get the access Key ID and the secret key.

Steps to get the Amazon AWS access key ID and secret key

Here’s a short video on how to get the AWS access key ID and secret key

  1. Go to the IAM Console and click on Users.
  2. Click on the User that you want to create the access key for. Click on the actual row and not the check box.
  3. On the next screen, click on “Create Access Key”. If you have created keys before you should be able to see them (but can’t download them again)
  4. You will see a popup that allows you to download the access ID and key. The keys can be downloaded only once so make sure you save it in a safe place. You can, however, create another key later on.
  5. The downloaded CSV has both the access id and key.

Install Amazon CLI (Command Line Interface) on unix

Now that you have the access ID and key, the next step is to install the Amazon CLI (Command Line Interface). In this tutorial, we will show you how to install it on a unix machine.

The installation is quite straightforward. Follow these three steps to install it:

  1. curl “” -o “”
  2. unzip
  3. ./awscli-bundle/install -b ~/bin/aws

Configure Amazon CLI (Command Line Interface)

Once you install the CLI, the next step is to configure it. Configuration involves setting up the access ID and key and the default region so that you can then start using the CLI for creating the EC2 instance (amongst other things)

Here are the steps

  1. Type in “aws configure” on the command line.
  2. Enter the Access ID, key and the default region.
  3. That configures the CLI. This creates a directory called .aws in home. This directory has the credentials and the config file.
  4. To test the configuration we will create a security group and then delete it from the AWS console. To create the security group type in
    aws ec2 create-security-group --group-name my-sg --description "My security group"

    This will create a new security group. Logon to AWS console to double check if you can see the security group (under EC2). You can then delete the group.

create AWS EC2 instance using CLI

We now finally look at how to create the EC2 instance using CLI. The CLI command for creating instance is called run-instances. When you create an instance from the console, you go through seven steps of configuration. All of that can be done using specific parameters on the CLI. While creating the instance we want to be able to select the AMI (machine image); select the instance type (hardware); set the VPC, IAM role, and other configuration parameters; configure additional block storage; add tags; add security groups and then launch one or multiple instances. Let’s see what parameters we need to set to configure each of the above:
[table id=2 /]
The table above specifies only some of the options. Look at this link to look at all the options.

Create an AWS security group using command line.

Before we create the EC2 instance, lets create the security group from the command line.
The first command creates the security group. Once that is done the next command adds a rule that opens up port 22 for SSH for all users. In real world scenario you would use a fixed IP or fixed range of IPs. The last command shows the security group created.

aws ec2 create-security-group --group-name EC2SecurityGroup --description "Security Group for EC2 instances to allow port 22"
aws ec2 authorize-security-group-ingress --group-name EC2SecurityGroup --protocol tcp --port 22 --cidr
aws ec2 describe-security-groups --group-names EC2SecurityGroup

Create AWS Security Group Using CLI

Command to Create AWS EC2 instance using CLI

Finally, here is the command to create the EC2 instance using the CLI.

aws ec2 run-instances   --image-id ami-5ec1673e --key-name MyKey --security-groups EC2SecurityGroup --instance-type t2.micro --placement AvailabilityZone=us-west-2b --block-device-mappings DeviceName=/dev/sdh,Ebs={VolumeSize=100} --count 2

This creates two instances and here’s how the two instances look.
create AWS EC2 instance using CLI

This completes our tutorial on creating the EC2 instances using the CLI. The run-instances method has many options that cover most of the situations. Look at this amazon doc link for reference.

Leave a Comment