If you want your EC2 instance to answer the outside world and not hide under a pile of private IPs, you need a public subnet, an Internet Gateway and sensible security group rules. This guide walks through the practical steps to get SSH and HTTP working without accidentally turning your server into a public squirrel feeder.
Create a VPC with a CIDR block that fits your needs, for example 10.0.0.0/16. Inside that VPC add a subnet that will be your public subnet. Pick a subnet CIDR like 10.0.1.0/24. Either enable auto assign public IPv4 on that subnet or plan to assign a public IP when you launch the instance.
Attach an Internet Gateway to the VPC. Then edit the route table associated with the public subnet and add a route for 0.0.0.0/0 sending traffic to the Internet Gateway. That single route is what lets packets leave and return, which is necessary for SSH and HTTP to work.
Pick an AMI and instance type that fits your workload. Make sure the instance is launched into the public subnet and that it receives a public IP. If the subnet does not auto assign a public IP, check the Assign Public IP option at launch. Choose a key pair for SSH access and attach an appropriate IAM role for any AWS API calls the instance will make.
Create or edit a security group and add inbound TCP rules for the ports you need. For example add rules that allow TCP port 22
for SSH and TCP port 80
for HTTP. Avoid using 0.0.0.0/0 in production unless you enjoy surprise log entries and angry incident tickets. Instead restrict SSH to your office IP or VPN range and restrict HTTP if you have a limited client base.
SSH to the instance using the public IP and your key pair. Open the HTTP endpoint in a browser to verify the web server is reachable. If something fails check these items in this order
Use key pairs for SSH. Use IAM roles for permissions and avoid embedding secrets on the instance. Lock down SSH to known IP ranges and consider using a bastion host or Session Manager if you want fewer open doors. For public web servers use a load balancer and WAF when traffic or attackers become a thing.
This covers the essentials for deploying an AWS EC2 instance into a public subnet with Internet Gateway routing and security group TCP rules for SSH and HTTP. Follow those steps and your instance will be reachable, supported, and less likely to be the site of some poor bot's late night party.
I know how you can get Azure Certified, Google Cloud Certified and AWS Certified. It's a cool certification exam simulator site called certificationexams.pro. Check it out, and tell them Cameron sent ya!
This is a dedicated watch page for a single video.