Creating an EC2 Instance with Lambda in AWS

30 minutes
  • 4 Learning Objectives

About this Hands-on Lab

In this AWS hands-on lab, we will write a Lambda function that will create an EC2 instance. This Lambda function will be written in Python using the Boto3 library. We will also create a custom Lambda execution policy for our IAM role. When we’re done, we will be able to log in to the new EC2 instance via SSH.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create an EC2 Key Pair
  1. Open the Amazon EC2 console at

  2. In the navigation pane, under NETWORK & SECURITY, choose Key Pairs.

    The navigation pane is on the left side of the Amazon EC2 console. If you do not see the pane, it might be minimized; choose the arrow to expand the pane.

  3. Choose Create Key Pair.

  4. Enter a name for the new key pair in the Key pair name field of the Create Key Pair dialog box, and then choose Create.

  5. The private key file is automatically downloaded by your browser. The base file name is the name you specified as the name of your key pair, and the file name extension is .pem. Save the private key file in a safe place.

    Important: This is the only chance for you to save the private key file. You’ll need to provide the name of your key pair when you launch an instance and the corresponding private key each time you connect to the instance.

  6. If you will use an SSH client on a Mac or Linux computer to connect to your Linux instance, use the following command to set the permissions of your private key file so that only you can read it.

    chmod 400 my-key-pair.pem

    If you do not set these permissions, you cannot connect to your instance using this key pair.

Create a Lambda Function
  1. Navigate to Lambda.
  2. Click Create a function.
  3. Choose Author from scratch and use the following settings:
    • Name: CreateEC2
    • Runtime: Python 3.7
    • Role: Create a custom role
  4. Expand Choose or create an execution role.
  5. Set Execution role to Create a new role with basic Lambda permissions.
  6. Copy the execution role name that appears.
  7. Click Create function.
  8. Navigate to IAM.
  9. Search for and select your newly created role.
  10. Edit the policy to replace its existing policy with this file on GitHub.
  11. Back in the Lambda console, scroll to the Function code section and paste in the Python source code from this file on GitHub.
  12. Set four environment variables:
    • AMI: The ami- value of an Amazon Linux 2 instance
    • INSTANCE_TYPE: t2.micro
    • KEY_NAME: The name of your EC2 key pair
    • SUBNET_ID: The ID of one of the public subnets in your VPC
  13. Save the Lambda function.
Test Lambda Function
  1. Click Test.
  2. Define an empty test event. Its contents can simply be {}.
  3. Give it any name you like.
  4. Click Create.
  5. Click Test again for a second test.
  6. Observe that an EC2 instance is initializing.
Connect to the Newly Created EC2 Instance via SSH

From the command line, using the .pem file you downloaded earlier, connect via the public IP of the EC2 instance.

For example:

ssh -i mykeypair.pem ec2-user@<IP ADDRESS>

Remember to replace <IP ADDRESS> with the public IP of the EC2 instance you created.

Additional Resources

  1. Log in to the live AWS environment using the credentials provided. Make sure you are in us-east-1.

  2. Begin by creating an EC2 key pair and saving it locally.

  3. Create the Lambda function, using this source code from GitHub.

  4. Apply this execution policy to the Lambda function.

  5. Set the appropriate values for these environment variables in the Lambda function: AMI, INSTANCE_TYPE, KEY_NAME, SUBNET_ID.

  6. Run a test for the Lambda function.

  7. Connect to the new EC2 instance using SSH and the key pair you generated earlier.

Note: When doing changes in Lambda use File, Save all. Instead of the Save button, use DEPLOY. A t3.micro instance can also be used instead of a t2.micro instance. You will find the section to edit the environmental variables now in configuration section of the lambda. This lab has been scheduled for a refresh due to the AWS UI changes.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?