Skip to content

Setting up a server on EC2

Set up a server on EC2 when tasks require substantial memory, CPU, or disk space. EC2 provides more flexibility than ECS or Fargate, allowing you to run various task types. Keep in mind that it demands more effort for setup and maintenance.

This document provides guides for various use cases, walking you through the steps to set up a server on EC2 using Terraform as part of your Golden Path setup.


  • You have a working Golden Path (Terraform) deployment. If you don't, follow the Golden Path guide to set one up.
  • You must have the AWS CLI installed and configured with the correct credentials.
  • You must have session-manager-plugin installed and configured. See AWS Session Manager for more information.

EC2 bastion in private subnet with access to RDS

This guide shows how to use Terraform to deploy a server on EC2 that:

Step 1: Download and configure the EC2 template

  1. Locate the stack directory in your IaC repository for the environment you want to work with. For example, if you want to work with the dev environment and you have followed the Golden Path step-by-step guide, the stack directory is dev/infra.

  2. Download the ec2_instance template from golden-path-iac repository

    ok get-template ec2_bastion

Step 2: Edit the template

  1. Open the file in your preferred editor.

  2. Edit the variables inside the locals block. They should be either self explanatory or documented in line.

Step 3: Deploy the template

  1. Run terraform init to initialize the Terraform configuration.

  2. Run terraform plan to see what changes will be made.

  3. Run terraform apply to apply the changes.

Step 4: Verify deployment

Verify that the EC2 instance is running by running the following command, replacing my-bastion-server with the name of the EC2 instance name specified in step #2.

aws ec2 describe-instances --filters "Name=tag:Name,Values=my-bastion-server" | jq -r '.Reservations[].Instances[] | [.State.Name, .InstanceId] | @tsv'

Example output:

running   i-0a1b2c3d4e5fxY7z1

Take note of the InstanceId value (i-xxxxxxxx). You will need it in the next step.

Step 5: Connect to the EC2 instance using SSM

  1. Run the following command, replacing i-xxxxxxxx with the InstanceId value from the previous step.

    aws ssm start-session --target i-xxxxxxxx
  2. You should be presented with a shell prompt on the EC2 instance.

    [ec2-user@ip-10-0-0-1 ~]$

    To exit the shell session, type exit and press Enter.

  3. Install the PostgreSQL client on the EC2 instance.

    sudo yum install postgresql
  4. Verify that the EC2 instance can connect to the RDS database.

    psql -h "_replace_with_rds_hostname_"

    If you are prompted for a password, you have confirmed that EC2 instance can connect to the RDS database.

    Depending on how you have configured the user you want to authenticate with, you may need to specify a username and password or generate a valid token for IAM authentication.