Create an EC2 Instance and Install a Web Server - Amazon Aurora

Create an EC2 Instance and Install a Web Server

In this step, you create a web server to connect to the Amazon Aurora DB cluster that you created in Create an Amazon Aurora DB Cluster.

Launch an EC2 Instance

First, you create an Amazon EC2 instance in the public subnet of your VPC.

To launch an EC2 instance

  1. Sign in to the AWS Management Console and open the Amazon EC2 console at

  2. Choose EC2 Dashboard, and then choose Launch instance, as shown following.

                                EC2 Dashboard
  3. Choose the Amazon Linux AMI, as shown following.

                                Choose an Amazon Machine Image

    Don't choose Amazon Linux 2 AMI because it doesn't have the software packages required for this tutorial.

  4. Choose the t2.small instance type, as shown following, and then choose Next: Configure Instance Details.

                                Choose an Instance Type
  5. On the Configure Instance Details page, shown following, set these values and keep the other values as their defaults:

                                Configure Instance Details
  6. Choose Next: Add Storage.

  7. On the Add Storage page, keep the default values and choose Next: Add Tags.

  8. On the Add Tags page, shown following, choose Add Tag, then enter Name for Key and enter tutorial-web-server for Value.

                                Tag Instance
  9. Choose Next: Configure Security Group.

  10. On the Configure Security Group page, shown following, choose Select an existing security group. Then choose an existing security group, such as the tutorial-securitygroup created in Create a VPC Security Group for a Public Web Server. Make sure that the security group that you choose includes inbound rules for Secure Shell (SSH) and HTTP access.

                                Configure Security Group
  11. Choose Review and Launch.

  12. On the Review Instance Launch page, shown following, verify your settings and then choose Launch.

                                Review Instance Launch
  13. On the Select an existing key pair or create a new key pair page, shown following, choose Create a new key pair and set Key pair name to tutorial-key-pair. Choose Download Key Pair, and then save the key pair file on your local machine. You use this key pair file to connect to your EC2 instance.

                                Select an Existing Key Pair or Create a New Key Pair
  14. To launch your EC2 instance, choose Launch Instances. On the Launch Status page, shown following, note the identifier for your new EC2 instance, for example: i-0288d65fd4470b6a9.

                                Launch Status
  15. Choose View Instances to find your instance.

  16. Wait until Instance Status for your instance reads as running before continuing.

Install an Apache Web Server with PHP

Next, you connect to your EC2 instance and install the web server.

To connect to your EC2 instance and install the Apache web server with PHP

  1. Connect to the EC2 instance that you created earlier by following the steps in Connect to Your Linux Instance.

  2. Get the latest bug fixes and security updates by updating the software on your EC2 instance. To do this, use the following command.


    The -y option installs the updates without asking for confirmation. To examine updates before installing, omit this option.

    [ec2-user ~]$ sudo yum update -y
  3. After the updates complete, install the Apache web server with the PHP software package using the yum install command. This command installs multiple software packages and related dependencies at the same time.

    [ec2-user ~]$ sudo yum install -y httpd24 php56 php56-mysqlnd

    If you get the error message No package package-name available, then your instance was not launched with the Amazon Linux AMI. You might be using the Amazon Linux 2 AMI instead. You can view your version of Amazon Linux with the following command.

    cat /etc/system-release

    For more information, see Updating Instance Software.

  4. Start the web server with the command shown following.

    [ec2-user ~]$ sudo service httpd start

    You can test that your web server is properly installed and started. To do this, enter the public Domain Name System (DNS) name of your EC2 instance in the address bar of a web browser, for example: If your web server is running, then you see the Apache test page.

    If you don't see the Apache test page, check your inbound rules for the VPC security group that you created in Tutorial: Create an Amazon VPC for Use with a DB Instance. Make sure that your inbound rules include a rule allowing HTTP (port 80) access for the IP address you use to connect to the web server.


    The Apache test page appears only when there is no content in the document root directory, /var/www/html. After you add content to the document root directory, your content appears at the public DNS address of your EC2 instance instead of the Apache test page.

  5. Configure the web server to start with each system boot using the chkconfig command.

    [ec2-user ~]$ sudo chkconfig httpd on

To allow ec2-user to manage files in the default root directory for your Apache web server, modify the ownership and permissions of the /var/www directory. In this tutorial, you add a group named www to your EC2 instance. Then you give that group ownership of the /var/www directory and add write permissions for the group. Any members of that group can then add, delete, and modify files for the web server.

To set file permissions for the Apache web server

  1. Add the www group to your EC2 instance with the following command.

    [ec2-user ~]$ sudo groupadd www
  2. Add the ec2-user user to the www group.

    [ec2-user ~]$ sudo usermod -a -G www ec2-user
  3. Log out to refresh your permissions and include the new www group.

    [ec2-user ~]$ exit
  4. Log back in again and verify that the www group exists with the groups command.

    [ec2-user ~]$ groups ec2-user wheel www
  5. Change the group ownership of the /var/www directory and its contents to the www group.

    [ec2-user ~]$ sudo chgrp -R www /var/www
  6. Change the directory permissions of /var/www and its subdirectories to add group write permissions and set the group ID on subdirectories created in the future.

    [ec2-user ~]$ sudo chmod 2775 /var/www [ec2-user ~]$ find /var/www -type d -exec sudo chmod 2775 {} +
  7. Recursively change the permissions for files in the /var/www directory and its subdirectories to add group write permissions.

    [ec2-user ~]$ find /var/www -type f -exec sudo chmod 0664 {} +

Connect Your Apache Web Server to Your DB Instance

Next, you add content to your Apache web server that connects to your Amazon Aurora DB cluster.

To add content to the Apache web server that connects to your DB cluster

  1. While still connected to your EC2 instance, change the directory to /var/www and create a new subdirectory named inc.

    [ec2-user ~]$ cd /var/www [ec2-user ~]$ mkdir inc [ec2-user ~]$ cd inc
  2. Create a new file in the inc directory named, and then edit the file by calling nano (or the editor of your choice).

    [ec2-user ~]$ > [ec2-user ~]$ nano
  3. Add the following contents to the file. Here, db_instance_endpoint is DB cluster writer endpoint, without the port, and master password is the master password for your DB cluster.


    We recommend placing the user name and password information in a folder that isn't part of the document root for your web server. Doing this reduces the possibility of your security information being exposed.

    <?php define('DB_SERVER', 'db_cluster_writer_endpoint'); define('DB_USERNAME', 'tutorial_user'); define('DB_PASSWORD', 'master password'); define('DB_DATABASE', 'sample'); ?>
  4. Save and close the file.

  5. Change the directory to /var/www/html.

    [ec2-user ~]$ cd /var/www/html
  6. Create a new file in the html directory named SamplePage.php, and then edit the file by calling nano (or the editor of your choice).

    [ec2-user ~]$ >SamplePage.php [ec2-user ~]$ nano SamplePage.php
  7. Add the following contents to the SamplePage.php file:


    We recommend placing the user name and password information in a folder that isn't part of the document root for your web server. Doing this reduces the possibility of your security information being exposed.

    <?php include "../inc/"; ?> <html> <body> <h1>Sample page</h1> <?php /* Connect to MySQL and select the database. */ $connection = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD); if (mysqli_connect_errno()) echo "Failed to connect to MySQL: " . mysqli_connect_error(); $database = mysqli_select_db($connection, DB_DATABASE); /* Ensure that the EMPLOYEES table exists. */ VerifyEmployeesTable($connection, DB_DATABASE); /* If input fields are populated, add a row to the EMPLOYEES table. */ $employee_name = htmlentities($_POST['NAME']); $employee_address = htmlentities($_POST['ADDRESS']); if (strlen($employee_name) || strlen($employee_address)) { AddEmployee($connection, $employee_name, $employee_address); } ?> <!-- Input form --> <form action="<?PHP echo $_SERVER['SCRIPT_NAME'] ?>" method="POST"> <table border="0"> <tr> <td>NAME</td> <td>ADDRESS</td> </tr> <tr> <td> <input type="text" name="NAME" maxlength="45" size="30" /> </td> <td> <input type="text" name="ADDRESS" maxlength="90" size="60" /> </td> <td> <input type="submit" value="Add Data" /> </td> </tr> </table> </form> <!-- Display table data. --> <table border="1" cellpadding="2" cellspacing="2"> <tr> <td>ID</td> <td>NAME</td> <td>ADDRESS</td> </tr> <?php $result = mysqli_query($connection, "SELECT * FROM EMPLOYEES"); while($query_data = mysqli_fetch_row($result)) { echo "<tr>"; echo "<td>",$query_data[0], "</td>", "<td>",$query_data[1], "</td>", "<td>",$query_data[2], "</td>"; echo "</tr>"; } ?> </table> <!-- Clean up. --> <?php mysqli_free_result($result); mysqli_close($connection); ?> </body> </html> <?php /* Add an employee to the table. */ function AddEmployee($connection, $name, $address) { $n = mysqli_real_escape_string($connection, $name); $a = mysqli_real_escape_string($connection, $address); $query = "INSERT INTO EMPLOYEES (NAME, ADDRESS) VALUES ('$n', '$a');"; if(!mysqli_query($connection, $query)) echo("<p>Error adding employee data.</p>"); } /* Check whether the table exists and, if not, create it. */ function VerifyEmployeesTable($connection, $dbName) { if(!TableExists("EMPLOYEES", $connection, $dbName)) { $query = "CREATE TABLE EMPLOYEES ( ID int(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY, NAME VARCHAR(45), ADDRESS VARCHAR(90) )"; if(!mysqli_query($connection, $query)) echo("<p>Error creating table.</p>"); } } /* Check for the existence of a table. */ function TableExists($tableName, $connection, $dbName) { $t = mysqli_real_escape_string($connection, $tableName); $d = mysqli_real_escape_string($connection, $dbName); $checktable = mysqli_query($connection, "SELECT TABLE_NAME FROM information_schema.TABLES WHERE TABLE_NAME = '$t' AND TABLE_SCHEMA = '$d'"); if(mysqli_num_rows($checktable) > 0) return true; return false; } ?>
  8. Save and close the SamplePage.php file.

  9. Verify that your web server successfully connects to your DB cluster by opening a web browser and browsing to http://EC2 instance endpoint/SamplePage.php, for example:

You can use SamplePage.php to add data to your DB cluster. The data that you add is then displayed on the page. To verify that the data was inserted into the table, you can install MySQL on the Amazon EC2 instance, connect to the DB instance, and query the table.

To make sure that your DB cluster is as secure as possible, verify that sources outside of the VPC can't connect to your DB cluster.