Amazon Elastic File System
User Guide

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Step 1: Create Your EC2 Resources and Launch Your EC2 Instance

Before you can launch and connect to an Amazon EC2 instance, you need to create a key pair, unless you already have one. You can create a key pair using the Amazon EC2 console and then you can launch your EC2 instance.


Using Amazon EFS with Microsoft Windows Amazon EC2 instances is not supported.

To create a key pair

  • Follow the steps in Setting Up with Amazon EC2 in the Amazon EC2 User Guide for Linux Instances to create a key pair. If you already have a key pair, you do not need to create a new one and you can use your existing key pair for this exercise.

To launch the EC2 instance

  1. Open the Amazon EC2 console at

  2. Choose Launch Instance.

  3. In Step 1: Choose an Amazon Machine Image (AMI), find an Amazon Linux AMI at the top of the list and choose Select.

  4. In Step 2: Choose an Instance Type, choose Next: Configure Instance Details.

  5. In Step 3: Configure Instance Details, choose Network, and then choose the entry for your default VPC. It should look something like vpc-xxxxxxx ( (default).

    1. Choose Subnet, and then choose a subnet in any Availability Zone.

    2. Choose Next: Add Storage.

  6. Choose Next: Add Tags.

  7. Name your instance and choose Next: Configure Security Group.

  8. In Step 6: Configure Security Group, review the contents of this page, ensure that Assign a security group is set to Create a new security group, and verify that the inbound rule being created has the following default values.

    • Type: SSH

    • Protocol: TCP

    • Port Range: 22

    • Source: Anywhere

  9. Choose Review and Launch.

  10. Choose Launch.

  11. Select the check box for the key pair that you created, and then choose Launch Instances.

  12. Choose View Instances.

  13. Choose the name of the instance you just created from the list, and then choose Actions.

    1. From the menu that opens, choose Networking and then choose Change Security Groups.

    2. Select the check box next to the security group with the description default VPC security group.

    3. Choose Assign Security Groups.


    In this step, you assign your VPC's default security group to the Amazon EC2 instance. Doing this ensures that the instance is a member of the security group that the Amazon EFS file system mount target authorizes for connection in Step 2: Create Your Amazon EFS File System.

    By using your VPC's default security group, with default inbound and outbound rules, you might open this instance and file system to potential threats from within your VPC. Make sure that you follow Step 5: Clean Up Resources and Protect Your AWS Account at the end of this Getting Started exercise to remove resources exposed to your VPC's default security group for this example. For more information, see Security Groups for Amazon EC2 Instances and Mount Targets.

  14. Choose your instance from the list.

  15. On the Description tab, make sure that you have two entries listed next to security groups—one for the default VPC security group and one for the security group that you created when you launched the instance.

  16. Make a note of the values listed next to VPC ID and Public DNS. You need those values later in this exercise.