To set up a security group for an EC2 instance, navigate to the AWS EC2 Dashboard. In the side panel click `Security Groups`.
In the upper right hand corner, click `Create Security Group`. In the creator screen, name the security group something relevant to the EC2 instance you will create.
<imgsrc="../images/quickstart/aws/aws1.png">
For ease of use, we are going to set this up using the simplest rules.
<imgsrc="../images/quickstart/aws/aws2.png">
Create a new `Inbound Rule` that allows for SSH from your computer’s IP address.
You’ve now created a security group that will be used by your EC2 instance.
## Setting Up Your EC2 instance
On the EC2 dashboard, click `Instances`. This will take you to all the EC2 instances you have created. Click `Launch New Instance`. Name the EC2 instance following the naming convention of your choice.
For the `Create key pair`, we are using ED25519 and `.pem` as we will SSH into the instance later in the tutorial.
<imgsrc="../images/quickstart/aws/aws4.png">
Next, under `Network Settings`, change your Firewall security group to Select existing security group and from the resulting dropdown, select the security group you created in the previous section.
You don’t need to change anything else - click `Launch Instance`.
<imgsrc="../images/quickstart/aws/aws5.png">
It’ll take a few minutes for it to show up in your existing instances, so take a break as it starts up.
## SSHing into the EC2 instance
If you’ve launched a new EC2 instance following the previous steps of this tutorial, find the username for the EC2 instance [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connection-prereqs.html). The version launched in the previous steps was a version of the Amazon Linux so the username is `ubuntu`.
You will also need the IP address of the server. Click on the server in the `Instances` dashboard, and copy the IPv4 address
<imgsrc="../images/quickstart/aws/aws6.png">
Now that we’ve gathered all the information you will need to SSH into your EC2 instance, on a terminal on your local system, navigate to the `.pem` file downloaded when you created the EC2 instance. Run the following command:
```sh
chmod 400 [mykey].pem
```
This adds the required permissions for SSH-ing into an EC2 instance.
Run the following command in terminal, where `mykey` is the security key file, `username` is the username found above for the relevant EC2 operating system image, and the `ip-address` is the IPv4 address for the server:
For this instance, we will run Coder as a system service, however you can run Coder a multitude of different ways. You can learn more about those [here](https://coder.com/docs/coder-oss/latest/install).
In the EC2 instance, run the following command to install Coder
Run `coder template init` to create your first template. You’ll be given a list of possible templates. This tutorial will show you how to set up your Coder instance to create Linux based machines on AWS.
Now, we must install the AWS CLI and authorize the template. Follow [these instructions to install the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) and [add your credentials](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html).
Coder runs as a system service under a system user `coder`. The `coder` user will require access to the AWS credentials to initialize the template and provision workspaces.
Run the following command to create a folder for the AWS credentials to live in:
```sh
sudo mkdir /home/coder/.aws
```
Run the following commands to copy the AWS credentials and give the `coder` user access to them: