How to Create an Amazon Lightsail VPS with the AWS CLI
This tutorial will show you how to use the AWS Command Line Interface (CLI) to create an Amazon Lightsail Virtual Private Server (VPS). You will learn how to deploy a Ubuntu 20.04 VPS. How to configure firewall rules and how to connect to the VPS with SSH.
Before we begin
You will need to install and configure the latest version of the AWS CLI on your local machine. Read this tutorial to learn how to install and configure it on macOS or visit the official documentation for other systems.
The steps in this tutorial are tested with AWS CLI Version 2.2.43.
Step 1: Create Lightsail VPS
You can create one or more instances with the create-instances command. The following example demonstrates how to create a Ubuntu 20.04 instance inside availability Zone A of the US Virginia region.
And you should see the instance now exists in the Amazon Lightsail UI.
The options we specified in the command above are the minimum required. There are more options you can specify to make further customizations. An example is the --ip-address-type ipv4 option, which disables IPv6. More details can be found in the create-instances documentation.
The region and zone of the instance are assigned with the --availability-zone option. For example, assigning us-east-1a puts the instance in US Virginia. You can get a list of availability zones by running the get-regions command.
If you want to create a VPS using an operating system that is different to the Ubuntu 20.04 instance we created above. You can change it wit the --blueprint-id option. There are multiple blueprints to choose from which you can find by running the get-blueprints command.
The --bundle-id option lets you choose what size VPS instance to create. The value we specified above nano_2_0 creates the smallest and cheapest available instance. You can get a list of bundles by running get-bundles command.
Step 2: Configure Firewall Rules
We have created the VPS, but it needs the firewall configured so that ports are open or closed depending on what apps we plan to run.
By default, SSH and HTTP are enabled and are accessible from any IP address. It’s more secure to restrict SSH to only your office IP address. Let’s do that now and allow HTTP and HTTPS from any address.
The first thing we need to do is create a file called ports.json and add the following contents to it.
This JSON file has three rules. The first rule is to allow SSH connections to the VPS from the IP address 184.108.40.206 (Change this to your address). The other two rules allow any IP address to make HTTP and HTTPS connections to the VPS.
Run the following command to apply the rules in ports.json to the VPS instance.
Each region has a default SSH Key Pair. The default key pair gets assigned to instances created in that region without a specified key. Run the following command to download the key for the us-east-1 to your ~/.ssh folder.
You have connected to the VPS, and you can configure the instance to run whatever applications you want. If the SSH connection did not connect, check you specified the correct IP address during the firewall configuration step.
How to Delete the Instance
If you are finished with the instance, you can delete it by running the following command.