Getting Started with AWS EC2 Key Pairs

Onyi Dominic — Wed, 18 Feb 2026 22:02:38 +0000

Introduction
Hey there, cloud enthusiasts! If you're just starting your AWS journey like I am, you've probably heard the term "key pairs" thrown around and wondered what all the fuss is about. Well, I'm excited to share my first hands-on lab experience with you! In this article, I'll walk you through creating and configuring EC2 key pairs—the security credentials that let you securely connect to your virtual servers in the cloud.

By the end of this guide, you'll understand what key pairs are, why they matter, and how to set them up so you can SSH into your EC2 instances like a pro. Let's dive in!

What Are EC2 Key Pairs, Anyway?
Before we get our hands dirty, let's demystify key pairs. Think of a key pair like a digital lock-and-key system for your house:

Public Key: This is like the lock on your front door. AWS stores this on your EC2 instance.
Private Key: This is like your house key. You keep this safe on your computer and use it to prove you're authorized to access the instance.

Together, they form a cryptographic pair that ensures only you can access your EC2 instances. Pretty cool, right?

Step 1: Navigate to the EC2 Dashboard and Access Key Pairs

First things first, I logged into my AWS console and headed to the EC2 dashboard. Once there, I looked for the Key Pairs option in the left sidebar under the "Network & Security" section.

The dashboard shows all your EC2 resources at a glance. You can see instances, security groups, and other components. Finding the Key Pairs section is straightforward. It's right there in the sidebar.

Step 2: Create Your First Key Pair
I clicked on "Create key pair" and was presented with a simple form. Here's what I configured:

Name: I named mine funkeypair
Key Pair Type: I selected RSA (the standard encryption type)
Private Key File Format: I chose .pem format, which is perfect for OpenSSH

The .pem format is widely compatible and works great with most SSH clients. AWS automatically downloads the private key file once you click "Create key pair". This is the only time you'll see this file, so keep it safe.

Step 3: Download and Secure Your Private Key
After clicking "Create key pair," my browser automatically downloaded the .pem file to my Downloads folder. This file is critical—it's your only way to access your EC2 instances. I made sure to:

Store it in a secure location
Never share it with anyone
Back it up (but keep it private!)

Step 4: Download PuTTY for Windows SSH Access
Since I'm on Windows, I needed a tool to SSH into my EC2 instance. I downloaded PuTTY from putty.org, which included:

putty.exe: The SSH client
puttygen.exe: The key generator utility

PuTTY is a free, lightweight SSH client that's perfect for Windows users. It's been around for years and is trusted by professionals worldwide.

A success message appeared: _"Successfully imported foreign key (OpenSSH SSH-2 private key (old PEM format)). To use this key with PuTTY, you need to use the 'Save private key' command to save it in PuTTY's own format."

Step 6: Save Your Key in PuTTY Format
After loading the key, I clicked "Save private key" to convert it to PuTTY's native .ppk format. This new file is what I'll use when connecting to my EC2 instances through PuTTY.

The generator displayed all the key information, including:

The public key (for reference)
Key fingerprint (a unique identifier)
Key comment (useful for organization)

Key Learnings from This Lab
1. Security is Paramount
Key pairs are your first line of defense. Losing your private key means losing access to your instances, so treat it like your house keys.

2. Format Matters
Different tools use different key formats. AWS uses .pem, but PuTTY prefers .ppk. Understanding these conversions is essential for Windows users.

3. One-Way Download
AWS only shows you the private key once during creation. If you lose it, you'll need to create a new key pair and relaunch your instances. Always download and back it up immediately.

4. Asymmetric Encryption is Powerful
The public/private key system is elegant. AWS can verify your identity without ever seeing your private key.

Challenges I Faced (And How I Overcame Them)
Challenge 1: Finding the Right File Format
Initially, I wasn't sure why I needed to convert the .pem file. I learned that different SSH clients expect different formats.

Challenge 2: File Browser Filtering
When loading the key in PuTTY, the file browser initially showed no files because it was filtering for .ppk files only. Changing the filter to "All Files" solved this instantly.

Challenge 3: Understanding the Terminology
Terms like "key pair," "public key," and "private key" seemed confusing at first. Thinking of them as a lock-and-key system made everything click.

What's Next?
Now that I have my key pair set up, I'm ready to:

Launch an EC2 instance and associate it with this key pair 2.Connect via SSH using PuTTY and my converted .ppk key
Explore security groups to control inbound/outbound traffic
Practice best practices like rotating keys and managing multiple key pairs

Conclusion
Creating and configuring EC2 key pairs might seem like a small step, but it's foundational to working with AWS. This lab taught me that cloud security starts with understanding the basics and key pairs are definitely a basic you need to master.

The AWS Cloud Practitioner exam emphasizes security, and this hands-on experience has given me real confidence in that area. If you're studying for the exam or just getting started with AWS, I highly recommend doing this lab yourself. There's no substitute for hands-on learning.

Hosting a Static Website on S3 and Configuring DNS with Route 53

Onyi Dominic — Sat, 27 Jan 2024 23:33:27 +0000

Introduction
I recently completed a project to learn more about Amazon S3 for static website hosting and using Route 53 for DNS management. In this post, I'll walk through the process and share what I learned.

Creating an S3 Bucket
First, I created an S3 bucket called "onyiwaters.site" in the US East (Ohio) region.

To enable static website hosting, I went into the bucket properties, selected the option for static website hosting, and entered "index.html" as my index document. This configures the bucket to render index.html when requests come to the website endpoint.

Next, I uploaded the website files including index.html, styles.css, script.js and images by dragging and dropping them into the S3 bucket.

To make the contents publicly accessible, I added a bucket policy granting public read permissions:

This allows anyone to access the files in the bucket while keeping the bucket itself private.

At this point I had a simple static website hosted on S3 with public access configured! Next I moved on to setting up DNS routing with Route 53.

Setting Up Route 53
Next, I registered a domain on Route 53 and created a hosted zone for onyiwaters.site.

I added an A record that routes traffic for the domain to the S3 endpoint URL. This directs requests to the S3 bucket that is hosting the static website. I also created an alias record that points to the S3 website endpoint specifically. Alias records provide a few benefits over regular A records:

They automatically route requests to the website endpoint
Alias records are native AWS integrations
Using the S3 website endpoint improves performance

To test things out, I accessed my domain in the browser. The A record I created routed traffic to the S3 bucket successfully. However, I noticed that the URLs still contained the S3 endpoint hostname. When I switched to using the alias record, the URLs resolved cleanly to just my domain.

So the alias record provided the optimal configuration for routing traffic to my S3-hosted static site. I learned some key differences between A records and alias records in Route 53 through this project.

Key Learnings
Some of my biggest takeaways were:

Learning how S3 static hosting works
Getting hands-on with Route 53 and DNS
Comparing A vs Alias records

Technical Skills
This project allowed me to apply skills like:

S3 static website configuration
DNS and domain management
IAM policies
Basic frontend development

GitHub Repo
View the full code and docs for this project on GitHub: S3 Static Site Repo

Enhancements
In the future I could expand on this project by:

Integrating a continuous deployment pipeline. I could set up GitHub integration with AWS CodePipeline to automatically deploy code changes from GitHub to S3.
Adding a custom domain and SSL certificate for HTTPS access. This would involve registering a domain, creating an ACM certificate, and updating the bucket policy and CloudFront distribution.

DEV Community: Onyi Dominic

Getting Started with AWS EC2 Key Pairs

Hosting a Static Website on S3 and Configuring DNS with Route 53