Guide: Setting up a Java Application on AWS EC2

Objective: Create a Linux server running a Java App with a static IP and secure S3 access.

Step 1: Create the Permission (IAM Role)

This gives your server an "ID Badge" to access S3 files without saving passwords on the server.

1. Log in to the AWS Console and search for IAM.
2. Click Roles (left menu) → Create role.
3. Select AWS Service and choose EC2.
4. Click Next. Search for and check the box for: AmazonS3FullAccess.
5. Name the role: EC2-S3-Access-Role.
6. Click Create role.

Step 2: Create the Firewall (Security Group)

This allows traffic from the internet to reach your application.

1. Go to the EC2 Dashboard.
2. On the left menu, under Network & Security, click Security Groups.
3. Click Create security group.
4. Name: Java-App-Firewall.
5. Inbound Rules (Add these two rules):
   • Type: SSH | Port: 22 | Source: My IP (Restricts login to you only).
   • Type: Custom TCP | Port: 8080 | Source: Anywhere-IPv4 (0.0.0.0/0).
6. Click Create security group.

Step 3: Launch the Server (EC2)

This is the actual Virtual Machine.

1. Go to Instances → Launch Instance.
2. Name: My-Java-Server.
3. OS Image: Select Amazon Linux 2023 (or Amazon Linux 2).
4. Instance Type: Select t2.micro or t3.micro (Free tier eligible).
5. Key Pair: Create a new key (e.g., my-server-key.pem) and download it. Keep this safe!
6. Network Settings:
   • Select "Select existing security group".
   • Choose Java-App-Firewall (created in Step 2).
7. Advanced Details (Crucial Step):
   • Find IAM instance profile.
   • Select EC2-S3-Access-Role (created in Step 1).
8. Click Launch Instance.

Step 4: Make the IP Permanent (Elastic IP)

Ensures your IP address never changes, even if you restart the server.

1. In the EC2 menu, click Elastic IPs → Allocate Elastic IP address → Allocate.
2. Select the new IP address from the list.
3. Click Actions → Associate Elastic IP address.
4. Instance: Select My-Java-Server.
5. Click Associate.

   Note: Use this IP address for all connections moving forward.

Step 5: Install Java & Connect

1. Open your computer's terminal (Mac/Linux) or PowerShell (Windows).
2. Connect via SSH:
   (Replace 1.2.3.4 with your Elastic IP)

ssh -i my-server-key.pem ec2-user@1.2.3.4

1. Install Java:

sudo yum update -y
sudo yum install java-17-amazon-corretto -y

1. Upload your App: Use a tool like FileZilla or SCP to upload your my-app.jar to the /home/ec2-user/ folder.

Step 6: Automate the App (Systemd)

Ensures the app runs in the background and restarts if it crashes.

1. Create the service file:

sudo nano /etc/systemd/system/myapp.service

1. Paste the following configuration into the editor:

[Unit]
Description=My Java App
After=network.target

[Service]
User=ec2-user
# CHANGE the filename below to match your actual jar file
ExecStart=/usr/bin/java -jar /home/ec2-user/my-app.jar
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target

1. Save: Press Ctrl+O, Enter, then Ctrl+X.
2. Start the App:

sudo systemctl daemon-reload
sudo systemctl enable myapp
sudo systemctl start myapp

Verification

• Check App Status: sudo systemctl status myapp
• View App Logs: journalctl -u myapp -f
• Test S3 Access: aws s3 ls (Should list buckets without asking for a password).

Other Documentation

[https://aws.amazon.com/blogs/compute/running-java-applications-on-amazon-ec2-a1-instances-with-amazon-corretto/ AWS - Running Java Applications on Amazon EC2-a1 Instances with Amazon Corretto