This repository contains hands-on labs demonstrating core Amazon EC2 concepts, from foundational networking and instance provisioning to high availability and automated scaling. Using LocalStack Pro, we simulate a complete AWS compute environment locally.
Based on AWS best practices (SAA-C03), these labs cover:
- Network Foundation: Provisioning custom VPCs, public/private subnets, and internet gateways.
- EC2 Provisioning: Launching On-Demand instances with optimized AMI selection.
- Security & Access: Implementing stateful Security Groups and instance-level bootstrapping via User Data.
- High Availability: Designing for fault tolerance using Multi-AZ deployments.
- Scaling & Load Balancing: Exploring Launch Templates, Auto Scaling Groups, and Elastic Load Balancers.
- Cost Optimization: Leveraging Spot Instances and Savings Plans logic.
- Docker & Docker Compose
- LocalStack Pro account and Auth Token
awslocalCLI (a wrapper around the AWS CLI for LocalStack)
-
Configure your LocalStack Auth Token in
.env:echo "YOUR_TOKEN=your_auth_token_here" > .env
-
Start LocalStack Pro:
docker-compose up -d
Important
Cumulative Architecture: These labs are designed as a cumulative scenario. You are building an evolving infrastructure.
Session Persistence: These labs rely on bash variables (like $VPC_ID, $SG_ID, $AMI_ID, etc.). Run all commands in the same terminal session to maintain context.
- Lab 1: Network Foundation & EC2 Provisioning
- Lab 2: Layer 7 Application Load Balancer (ALB)
- Lab 3: EC2 Auto Scaling (Launch Templates & ASG)
- Lab 4: Auto Scaling Policies (Target Tracking)
- Lab 5: Cost Optimization (Spot Instances)
💡 Pro Tip: Using aws instead of awslocal
If you prefer using the standard aws CLI without the awslocal wrapper or repeating the --endpoint-url flag, you can configure a dedicated profile in your AWS config files.
Add the following to your ~/.aws/config file:
[profile localstack]
region = us-east-1
output = json
# This line redirects all commands for this profile to LocalStack
endpoint_url = http://localhost:4566Add matching dummy credentials to your ~/.aws/credentials file:
[localstack]
aws_access_key_id = test
aws_secret_access_key = testYou can now run commands in two ways:
Option A: Pass the profile flag
aws iam create-user --user-name DevUser --profile localstackOption B: Set an environment variable (Recommended)
Set your profile once in your session, and all subsequent aws commands will automatically target LocalStack:
export AWS_PROFILE=localstack
aws iam create-user --user-name DevUser- Precedence: The AWS CLI (v2) supports a global
endpoint_urlsetting within a profile. When this is set, the CLI automatically redirects all API calls for that profile to your local container instead of the real AWS cloud. - Convenience: This allows you to use the standard documentation commands exactly as written, which is helpful if you are copy-pasting examples from AWS labs or tutorials.