BrainyBeeBrainyBee
Hands-On Lab917 words

Hands-On Lab: Identifying and Provisioning AWS Compute Services

Identify AWS compute services

Hands-On Lab: Identifying and Provisioning AWS Compute Services

Welcome to this guided lab on AWS Compute Services. In the AWS Cloud, "compute" refers to the processing power required to run applications, handle data, and execute scripts. AWS offers a wide spectrum of compute options, from traditional Virtual Machines (Amazon EC2) to serverless computing (AWS Lambda) and container orchestration (Amazon ECS/EKS).

In this lab, you will deploy resources across two different compute paradigms—a traditional Amazon EC2 instance and a serverless AWS Lambda function—allowing you to practically identify their operational differences.

Prerequisites

Before you begin, ensure you have the following:

  • AWS Account: An active AWS account with Administrator or sufficient PowerUser permissions.
  • AWS CLI: The AWS Command Line Interface (aws) installed and configured with your credentials (aws configure).
  • Region: Select a default region (e.g., us-east-1 or us-west-2) and use it consistently.
  • Tools: A standard terminal/command prompt and a basic text editor.

Architecture Overview

The following diagram illustrates the two distinct compute services we will provision side-by-side during this lab.

Loading Diagram...

Compute Abstraction Spectrum

To understand why we have multiple compute services, review this abstraction chart. As you move to the right, AWS handles more of the underlying infrastructure.

Compiling TikZ diagram…
Running TeX engine…
This may take a few seconds

Learning Objectives

By the end of this lab, you will be able to:

  1. Provision and identify an Amazon EC2 virtual machine.
  2. Provision and identify a serverless AWS Lambda function.
  3. Differentiate between server-based (IaaS) and serverless compute deployments.
  4. Safely tear down compute resources to avoid ongoing charges.

Step-by-Step Instructions

Step 1: Provision a Virtual Machine (Amazon EC2)

Amazon Elastic Compute Cloud (EC2) provides resizable compute capacity. You maintain full OS-level control. We will launch a t2.micro instance (free-tier eligible).

First, we need to retrieve the latest Amazon Linux 2 AMI ID for your region. Run this command and copy the resulting ami-xxxxxxxxx value:

bash
aws ssm get-parameters --names /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2 --query "Parameters[0].Value" --output text

Now, launch the instance using the retrieved AMI ID:

bash
aws ec2 run-instances \ --image-id <YOUR_AMI_ID_FROM_ABOVE> \ --instance-type t2.micro \ --tag-specifications "ResourceType=instance,Tags=[{Key=Name,Value=brainybee-lab-ec2}]"

📸 Screenshot: Capture your terminal output showing the InstanceId.

Console alternative
  1. Navigate to the EC2 Dashboard in the AWS Management Console.
  2. Click Launch Instance.
  3. Name: Enter brainybee-lab-ec2.
  4. AMI: Select Amazon Linux 2 AMI (HVM).
  5. Instance type: Select t2.micro.
  6. Key pair: Select Proceed without a key pair (we will not SSH into it for this lab).
  7. Click Launch instance.

Step 2: Prepare the Serverless Execution Role

Before we can launch an AWS Lambda function, we must create an IAM Role that grants Lambda permission to execute.

Create a trust policy file:

bash
cat > trust-policy.json <<EOF { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "lambda.amazonaws.com" }, "Action": "sts:AssumeRole" } ] } EOF

Create the IAM role:

bash
aws iam create-role \ --role-name brainybee-lambda-role \ --assume-role-policy-document file://trust-policy.json

[!TIP] Take note of the Arn value in the output (e.g., arn:aws:iam::<YOUR_ACCOUNT_ID>:role/brainybee-lambda-role). You will need it in the next step.

Step 3: Provision Serverless Compute (AWS Lambda)

AWS Lambda lets you run code without provisioning or managing servers. We will create a simple Python function.

Create the Python file:

bash
echo 'def lambda_handler(event, context): return "Hello from Serverless Compute!"' > lambda_function.py

Zip the deployment package:

bash
zip function.zip lambda_function.py

Deploy the Lambda function (replace the <YOUR_ACCOUNT_ID> with your actual AWS 12-digit account ID):

bash
aws lambda create-function \ --function-name brainybee-lab-lambda \ --runtime python3.9 \ --role arn:aws:iam::<YOUR_ACCOUNT_ID>:role/brainybee-lambda-role \ --handler lambda_function.lambda_handler \ --zip-file fileb://function.zip
Console alternative
  1. Navigate to the Lambda console.
  2. Click Create function.
  3. Choose Author from scratch.
  4. Function name: brainybee-lab-lambda.
  5. Runtime: Python 3.9.
  6. Expand Change default execution role, select Create a new role with basic Lambda permissions.
  7. Click Create function.
  8. In the Code source editor, paste def lambda_handler(event, context): return "Hello from Serverless Compute!".
  9. Click Deploy.

Checkpoints

Verify that your compute resources are successfully running.

Checkpoint 1: Verify EC2 Instance State

Ensure your virtual server is actively running in the cloud.

bash
aws ec2 describe-instances \ --filters "Name=tag:Name,Values=brainybee-lab-ec2" \ --query "Reservations[*].Instances[*].{ID:InstanceId,State:State.Name}" \ --output table

Expected Output: A table showing your Instance ID and the state as running.

Checkpoint 2: Invoke Lambda Function

Execute your serverless code to ensure it processes the request and returns the expected string.

bash
aws lambda invoke \ --function-name brainybee-lab-lambda \ output.txt && cat output.txt

Expected Output: "Hello from Serverless Compute!"

Troubleshooting

Issue / ErrorLikely CauseSolution
AccessDeniedExceptionYour IAM user lacks permissions to create EC2 or Lambda resources.Attach PowerUserAccess or explicitly grant ec2:* and lambda:* permissions to your user.
InvalidAMIID.NotFoundThe AMI ID doesn't exist in your currently configured AWS Region.Run the SSM command in Step 1 to dynamically fetch the correct AMI ID for your specific region.
InvalidParameterValueException (Lambda)The IAM Role hasn't propagated yet.IAM roles take ~10 seconds to become available globally. Wait 15 seconds and rerun the create-function command.

Clean-Up / Teardown

[!WARNING] Cost Warning: Remember to run the teardown commands to avoid ongoing charges. While t2.micro and basic Lambda usage may fall under the Free Tier, it is a critical best practice to delete unused infrastructure.

1. Terminate the EC2 Instance (Replace <YOUR_INSTANCE_ID> with the ID found in Checkpoint 1)

bash
aws ec2 terminate-instances --instance-ids <YOUR_INSTANCE_ID>

2. Delete the Lambda Function

bash
aws lambda delete-function --function-name brainybee-lab-lambda

3. Delete the IAM Role and local files

bash
aws iam delete-role --role-name brainybee-lambda-role rm trust-policy.json lambda_function.py function.zip output.txt
Console alternative
  1. EC2: Go to EC2 Dashboard -> Instances -> Select brainybee-lab-ec2 -> Instance state -> Terminate instance.
  2. Lambda: Go to Lambda Dashboard -> Functions -> Select brainybee-lab-lambda -> Actions -> Delete.
  3. IAM: Go to IAM Dashboard -> Roles -> Search brainybee-lambda-role -> Delete.
All AWS Certified Cloud Practitioner (CLF-C02) Study Resources

Ready to study AWS Certified Cloud Practitioner (CLF-C02)?

Practice tests, flashcards, and all study notes — free, no sign-up needed.

Start Studying — Free