# 4.8-Building the Launch Template

## Manual launch vs. Launch template

In the AWS EC2 (Elastic Cloud Computing), **manually launching** a virtual machine is a **7-steps process**, during which you can or have to choose/specify **many options** :

![The interactive AWS EC2 "Launch Instance" process flow](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj5y9ZQxIXbvWaTASyC%2F-Lj5ztyjW7dn-oGGcSPe%2Fimage.png?alt=media\&token=720d0db0-f824-4d4b-a6bf-3b2f2091230d)

{% hint style="success" %}
We'll **facilitate the launch process** here by taking advantage of a relatively recent AWS feature : we'll *record our option choices* in a "**Launch Template**", that we'll then use **to launch our server in a much quicker way**.
{% endhint %}

### Checking the "free elligible" Instance type in your AWs Region

*Going to the second step above* : "***Choose Instance Type***" (and then pressing **Cancel** to abort the process) ***is a good idea** anyway*, because it will show you **what the "free elligible" Instance type is** for your **current AWS Region** : currently t2.micro or t3.micro.

For example, in Oregon :

![](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj7H8IWs43SV0gJlbM7%2F-Lj7aKh3G0Q8j0sv1DiM%2Fimage.png?alt=media\&token=602c0f69-9054-4695-95b5-3515a35fc427)

At step 2 you see that **the "Free tier elligible"&#x20;*****Instance type*****&#x20;in Oregon is currently&#x20;*****t2.micro*** :

![](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj7H8IWs43SV0gJlbM7%2F-Lj7ayhNYky_qflBbVSN%2Fimage.png?alt=media\&token=2f5e8ea8-c554-484c-bf40-a18aa3725227)

You can then click "**Cancel**" to exit the process.

## New *Launch Template*

In the **EC2 console**, let's click "**Launch Templates**" in the menu on the left side, and then "**Create Launch Template**" to get this form :

![Top of the Create Launch Template entry form](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj6LpQo_15OffqkkAyj%2F-Lj6xPl76w0hrXrJVqB5%2Fimage.png?alt=media\&token=6b1951ac-297b-4179-8c3a-87a365198659)

For the first part :

* keep "***What would you like to do ?***" as "**Create a new template**"
* give a ***Launch template name** like my "my-fg-ovpn-201907" above*
* give a ***Template version description*** as you whish
* the "***Source template***" stays **empty** since this is your first one.

## ***The "Launch template contents" section***

![Launch template contents](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj6LpQo_15OffqkkAyj%2F-Lj7-yEn4uKHb2ns0m2M%2Fimage.png?alt=media\&token=14006c14-bf42-4290-b0dc-3a8a43b20fb4)

### AMI ID

The first choice is about the **AMI** = ***Amazon Machine Image***. This is like the backup of a pre-built installation, that will be copied over to your own virtual machine to initialize it.

We use the ***Search for AMI*** link and we'll select one from the "**Quick start**" ***AMI catalog*** : the "***Amazon Linux AMI YYYY.MM.v (HVM), SSD Volume Type***" (YYYY.MM.v = 2018.03.0 as of this writing).

![](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj6LpQo_15OffqkkAyj%2F-Lj70Zsfj9ZNQ2VYh-LJ%2Fimage.png?alt=media\&token=87003936-7c1d-48b1-8f3c-862e750e4879)

Your choice will appear as an "**AMI ID**", which is **different for each region** : the same **"*****Amazon Linux AMI 2018.03.0 (HVM), SSD Volume Type"*** gives AMI ID = ***ami-8c169ef2*** in Stockholm while at the same moment it gives ***ami-0bdfa1adc3878cd23*** in London and ***ami-0f2176987ee50226e*** in Oregon...

After confirming, the AMI ID is populated in the main form.

### Instance type

The second one is the **Instance type**, defining the size of virtual "core hardware" (CPUs and RAM).  There are [***many instance types***](https://aws.amazon.com/ec2/instance-types/), grouped in different families, of ***very different sizes and hourly cost*** !

{% hint style="info" %}
**We'll use an instance type that is "free elligible" for the AWS region : generally&#x20;*****t2.micro***

**(*****t3.micro*****&#x20;is "free elligible" ONLY in regions where&#x20;*****t2.micro*****&#x20;is not available)**
{% endhint %}

Depending on your region, **one of these 2 types will be available as "free elligible"** :

* either ***t2.micro (generally)***
* or the recent ***t3.micro in some regions without t2.micro***

{% hint style="warning" %}
**In AWS regions where BOTH&#x20;*****t2.micro*****&#x20;and&#x20;*****t3.micro*****&#x20;are available :**

**ONLY&#x20;*****t2.micro*****&#x20;is "free elligible"**

**So search for&#x20;*****t2.micro*****&#x20;first in the list, and only if not found then choose&#x20;*****t3.micro***
{% endhint %}

In **Stockholm as of July 2019**, *t2.micro* is not available and *t3.micro* is "free elligible", so **for this demo** **:&#x20;*****t3.micro*** it will be and "free elligible" it will remain :

![t3.micro is the "free elligible" instance type in Stockholm (2019/07)](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj6LpQo_15OffqkkAyj%2F-Lj7AzB3j1JBcD425kld%2Fimage.png?alt=media\&token=4307fa84-3975-4071-9ab4-80e8f4827620)

### Key pair name

[We only created 1 Key pair](https://zeferby.gitbook.io/transparent-openvpn-for-fantasy-grounds/aws-setup-step-by-step/4.5-creating-an-aws-key-pair), so this is an easy choice...

![Select your (only) Key pair name](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj6LpQo_15OffqkkAyj%2F-Lj7BkCyHSQWwIoUwG60%2Fimage.png?alt=media\&token=505a231c-a984-4214-93e2-71e80cae0a3e)

### Network type

**VPC !** For a new account, you don't even have access to the legacy "EC2 Classic" *- and you don't even want to know what it was...*

![VPC !](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj6LpQo_15OffqkkAyj%2F-Lj7CKZ_WJ8_L3kbN2oN%2Fimage.png?alt=media\&token=b9543967-5a91-4ef2-8725-4f78c35b9a2d)

### Security Groups

[**We created one**](https://zeferby.gitbook.io/transparent-openvpn-for-fantasy-grounds/aws-setup-step-by-step/4.6-creating-an-aws-security-group) just for our setup, so **let's select it** !

![](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj7H8IWs43SV0gJlbM7%2F-Lj7IjAp66dNIczdcABS%2Fimage.png?alt=media\&token=125de973-c12d-4163-9947-4420cfa1dce0)

*You can see that you can assign multiple security groups, so if you have different security groups for different kinds of network traffic authorization, you can cumulate them.*

### Our choices so far, for this demo :

![](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj7H8IWs43SV0gJlbM7%2F-Lj7I7Ci6NRlxj--9W_6%2Fimage.png?alt=media\&token=597edeab-0760-4264-a317-0c93e84f4931)

***As of July 2019, for the "free elligible" instance type, you would have t2.micro instead of t3.micro in most regions other than Stockholm.***

## *Network Interfaces*, *Storage (Volumes)* and *Instance tags*

{% hint style="warning" %}
**Step over these three blocks without touching them**
{% endhint %}

We'll use the default network interface and storage options, and we don't need tagging.

## *Advanced details* : expand !!

![](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj7H8IWs43SV0gJlbM7%2F-Lj7L-Ki33k_xKQWaAJN%2Fimage.png?alt=media\&token=d64a7cb7-4101-44be-b4f0-d481ac76ccde)

{% hint style="warning" %}
**We need to specify 2 options in this section :**

* ***IAM instance profile***
* ***User data***
  {% endhint %}

{% hint style="danger" %}
**Don't touch to the other options !**

***(unless you're already outside the Free Tier AND you know what you're doing...)***
{% endhint %}

### IAM instance profile

Here you have to specify the **IAM Role** you [created earlier](https://zeferby.gitbook.io/transparent-openvpn-for-fantasy-grounds/aws-setup-step-by-step/4.1-creating-the-iam-role) :

![IAM instance profile : our IAM role created earlier](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj7H8IWs43SV0gJlbM7%2F-Lj7M9LJdM91HMe5MG7d%2Fimage.png?alt=media\&token=95fd7eb8-9c48-42dd-9451-77181b88cbdb)

### User data

Here you'll have to **copy/paste the contents of** [**your own "config.name"-userdata.sh**](https://zeferby.gitbook.io/transparent-openvpn-for-fantasy-grounds/4.7-filling-the-bucket#userdata-needs-you)

Here is ours **for this demo** (*with our 2 edited lines highlighted*) :

![Our customized userdata contents](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj7H8IWs43SV0gJlbM7%2F-Lj7Onk3bk6eKF1hsuOi%2Fimage.png?alt=media\&token=0a2b19a9-6665-4d36-ad5b-4326bfbd4c1c)

## Now, we can confirm our choices !

By clicking the blue "**Create launch template**" button at the bottom...

![Launch Template successfully created](https://681104499-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LhjKavWMofrik61tHfB%2F-Lj7H8IWs43SV0gJlbM7%2F-Lj7QdYNMqRAfd_czz35%2Fimage.png?alt=media\&token=ca7ac723-c93c-43ed-ab7b-251e7661bc4f)

{% hint style="success" %}
**...We now have a&#x20;*****Launch Template*****&#x20;ready to use !**
{% endhint %}