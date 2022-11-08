Now, let's go on and build our machine. What we're going to do is go back up to the top here. We're only going to have this thing built long enough just to do what we need to do. Let's go ahead and do eight process for 32 gigabytes RAM. Click on Next: Configure Instance Details. This is where you can set up a bunch of other things about it. Now some key things. When you build an environment in the cloud, let me show you what you're actually doing. What you're really doing, and I will let you guys be enamored with some of my amazing Microsoft paint work one more time before you get out of this course. I want you to all put in your reviews that like the thing that made this course worth it for you is my paint work. Because again, that's what I make all my money on. If this is Amazon, show you what we're doing here. If this is Amazon AWS, imagine that this is their big network, their internal network, their cloud services network. What we're doing is inside that network, we're building our own little network. Now I've got a whole bunch of little networks of varying sizes, in Amazon's network. You have just one because you just built your first one. You don't realize it. But once we build this first VM, it will automatically by default create you a little virtual network. We call these VPCs or Virtual Private Clouds. You're building your own private cloud inside their big public cloud. Just from standing up that first VM, it's going to automatically build your network. Now, because I've got many networks, I'll show you what's going on and yours won't look like this. Right under the instance details under network here, I can hit this arrow and it shows you other networks that I could associate this VM with, but I'm going to leave it to the default. There's a bunch of other things we can configure here, but we're going to go ahead and click the button to the right at the top that says Add Storage. Now, this is where it starts to get really flexible. By default, it's going to run the operating system on a general purpose solid-state drive and it's going to be 30 gigabytes in size. What you can do is you can change the size of it. You can also change the type of drive because different drive types run much faster, have much higher throughput, and they cost different. If I'm trying to be really cheap, I might make it a magnetic standard and that's going to be a lot cheaper than this general purpose SSD drive, but it's also going to run like crap in comparison. Now, in addition to that, I would have my operating system probably run on this. Then if I want it, let's say I'm doing video editing or something like that, I'm going to need a pretty large hard drive. I've just learned this this week from the video editing that's happening with this course that I'm recording for you now. I had no idea how much space these videos took up, but now I know. I can say add volume. I'm going to now notice that I have more options. Your drive that you're going to run your OS on is limited. But my storage drive, I have many more options here. I can use different types of SSD drives like this provisioned IOPS. That means input/output speed. That means this thing can input and you can read to it very lightening faster than you can ever read anything you can feel physically. There's different options here for that. I might make this one, let's say, 5,000 gigabytes. Now what it's telling you is look, this thing is, let's make it 500 gigabytes. What it's telling you is you're making this drive bits too big to fit into the free tier range. I'm not going to do it, but I'm just showing you if you were doing video editing or something like that, you could absolutely do that. You can absolutely make it however big you wanted. If you wanted to build a terabyte drive here, you could do that and you could add another one. Let's say you want it to have one terabyte for one thing and another terabyte for another. You could keep adding these. There's no limit. The only limit is your pocketbook , how much cheese you got. That's what's going to limit you as to what you get here. Now, we're going to take these off and just go with the default one. But I did want to show you that capability. Next week, I'm going to go to add tags. I'm going to name this. I'm going to give it a tag called name, and then I'm going to give it a value. We'll just call it cloud fundamentals. Literally just named the VM that or name of that in the cloud. Then we're going to go to the next security group, and what this is is when you build a VM in the cloud service, it's going to decide what ports are open. In other words, when you stand this thing up in Amazon's cloud on the Internet, do you want stuff to be able to get to it from the Internet? Do you want other people to be able to reach it? We generally call that a firewall, but Amazon calls a day security group. By default, it's going to use this launch wizard security group, and with that security group, the default rule is telling us here is look, the only thing that's going to be able to access this machine is something over port 3389, which is something we call Remote Desktop or RDP, and you'll learn about that when you get in security plus or whatever it is. But it's a way for you to remotely connect to your Windows machine and have the screen up as if you're sitting at that machine. That's what it is. When we start to manage the server here in a minute, this is how we're going to have to manage it, is over RDP. We're going to say yes, we only want that rule. We're going to say Review and Launch, we say Launch. Here's the next part. Now I'm going to introduce you to basic encryption principles. Amazon uses something called asymmetric encryption or RSA. It's the specific technology to ensure that your VM is secure and your credentials are secure. The way RSA or public key cryptography or asymmetric cryptography, whichever you want to call it, works is you have a public key and a private key and they are mathematically bound. The way you keep it secure is you only ever give your public key to other people because they can use that to encrypt things. Remember, we talked about the CIA triad. Now we're talking about the confidentiality or the C on the CIA triad. Use your public key or someone else uses your public key to encrypt something and then they send it to you with the assurance that no one in the world, even if they intercept that data. They can't decrypt it because the only way to decrypt something encrypted with your public key is to have the associated, guess what? Private key. The only person in the world that's going to have that private key is you. Now the minute we go ahead and name this, I'm just going to say create a new key pair. Select that and we're going to name it cloud fundamentals, and I'm going to say download key pair. Right at that instant, that cloud fundamental's key got downloaded to my machine or your machine, in your case, and the only person that's ever going to be able to access that key is you right now because it only exists on your machine. This key does not exist even on Amazon anywhere. We're going to use this key later to decrypt that password because Amazon is going to generate us a password and they're going to encrypt it with our public key, and we being the only person who has a private key, we're the only ones that can decrypt that password. Even Amazon can't decrypt it once they encrypt it. We download that key and we go ahead and say Launch. Remember where you downloaded that key to, probably in your downloads directory. You'll want to look in your downloads or your documents to see where you downloaded it. Once it's launched in, now we can go to View Instance and you can see that instance it says pending. It's starting that up, it's starting to run that virtual machine. It's bringing it up for us, and we're going to be able to access that thing here shortly.