How To Run .NET 6, Kestrel, and Web API, on an AWS EC2 Windows Instance
Want to learn more about AWS Lambda and .NET? Check out my A Cloud Guru course on ASP.NET Web API and Lambda.
In this and the next post, I’ll show how to get a .NET Web Api application up and running on AWS EC2 instances, first with Windows, then with Linux. If you are not familiar with EC2 instances, think virtual machines.
I’m not going to go into setting up an AWS account, you can find that info here. AWS offers a free tier, so you should be able to follow this tutorial and not incur expenses, but please read about the free tier for yourself, there is always a chance of making a mistake.
Create the Windows instance
After you have logged into your account, go to https://console.aws.amazon.com/ec2/v2/home?region=us-east-1. There is a lot here, but for now you’re only interested in Instances.
1. Starting off
In the upper right, hit “Launch instances”.
2. Picking an image
On the new page, select “Free tier only” on the left, and filter by “windows” in the search bar.
I picked “Microsoft Windows Server 2019 Base”, but you can choose any that suits you.
3. Making sure you are on the free tier
Verify you are using the t2.micro which is on the free tier.
Hit “Next: Configure Instance Details”.
4. Configuring the instance
You are not going to make any changes here.
Hit “Next: Add Storage”.
5. Adding storage
Again no changes here.
Hit “Next: Add Tags”.
6. Adding tags
In this one add a tag with the Key “Name” and a value “My-First-Windows-Instance”, or whatever you want.
Hit “Next: Configure Security Group”.
7. Security
This is the important one. You will see that port 3389 has been opened to the whole world and that AWS is warning us about it. You will make a change here that makes RDP available only to the IP address you are currently using. Go to http://httpbin.org/ip, this will tell you your public IP address. Remove “0.0.0.0/0”, in its place put the IP address from httpbin.org, and add /32 to the end. You should have something like - “1.2.3.4/32”.
Give a name and description to the security group.
Hit “Review and Launch”.
8. A review
Hit “Launch”.
You are not quite there yet…
9. Keys and Launch
One final step, create a key pair so you can access the instance later. Select “Create a new key pair”, leave it as RSA, and give it a name. Then download and keep safe. You will use it when RDPing to the instance shortly.
Now, hit “Launch Instances”.
Go off make a cup of tea, this will take a few minutes to start up.
10. Waiting…and…Ready
In the EC2 instances dashboard, you will see the instance status as “Initializing”.
Before it changes to “2/2 checks passed”, it should now be up and running and available via RDP.
Click the instance id to bring up a summary.
Connect to the instance
The Windows instance should now be running and available to you via RDP. Two steps to follow here.
1. Get the RDP file
Hit the “Connect” button.
Move over to the “RDP client” tab. Hit “Download remote desktop file”.
Double-clicking on the file you downloaded will launch your RDP client and connect to the Windows instance.
2. Get the password
You will be prompted for a password to connect.
To get the password hit the “Get Password” link, you will have to upload the key file you created earlier to decrypt the password.
Use the password to sign in to the Windows instance.
And there it is, a Windows 2019 server running in AWS EC2!
At this point, I recommend installing Firefox or Chrome to make it easier to download any tools you need.
Install dotnet
I’m not going to go into detail here, download and install .NET 6 - https://dotnet.microsoft.com/en-us/download/dotnet/6.0.
Optionally you can install Visual Studio, VS Code, Rider, or any other tool you like building a .NET application with.
Create a .NET 6 Web API application
I’m also not going to go into any detail here. Create a new Web API application.
dotnet new webapi --name HelloFromWindowsInstance
Change to the HelloFromWindowsInstance
directory.
Run the application -
dotnet run --urls "http://*:5000;https://*:5001"
Open up your Firefox on the instance (if you installed it) and browse to -
http://localhost:5000/weatherforecast
https://localhost:5001/weatherforecast
You should see the weather forecast.
Connecting to the Web API application from outside
Back on your real computer, try browsing to the ip address/name of the instance and add the port 5001/5001 to the it. For example -
http://ec2-x-xx-xxx-xxx.compute-1.amazonaws.com:5000/weatherforecast
https://ec2-x-xx-xxx-xxx.compute-1.amazonaws.com:5001/weatherforecast
You won’t be able to, only the RDP port is available. There are two more steps needed.
1. Security Group access for ports 5000/5001
In the AWS Console, go back to the instance, click on the Security tab in the middle of the page, then click on the security group
You have to grant permission to your security group for ports 5000 and 5001 on the IP address you got from httpbin.org.
If you want to make those ports accessible from anywhere on the web, put in “0.0.0.0/0”.
2. Firewall access for ports 5000/5001
Back on the Windows instance, open the Windows Firewall.
Add an Inbound Rule allowing access via ports.
Allow ports 5000-5001.
Set the connection to allowed.
Leave the profile settings the way they are.
Wrap up by giving the rule a name and hit “Finish”.
Done! You should now be able to access the API from your computer, but you will see security warning in your browser, I’ll show you how to handle that in a later post.
Try by connecting to -
http://ec2-x-xx-xxx-xxx.compute-1.amazonaws.com:5000/weatherforecast
https://ec2-x-xx-xxx-xxx.compute-1.amazonaws.com:5001/weatherforecast
There it is!
The site is now accessible from your computer.