WPCloud Deploy Documentation

EC2 Provider: Introduction, Installation & Configuration Guide

Installing the AWS EC2 Provider

The EC2 provider is just a regular WordPress plugin – upload and activate it from the WordPress PLUGINS screen.

Prerequisites For Using the AWS EC2 Provider

Connecting to EC2 and automatically creating servers requires a lot more moving parts to be synchronized than simpler providers such as DigitalOcean and Linode.  In particular:

  • EC2 default security groups will block attempts to connect to the server after it’s initially deployed.  This needs to be resolved before attempting to deploy your first server.
  • The default firewall will block HTTPS traffic.  This needs to be resolved before requesting your first SSL certificate for a site on the server.

Additionally you will need to create an IAM user (or use an existing IAM user) with the proper permissions to create EC2 instances.  You will obtain your EC2 ACCESS KEY and EC2 SECRET KEY from this user.

Configuring the AWS EC2 Provider

First, you must make sure you create or upload an SSH key pair to the region where you will be building your servers.  You cannot use the ‘default’ ssh keys that AWS provides – you must create a new pair or upload your own pair.  AWS keypairs are specific to a region.  If you need to use the same keypair in all regions the you must upload it to all regions.

The AWS EC2 provider then needs connection and security information before it can be used.  You can provide this information under WPCLOUD DEPLOY->SETTINGS->CLOUD PROVIDERS-AWS EC2.  There are several steps to this process:

  • As mentioned above, make sure you create an SSH Key Pair in your account – you’ll need to do this in the region where you’ll be deploying your servers.  Download the private portion of the key.  This should be done before performing any of the remaining steps below.
  • Enter the EC2 ACCESS KEY and EC2 SECRET KEY – these are usually defined in the AWS IAM
  • Click the SAVE BUTTON
  • Click the SAVE BUTTON AGAIN.  This will cause the REGION drop-down to be populated from data in your AWS account
  • Select a region from the REGION drop-down
  • Click the SAVE BUTTON
  • Click the CLEAR CACHE button at the bottom of the screen to force a cache refresh of your keys list.  This will cause the PUBLIC SSH keys drop-down to be populated from data in your AWS account.
  • Select a key from the PUBLIC SSH KEY drop-down
  • Enter your private key that correspond to the public key
  • Click the SAVE BUTTON
  • Click the SAVE BUTTON AGAIN.

Using the AWS EC2 Provider

After the provider is installed and configured you’ll see it as an option when deploying a new server:

EC2 Default Security Groups

Servers are placed into EC2’s ‘default’ security group.  There are times where this group BLOCKS incoming traffic – this will cause server deployments to fail since we’ll be unable to connect to it automatically.  You should EDIT the default security group to ensure that traffic is allowed from your WordPress server where WPCD is installed.  In particular, the SOURCE for incoming traffic is set to “custom” by default – you need to change this to “Anywhere” or specify the IP address of your WordPress server where WPCD is installed.

Alternatively, you can set it up so that only SSH, HTTP and HTTPS traffic is allowed in from all sources.

Using Multiple Regions

The basic EC2 provider can only be used in one region.  In order to use it in multiple regions, you need to install the VIRTUAL PROVIDER add-on.  Once that has been installed, you can create a virtual provider for each region – learn more in the Virtual Provider documentation.

Known Issues & Limitations


Running a backup on an instance that is too small for the amount of data being backed up will cause the MariaDB server to stop.  You will have to manually restart it.  This seems to be a flaw in the EC2 instance.

So, if you intend to use our backup process on these instances please make sure you run a few backup tests before placing your site into production to make sure there are no issues.

If you do want to continue to use these instances without our backup process in place you can always use a plugin backup process such as Updraft Plus which does not tax the instance as much but takes far longer to complete.

Server Sync

Server Sync cannot be used on AWS servers – neither as source nor destination.

Site Sync

The function to copy a site to a new server will not work with AWS EC & Lightsail servers as targets.

Deleting A Site

When deleting a site, the option to also delete all local backups will not work on AWS servers.


What to know which EC2 instance to use?  Take a look at this document on Github that outlines all the various instance types and their differences.