Setting up a launch Kali Linux on AWS instance has never been easier thanks to Amazon’s official support for Kali Linux. Many cybersecurity professionals know that AWS now offers Kali Linux as an official Amazon Machine Image (AMI), making it incredibly straightforward to deploy penetration testing environments in the cloud. This guide demonstrates how to launch Kali Linux AWS instance within 60 seconds using Jerry Gamblin’s automated script. With AWS costs at just $0.046 per hour or through the EC2 free tier, this solution proves invaluable for users with low-powered devices who need quick access to a full Kali installation.
Deploy Kali on AWS in 60 seconds using automated script. Image Courtesy: https://www.kali.org/blog/kali-linux-aws-cloud/
Table of Contents
Benefits of Kali Linux on AWS Deployment
Cloud-based penetration testing provides scalability, accessibility from anywhere, and eliminates the need for powerful local hardware. Additionally, Azure also supports Kali Linux deployments, giving users multiple cloud platform options. If you don’t want to deploy Kali Linux on Cloud, then you can always deploy Kali Linux on Virtualbox on your personal Laptop or Desktop. I’ve added some articles that will guide you through the entire process below:
Automated Script Features
The automated script performs three critical functions:
- Creates a security group allowing SSH access only from your current public IP address
- Generates a new SSH key pair stored in
~/Documents/instantkali/ - Provisions a
t2.mediumEC2 instance with proper security configurations
Complete Deployment Script
Here’s the complete script sourced from GitHub:
#!/bin/bash
set -e
set -u
clear
ami="ami-10e00b6d"
size="t2.medium"
today=$(date +"%m-%d-%y-%H%M")
localip=$(curl -s https://ipinfo.io/ip)
printf "Launching Kali EC2 Instance.\\n"
printf "AMI: %s\\n" "$ami"
printf "Type: %s\\n" "$size"
printf "\\n"
# Create SSH Key
mkdir -p ~/Documents/instantkali/
aws ec2 create-key-pair --key-name KaliKey$today --query 'KeyMaterial' --output text > ~/Documents/instantkali/KaliKey$today.pem
chmod 400 ~/Documents/instantkali/KaliKey"$today".pem
# Create Security Group
aws ec2 create-security-group --group-name KaliSecurityGroupSSHOnly"$today" --description "Inbound SSH only from my IP address" > /dev/null
aws ec2 authorize-security-group-ingress --group-name KaliSecurityGroupSSHOnly"$today" --cidr "$localip"/32 --protocol tcp --port 22
# Launch a Ec2 instance
instance=$(aws ec2 run-instances --image-id $ami --instance-type $size --key-name KaliKey$today --security-groups KaliSecurityGroupSSHOnly$today --output text)
id=$(printf "$instance" | grep INSTANCES | cut -f 8)
state=$(printf "$instance" | grep STATE | head -n 1 | cut -f 3)
printf "Instance launched: %s \\n" "$id"
printf "\\n"
# tag the instance
aws ec2 create-tags --resources $id --tags Key=Name,Value="Kali$today"
printf "Starting Instance: \\n"
# Wait for instance in `running` status
while [ "$state" = pending ]; do
echo -ne "Waiting for running status.\\r"
sleep 10
info=$(aws ec2 describe-instances --instance-ids $id --output text)
state=$(echo "$info" | grep STATE | cut -f 3)
done
printf "\\n"
# Fetch the publish host name
awsip=$(aws ec2 describe-instances --instance-ids $id --query "Reservations[*].Instances[*].PublicIpAddress" --output=text)
# Probe SSH connection until it's available
X_READY=''
while [ ! $X_READY ]; do
echo -ne "Waiting for ready status.\\r"
sleep 10
set +e
out=$(ssh -o ConnectTimeout=1 -o StrictHostKeyChecking=no -o BatchMode=yes ec2-user@$awsip 2>&1 | grep 'Permission denied' )
[[ $? = 0 ]] && X_READY='ready'
set -e
done
printf "\\n"
printf "\\n"
# Done
printf "Kali is Ready! Login With:\\n"
printf "ssh -i ~/Documents/instantkali/KaliKey%s.pem ec2-user@%s\\n" "$today" "$awsip"
Prerequisites and Setup
Ensure you have the AWS CLI configured with appropriate credentials and permissions. The script automatically handles IP detection, security group creation, and instance provisioning, making the entire process seamless.
Cost Considerations
With hourly rates starting at $0.046 or free tier eligibility, users can access enterprise-grade penetration testing tools without significant infrastructure investment.
Conclusion
This automated approach to deolpoy Kali Linux instance on AWS makes deployment and penetration testing quicker. Whether you’re conducting security assessments, learning ethical hacking, or need temporary access to Kali tools, this 60-second deployment method provides instant access to a fully configured penetration testing environment in the cloud.