How to spin up Amazon EC2 MacOS instance & SSH

AWS recently announced that you can now run Mac instances via EC2. The Mac instances are listed under a new instance family called ‘m1’. macOS versions listed are Mojave, Catalina & Big Sur.

AWS Console: Make sure you are in a supported region

Currently, macOS on EC2 is only available in these regions: US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), and Asia-Pacific (Singapore). Make sure you’re in one of these regions before you carry on with the next steps.

AWS Console: Allocate a dedicated host for the macOS family

Firstly, because the macOS EC2 instance will be running on actual Mac Minis and not on virtual machines, you require a “dedicated host.”

1. Go to the EC2 Console.
2. Under ‘Instances’, click on ‘Dedicated Hosts’.
3. Click on the ‘Allocate Dedicated Hosts’ button (it’s the orange one).
4. For the Dedicated Host settings page, input/select the following:

name — whatever you’d like
instance family — mac1
support multiple instance types — disable this (it is enabled by default) Instance type — mac1.metal
availability zone — any,
Instance auto-placement — enabled
Host recovery — disable this.

Click ‘Allocate’

Dedicated Host

AWS Console: Launch the instance

1. Go to the EC2 console.
2. Click ‘Launch Instance’
3. Select ‘macOS Catalina 10.15.7’
4. Select Dedicated Host that was created.
5. Use an existing key or create a new one. You’ll need the key for later.

How to access Amazon EC2 MacOS instance GUI.

Connect via “VNC insecure way use GUI”.

So how can you connect to your macOS remotely? For that, you can use the VNC protocol.

1. AWS Console: Update the security group your mac instance is in to allow port 5900 but make sure to only allow your own IP address as it’s insecure.
2. SSH into the instance using the key from before. command: ssh -i <your private key.pem> ec2-user@<your public ip address>
3. Set password for EC2-User. Command: sudo passwd to set/reset password.
4. In the EC2 Mac instance: Startup the VNC server and activate the remote management on your mac. Command:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -clientopts -setvnclegacy -vnclegacy yes -clientopts -setvncpw -vncpw password1 -restart -agent -privs -all

4. By default MacBook provide “screen sharing” if you on windows then download your VNC client on your local machine.

5. On the EC2 console, copy the IP address of our macOS ec2 instance.

6. Connect to your macOS ec2 instance via the VNC client.

You should now be able to view your mac’s login screen:

Ok so you can connect via VNC, but where’s the password for ec2-user?

Connect via “VNC secure way use GUI”.

1. AWS Console: Update the security group your mac instance is into remove port 5900 and allow only SSH port 22.
2. SSH into the instance using the key from before. command: ssh -i <your private key.pem> ec2-user@<your public ip address>
3. Command to tunnel VNC traffic over SSH. command: ssh -L 5900:locahost:5900 -N -i <your private key.pem> ec2-user@<your public ip address>
4. Open “screen sharing” on MacBook type “localhost” and connect.

Tunneling the SSH to localhost

5. Login with the username and password to get connected.

Important Note: I tried and the Mac mini which is hosted on the AWS dedicated host is way lot slowed since my instance is US West (Oregon)us-west-2 Region.

Please let me know if you have any questions on setup macOS on the AWS. I will be happy to answer your questions.