# Create Finmars CE VM
Sure! Let’s make your EC2 and name it ****finmars-platform-vm****. Follow these steps:
1. ****Sign in to AWS****
- Open your browser and go to [console.aws.amazon.com](https://console.aws.amazon.com).
- Enter your AWS email and password.
2. ****Open EC2****
- At the top, click the search box and type ****EC2****.
- Click ****EC2**** under “Services.”
3. ****Launch a new instance****
- Click the blue ****Launch instances**** button.
4. ****Name your instance****
- In the ****Name tag**** box, type ****finmars-platform-vm****.
5. ****Choose AMI (****[Finmars CE](https://aws.amazon.com/marketplace/pp/prodview-55ptwgyybwzp2) ****x.x.x) - latest version****
6. - [](https://docs.finmars.com/uploads/images/gallery/2025-06/screenshot-2025-06-27-at-15-44-08.png)
- Scroll or search for ****Finmars CE (e.g. Finmars CE 19.1.0)**** in AWS & Trusted third-party AMIs tab.
- Click ****Select****.
7. ****Select instance type (2 vCPU, 8 GiB RAM)****
- Find and click ****t3.large**** (it has 2 vCPU and 8 GiB).
8. ****Create or select key pair****
- Choose ****Create a new key pair****.
- Name it (e.g. ****finmars-platform-vm-key****).
- Click ****Create Key Pair**** and save the `.pem` file safely. - Do not Lose this file, if you lose it, you will not able to connect to your VM again
9. ****Configure instance details****
- Click ****Edit****
- Under ****Subnet - No Preference**** or pick one (any is fine).
- Turn ****Auto-assign Public IP**** to ****Enable****. (If already enabled - OK)
- Configure Inbound Security Group Rules
- Add `Security Group Rule 1`
- Type: ****SSH****
- Source Type: ****Anywhere****
- Port range: ****22****
- Add `Security Group Rule 2`
- Type: ****HTTP****
- Source Type: ****Anywhere****
- Port Range: ****80****
- Add `Security Group Rule 3`
- Type: ****HTTPS****
- Source Type: ****Anywhere****
- Port Range: ****443****
- Add `Security Group Rule 4` ****-**** this is important for further Installation
- Type: ****Custom TCP****
- Source Type: ****Anywhere****
- Port Range: ****8888****
- Leave the rest as default.
- [](https://docs.finmars.com/uploads/images/gallery/2025-06/screenshot-2025-06-26-at-20-03-45.png)
See ****Edit**** in Top Right Corner. Press it
[](https://docs.finmars.com/uploads/images/gallery/2025-06/screenshot-2025-06-26-at-20-04-45.png)
See Configured Security groups
- Click ****Next: Add Storage****.
10. ****Add storage (256 GiB)****
- Change the size from ****8**** to ****256**** in the root volume row.
- Keep the volume type as ****gp3**** or ****gp2****.
11. ****Review and launch****
- Check all your settings.
- Click ****Launch Instance****.
12. ****Wait for your VM****
- Click ****View Instances****.
- Wait until its status is ****running**** and checks pass.
13. ****Open Finmars Setup in your Web Browser****
- Go to http://****Your\_Public\_IP****:8888 (for example http://203.0.113.25:8888)
- Proceed with Setup Wizard
Your EC2 named ****finmars-platform-vm**** is ready! 🎉
---
Now you need to assign your Public IP of your freshly created VM to subdomain of your domain.
1. ****Sign in to AWS****
Go to [console.aws.amazon.com](https://console.aws.amazon.com) and log in.
2. ****Open Route 53****
In the top search bar, type ****Route 53****, then click the service.
3. ****Go to Hosted Zones****
In the left menu, click ****“Hosted zones.”****
4. ****Select your domain****
Find and click the zone named your\_domain.tld (for example, `example.com`).
5. ****Create the first record****
- Click ****“Create record.”****
- In ****Record name****, type `finmars` (so full name is `finmars.example.com`). - It is Record for Actual Finmars Platform
- For ****Record type****, choose ****A – IPv4 address****.
- In ****Value****, type your EC2 public IP (for example, `203.0.113.25`). You can find it in EC2 details
- Leave ****TTL**** as default (300).
- Click ****“Create records.”****
6. ****Create the second record****
- Click ****“Create record”**** again.
- In ****Record name****, type `finmars-auth`(so full name is `finmars-auth.example.com`). - It is Record for Single-Sign-On (SSO) Finmars
- For ****Record type****, choose ****A – IPv4 address****.
- In ****Value****, type the same EC2 public IP.
- Click ****“Create records.”****
7. ****Wait a few minutes****
DNS needs a little time to spread out. After about 5 minutes, both
- `finmars.example.com`
- `finmars-auth.example.com`
will go to your VM’s public IP.
That’s it! Now both sub-domains point to your ****finmars-platform-vm**** server.
You can verify it by run following command in Terminal (On Mac or Linux)
`dig finmars.example.com`
`dig finmars-auth.example.com`
Output should be like:
```bash
; <<>> DiG 9.10.6 <<>> finmars.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39082
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;finmars-platform-vm.finmars.com. IN A
;; ANSWER SECTION:
finmars.example.com. 300 IN A 203.0.113.25
;; Query time: 12 msec
;; SERVER: 192.168.178.1#53(192.168.178.1)
;; WHEN: Wed Jun 11 20:10:02 CEST 2025
;; MSG SIZE rcvd: 76
```
---
Now go to next step: [Install Finmars Platform](https://docs.finmars.com/books/installation-guide-with-aws-simple/page/setup-finmars-ce)