A PEM file is a private key used to securely connect to your AWS EC2 instance using SSH. You can only download this file once, and that is at the time of creating the key pair. If you lose it, you won’t be able to SSH into your instance unless you create a new key and update the instance manually.
This guide shows you how to correctly download a PEM file when launching an EC2 instance.
How to download a PEM file from AWS EC2

Step 1: Go to the AWS Management Console
Visit the AWS website and sign in to the AWS Management Console using your login credentials.
Step 2: Go to the EC2 dashboard
In the AWS Console, search for EC2 in the top search bar and click on EC2 under “Services” to open the EC2 Dashboard.
Step 3: Create a new key pair
In the left sidebar, look for and click on Key pairs under Network & Security.
Then, click Create key pair, enter a name (e.g., my-key), and choose a Key pair type (select RSA). For Private key file format, choose .pem and then click on Create key pair.
This creates and automatically downloads the PEM file to your computer. Make sure to save this file for future reference.
It’s important to note that you will have to create a new key pair even if you had created one before, but don’t have it saved.