Author: Simon Jackson (sjackson0109)
Date: 04/12/2023
To design and construct an Amazon Virtual Private Cloud (VPC) architecture that includes an EC2 instance within a public subnet and a database instance within two private subnets.
- As a cloud architect, your objective is to assist James in developing an AWS VPC that hosts both an EC2 instance and a database instance.
- The EC2 instance, serving the web application, should be placed in a public subnet, while the DB instance should be secured in a private subnet
- You are expected to provide `step-by-step instructions`` for creating and configuring these AWS resources, ensuring system security, reliability, and accessibility.
- What form of service layer are we consuming? IaaS, PaaS, SaaS etc?
VPCsandEC2instances both as IaaS services
RDSis a SaaS service - Do we need custom ip routing?
Yes. Public Subnet will receive0.0.0.0/0propagated from the Internet Gateway appliance; whilst the twoPrivatetagged subnets, will not require any custom routes configuring. Route Propagation will not affect the private routes. - What kind of Network Firewall functionality will be required? Assuming (without a company rep to discuss compliance requirements with) that the AWS Security Groups acting as a layer 5 firewall will be sufficient.
WEB = http/s
SSH from WAN IP Address
DB = mysql (tcp/3306), allow ICMP for testing
Follow the method x links below there are further instructions on building each of the environments; click through to find out more:
- Method 1 -
AWS Console - Method 2 -
AWS CLI - Method 3 -
Terraform Code
There are of course many ways of achieving the same goal.