Skip to content

JustTanwa/expense-tracker-aws

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
application
application
 
 
deployment
deployment
 
 
docs
docs
 
 
infrastructure
infrastructure
 
 
README.md
README.md
 
 

Repository files navigation

AWS Expense Tracker - Infrastructure Setup

Project Overview

Building a personal expense tracker using AWS services to learn cloud infrastructure fundamentals.

Architecture: EC2 + S3 (with future Lambda integration)

Learning Focus: VPC networking, EC2 deployment, S3 integration, IAM permissions

Infrastructure Components

1. Custom VPC Network

  • VPC CIDR: 10.0.0.0/16
  • Public Subnet: 10.0.1.0/24 (eu-north-1a)
  • Private Subnet: 10.0.2.0/24 (eu-north-1a) - for future use
  • Internet Gateway: Attached for public internet access
  • Route Table: Custom routing for public subnet (0.0.0.0/0 → IGW)

2. Security Groups

  • Web Server Security Group:
    • SSH (22) - Administrative access
    • HTTP (80) - Web traffic
    • HTTPS (443) - Secure web traffic
    • Port 5000 - Flask development server

3. S3 Storage

  • Bucket: Globally unique name for receipt storage
  • Versioning: Enabled for data history and avoid override
  • CORS: Configured for web uploads
  • Purpose: Store uploaded receipt images

4. EC2 Instance

  • Type: t3.micro (free tier eligible)
  • AMI: Amazon Linux 2023 (ami-0b83c7f5e2823d1f4)
  • Placement: Public subnet with Elastic IP
  • Key Pair: Created for SSH access
  • IAM: Using same IAM as the AWS Cli

Commands Summary

See infrastructure folder. Mostly used bash commands with the AWS cli and later combined together to create a bash script call 'setup-commands.sh'.

Key Learning Outcomes

VPC Networking

  • ✅ Created custom VPC with proper CIDR planning (used subnet mask 16 which provides plenty of IP addresses for subnetting)
  • ✅ Configured public/private subnet architecture (although only public subnet is used)
  • ✅ Set up Internet Gateway and routing tables
  • ✅ Understood how traffic flows in AWS networks

Security

  • ✅ Implemented least-privilege security groups (only added policies involving S3 and EC2)
  • ✅ Configured proper SSH key-based authentication

Service Integration

  • ✅ Connected EC2 instance to custom VPC
  • ✅ Integrated S3 storage with CORS configuration
  • ✅ Set up cross-service communication between Flask App running on EC2 and S3.

Next Steps

  1. Potential Future Enhancements
    • Lambda function for receipt OCR processing
    • Database integration (RDS) with User Access

Troubleshooting Notes

ARM64 Architecture

  • Required specific AWS CLI download for aarch64 (developed on a raspberry pi)
  • Used ARM-compatible AMI selection

Cost

  • All resources within AWS Free Tier limits
  • t3.micro instance (750 hours/month free)
  • S3 free tier (5GB storage, 20K GET, 2K PUT requests)
  • No NAT Gateway costs (using public subnet only)

Architecture Diagram

Internet
    |
Internet Gateway
    |
Public Subnet (10.0.1.0/24)
    |
EC2 Instance (Web Server)
    |
S3 Bucket (Receipt Storage)

Project Status: ✅ Completed Total Setup Time: ~30 minutes AWS Services Used: VPC, EC2, S3, IAM

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages