This repository provides the approach to build and deploy any application on AWS Virtual Private Cloud (VPC).
We will follow the following diagram for making our VPC Project.
- Go to the AWS VPC service and click Create VPC .
- Select 'VPC and more' and provide the name for your VPC.
- Provide the IP Address Range (for 65,536 IPs, enter 10.0.0.0/16).
- Enter the number of availability Zones - In this project we have made 2 availability zones.
- Then enter the number of subnets - we have 2 public subnets in this project.
- Then enter the number of private subnets - we have made 2 private subnets in this project(1 in each public subnet).
- Enter the number of NAT gateways - we have not used NAT gatewasy in our project as it is a paid service and does not provide a free-tier.
- Then choose the end point (S3 Gateway) - But we used none in this project, we have only the internet gateway(igw) only which is necessary and default.
- Enable both DNS options.
- Then create Create VPC .
You will get your Resource Map, you can go through it for understanding the flows and connection in your VPC.
-
Go to the EC2 service dashboard and create two EC2 instances(private) one in each availability zones and make sure to enable auto scaling in your instances.
-
you will see that you there is no public IP Address of those private subnet instances.
-
bu you cannot access those private instances directly, you have to create a public instances named - 'Bastion Host' or 'Jump Server'.
-
Use the same 'Key-Pair' for every instance in this VPC project.
-
Deploy your application in the private Instance - We have the deployed a basic html page(code that i have used is provided in this repository as "index.html"). But you cannot access the private instance directly.
-
use the following command for connecting your PC with the Bastion Host.
chmod 400 your-key.pem
ssh -i your-key.pem ubuntu@Bastion-Public-IP 
- Copy the Key-Pair's .pem file to the Bastion Host Instance manually.
vim your-key.pem- Now your PC is connected with the Bastion Host Instance, the next step is to access the private subnet instances through the Bastion Host. From the Bastion Host, run the following command from the Bastion Host
ssh -i your-key.pem ubuntu@(Private-Instance-Private-IPAddress) - Make sure to add Security Groups to the instances for the security at the instance level.(You can also add the NACL for the subnet level security).
- Go to the EC2 and scroll down for the Load Balancer
- click on Create Load Balancer, then select and create the 'Application Load Balancer' (We used this load balancer in this project).
- while creating the Load Balancer, also create the Target Group.
- choose the VPC in which you are currently working.
- In the target group, allow the inbound traffic range you want to allow to access your application.
✅ you are all set to access your application, go to your Load Balancer and copy the "DNS name" & paste it in your browser to see your application running on the AWS instances.
🛠️If you are facing any errors in any part of the process, please feel free to share your errors and problems i will definitely try to resolve your issues.
📧 All my contact details are in my profile.
Thank you..❤️❤️ Don't Compete...Let's Collaborate🤝🤝