Deploying AWS Infrastructure using the Console - Masterchief-solo/AWS-Projects GitHub Wiki

Create a VPC

  1. Select Services > VPC > VPC Dashboard
  2. In the VPC console, select Create VPC
  1. Give your VPC a name [eg. terra-vpc]
  2. Set the IPv4 CIDR block to your preferred range [eg. 10.0.0.0/16
  1. Click create VPC

Create Public and Private subnets

  1. In the VPC console, select Subnets from the navigation panel. Select Create Subnet.
  1. Choose your recently created VPC from the dropdown menu.
  2. Give your subnet a name [eg. private-subnet]
  3. Select your Availability zone [eg. us-east-2a]
  4. Add your IPv4 CIDR block range
  5. Select Create subnet

subnet2

  1. Repeat this process for all public and private subnets required for your infrastructure.

Deploy an Internet Gateway

  1. Select Internet gateways from the Navigation menu
  2. Select Create internet gateway

ig1

  1. Give your internet gateway a name [eg. my-igw-1]
  2. Select Create Internet Gateway
  3. Attach the IGW to your VPC by selecting Actions > Attach to VPC > Select your VPC from the dropdown

Provision a NAT Gateway

Note: this is for outbound connectivity

  1. In the Navigation menu, select NAT gateways
  2. Select Create NAT Gateway

nat1

  1. Give your NAT gateway a name [eg. my-nat-igw]
  2. Assign a public subnet to your NAT gateway
  3. Choose your connectivity type [eg. public or private]
  4. Allocate elastic IP addresses
  5. Select Create NAT gateway

Create Route Tables

  1. Select Route tables in the navigation menu
  2. There is already a default route table that is created with the VPC. In this instance, we want to create a new route table.
  3. Select Create route table
  4. Give your route table a name
  5. Click Create route table
  6. Next, you need to associate your subnets with these route tables

route1

  1. Edit Subnet Associations > Select all subnets you want to associate with this route table > Save associations
  2. Add routes by selecting the route table > routes > edit routes
  • For public, select the internet gateway. All resources in the public subnet will go out to the internet gateway.
  • public = IGW
  • private = NAT

rt2

Create Key Pairs

  1. Navigate to the EC2 Dashboard
  2. In the left-hand column, scroll to Network and Security > Click Key pairs
  3. Click Create a Key Pair
  4. Give your key pair a descriptive name
  5. Choose the Key pair type:
    • RSA
    • ED25519
  6. Select your private key format
    • .pem (For use with OpenSSH)
    • .ppk (For use with PuTTY
  1. Click Create key pair

Create a Security Group

  1. Choose VPC Dashboard, choose Security Groups, and then choose Create security group.
  2. On the Create security group page, set these values:
  • Security group name:
  • Description:
  • VPC: Choose the VPC that you created earlier, for example: vpc-identifier (tutorial-vpc)
  1. In the Inbound rules section, choose Add rule.
  2. Set the following values for your new inbound rule to allow SSH access to your Amazon EC2 instance. If you do this, you can connect to your Amazon EC2 instance to install the web server and other utilities. You also connect to your EC2 instance to upload content for your web server:
  • Type: SSH
  • Source: Your public ip
  1. Add another rule
  • Type: HTTP
  • Source: 0.0.0.0/0 (anywhere)

Create a VPC Security Group for a Private DB

To keep your DB instance private, create a second security group for private access. To connect to private DB instancesin your VPC, you add inbound rules to your VPC security group that allow traffic from your web server only.

  1. Choose VPC Dashboard, choose Security Groups, and then choose Create security group.
  2. On the Create security group page, set these values:
  • Security Group Name:
  • Description:
  • VPC: Choose the VPC that you created earlier, for example: vpc-identifier
  1. Add inbound rules to the security group.
  • In the Inbound rules section, choose Add rule.
  • Set the following values for your new inbound rule to allow MySQL traffic on port 3306 from your Amazon EC2 instance. If you do this, you can connect from your web server to your DB instance. By doing so, you can store and retrieve data from your web application to your database.
    • Type: MySQL/Aurora
    • Source: The identifier of the tutorial-securitygroup security group that you created previously in this tutorial
  1. Choose Create security group to create the security group.

Create a DB Subnet Group

A DB subnet group is a collection of subnets that you create in a VPC and that you then designate for your DB instances. A DB subnet group makes it possible for you to specify a particular VPC when creating DB instances.

  1. Identify the private subnets for your database in the VPC.
  • Choose VPC Dashboard, and then choose Subnets.
  • Note the subnet IDs of the subnets named tutorial-subnet-private1-us-west-2a and tutorial-subnet-private2-us-west-2b. You need the subnet IDs when you create your DB subnet group.
  1. Open the Amazon RDS console
  2. In the navigation pane, choose Subnet groups.
  3. Choose Create DB subnet group.
  4. On the Create DB subnet group page, set these values in Subnet group details:
  • Name: tutorial-db-subnet-group
  • Description: Tutorial DB Subnet Group
  • VPC: tutorial-vpc (vpc-identifier)
  1. In the Add subnets section, choose the Availability Zones and Subnets.

Launch an EC2 Instance

Create an Amazon EC2 instance in the public subnet of your VPC.

  1. In the upper-right corner of the AWS Management Console, choose the AWS Region where you want to create the EC2 instance.
  2. Choose EC2 Dashboard, and then choose Launch instance, as shown following.
  3. Make sure you have opted into the new launch experience.
  4. Under Name and tags, for Name, enter tutorial-ec2-instance-web-server.
  5. Under Application and OS Images (Amazon Machine Image), choose Amazon Linux, and then choose the Amazon Linux 2 AMI. Keep the defaults for the other choices.
  6. Under Instance type, choose t2.micro.
  7. Under Key pair (login), choose a Key pair name to use an existing key pair. To create a new key pair for the Amazon EC2 instance, choose Create new key pair and then use the Create key pair window to create it.

For more information about creating a new key pair, see Create a key pair in the Amazon EC2 User Guide for Linux Instances. 8. Under Network settings, set these values and keep the other values as their defaults:

  • For Allow SSH traffic from, choose the source of SSH connections to the EC2 instance. *You can choose My IP if the displayed IP address is correct for SSH connections.

Otherwise, you can determine the IP address to use to connect to EC2 instances in your VPC using Secure Shell (SSH). To determine your public IP address, in a different browser window or tab, you can use the service at https://checkip.amazonaws.com/. An example of an IP address is 203.0.113.25/32.

  • Turn on Allow HTTPs traffic from the internet.
  • Turn on Allow HTTP traffic from the internet.
  1. Leave the default values for the remaining sections.
  2. Review a summary of your instance configuration in the Summary panel, and when you're ready, choose Launch instance.
  3. On the Launch Status page, shown following, note the identifier for your new EC2 instance, for example: i-03a6ad47e97ba9dc5.
  4. Choose View all instances to find your instance.
  5. Wait until Instance state for your instance is Running before continuing.

Create a DB Instance

To create a MySQL DB instance

  1. In the upper-right corner of the AWS Management Console, check the AWS Region. It should be the same as the one where you created your EC2 instance.
  2. In the navigation pane, choose Databases.
  3. Choose Create database.
  4. On the Create database page, shown following, make sure that the Standard create option is chosen, and then choose MySQL.
  5. In the Templates section, choose Free tier.
  6. In the Availability and durability section, keep the defaults.
  7. In the Settings section, set these values:
  • DB instance identifier – Type tutorial-db-instance.
  • Master username – Type tutorial_user.
  • Auto generate a password – Leave the option turned off.
  • Master password – Type a password.
  • Confirm password – Retype the password.
  1. In the Instance configuration section, set these values:
  • Burstable classes (includes t classes)
  • db.t3.micro
  1. In the Storage section, keep the defaults.
  2. In the Connectivity section, set these values and keep the other values as their defaults:
  • For Compute resource, choose Connect to an EC2 compute resource.
  • For EC2 instance, choose the EC2 instance you created previously, such as tutorial-ec2-instance-web-server.
  1. In the Database authentication section, make sure Password authentication is selected.
  2. Open the Additional configuration section, and enter sample for Initial database name. Keep the default settings for the other options.
  3. To create your MySQL DB instance, choose Create database.
  4. Your new DB instance appears in the Databases list with the status Creating.
  5. Wait for the Status of your new DB instance to show as Available. Then choose the DB instance name to show its details.
  6. In the Connectivity & security section, view the Endpoint and Port of the DB instance.
⚠️ **GitHub.com Fallback** ⚠️