HPI on AWS Best Practices - tsgrp/HPI GitHub Wiki

Setting up HPI on AWS

1. Register your domain with AWS or allow AWS to manage the domain in Route 53

2. Fire up your Tomcat/Alfresco instance on port 8080 as usual on an EC2 instance (only port 8080 needs to be opened up, and it should ONLY be open from the load balancer instance, NOT open to the world). This protects the surface area of any external access.

3. Create a certificate in the "Certificate Manager" that includes the domain/subdomain you are using (wildcard certificate works as well).

   

4. Create a new ELB with the following configurations:

   

   • 443 port listener to forward to your target group (Tomcat running on port 8080 on your EC2 instance)

   

5. Configure Route53 with a rule to forward your sub-domain to the ELB instance in front of your application.