A Secured Web Portal with client-user Interface.

Web portal over AWS

Hello everyone,

In this blog, i am going to create a secured web portal with a client-user interface. Our agenda is to create a web portal for our company with all the security as much as possible. So, we use WordPress software with dedicated database server.Database should not be accessible from the outside world for security purposes.We only need to public the WordPress to clients.

Before starting, lets understand what abbreviations and some terminology that we are going to use in this.

  1. Virtual Private Cloud(VPC) : Amazon VPC enables you to build a virtual network in the AWS cloud — no VPNs, hardware, or physical datacenters required.
  2. Elastic IP(EIP) : An Elastic IP address is a static IPv4 address designed for dynamic cloud computing.
  3. Nat-Gateway : NAT Gateway is a highly available AWS managed service that makes it easy to connect to the Internet from instances within a private subnet in an Amazon Virtual Private Cloud (Amazon VPC).

We are going to perform this in some steps, that are :

1) Create a VPC.

2) In that VPC we have to create 2 subnets:

a) public subnet [ Accessible for Public World! ]

b) private subnet [ Restricted for Public World! ]

3) Create a public facing internet gateway for connect our VPC/Network to the internet world and attach this gateway to our VPC.

4) Create a routing table for Internet gateway so that instance can connect to outside world, update and associate it with public subnet.

5) Launch an ec2 instance which has Wordpress setup already having the security group allowing port 80 so that our client can connect to our wordpress site.

6) Launch an ec2 instance which has MYSQL setup already with security group allowing port 3306 in private subnet so that our WordPress instance can connect with the same.

  • * Also attach the key with the same.
Architecture for this web portal

Lets start the creation here.

Step 1 : Configuring AWS, for configuring AWS :

After configuring, check that the configuration is properly done or not. For this, run “aws configure” command.

aws configuring command

Step 2 : Start creating the terraform code for our main agenda:

  1. Connect to the AWS IAM user, with the code :
connecting to AWS

2. Creating VPC :

Creating VPC

3. Creating Subnet :

Creating two subnets

4. Creating an Internet Gateway:

Creating Internet Gateway

5. Creating two security groups , one for public access and one for private access:

creating security group
creating security group (continue)
creating security group (continue)

6. Creating a routing table and attach it to the subnet which will be public .

Creating routing table for public subnet

7. Creating an instance for MySQL.

Creating instance for MySQL

8. Creating an instance for WordPress.

Creating instance for WordPress

9. Configuring a static IP for WordPress instance using the EIP service.

creating elastic ip

10. Creating a routing table for private subnet.

Creating routing table for private subnet

11. Now we can deploy this code to create our static website. Since this is a terraform code we need to initialize it, with “terraform init” command.

Initializing

12. Apply the code, using “terraform apply -auto-approve” command.

terraform apply
terraform apply(continue)
terraform apply (complete)

12. After successful apply, we can see all the deployed instances, VPCs , subnets etc.

created VPC
created Subnets
Internet Gateway that we have created
Routing table and routes that we have configured
Elastic IP
Wordpress instance : public instance
MySQL instance : private instance

13. Finally, we can see our website that we have created through the IP provided .

Final Output

Step 3. Finally after completion , its a good practice to clean the environment by destroying all the things we have created using “terraform destroy -auto-approve” command .

terraform destroy
Finally Destroyed

Finally , we have created a secure and static website. Further we can extend this with more services. Feel free to ask any query if you have.

Thank You!!

I am a tech enthusiast, researcher and work for integrations. I love to explore and learn about the new technologies and their right concepts from its core.