In this blog, i am going to create a secured web portal with a client-user interface. Our agenda is to create a web portal for our company with all the security as much as possible. So, we use WordPress software with dedicated database server.Database should not be accessible from the outside world for security purposes.We only need to public the WordPress to clients.
Before starting, lets understand what abbreviations and some terminology that we are going to use in this.
- Virtual Private Cloud(VPC) : Amazon VPC enables you to build a virtual network in the AWS cloud — no VPNs, hardware, or physical datacenters required.
- Elastic IP(EIP) : An Elastic IP address is a static IPv4 address designed for dynamic cloud computing.
- Nat-Gateway : NAT Gateway is a highly available AWS managed service that makes it easy to connect to the Internet from instances within a private subnet in an Amazon Virtual Private Cloud (Amazon VPC).
We are going to perform this in some steps, that are :
1) Create a VPC.
2) In that VPC we have to create 2 subnets:
a) public subnet [ Accessible for Public World! ]
b) private subnet [ Restricted for Public World! ]
3) Create a public facing internet gateway for connect our VPC/Network to the internet world and attach this gateway to our VPC.
4) Create a routing table for Internet gateway so that instance can connect to outside world, update and associate it with public subnet.
5) Launch an ec2 instance which has Wordpress setup already having the security group allowing port 80 so that our client can connect to our wordpress site.
6) Launch an ec2 instance which has MYSQL setup already with security group allowing port 3306 in private subnet so that our WordPress instance can connect with the same.
- * Also attach the key with the same.
Lets start the creation here.
Step 1 : Configuring AWS, for configuring AWS :
Anshika Sharma posted on LinkedIn
awspractice #vimaldaga #hybridmulticloud #publiccloud #cloudmanagement #cloudservices #cloudstrategy Power of CLI for…
After configuring, check that the configuration is properly done or not. For this, run “aws configure” command.
Step 2 : Start creating the terraform code for our main agenda:
- Connect to the AWS IAM user, with the code :
2. Creating VPC :
3. Creating Subnet :
4. Creating an Internet Gateway:
5. Creating two security groups , one for public access and one for private access:
6. Creating a routing table and attach it to the subnet which will be public .
7. Creating an instance for MySQL.
8. Creating an instance for WordPress.
9. Configuring a static IP for WordPress instance using the EIP service.
10. Creating a routing table for private subnet.
11. Now we can deploy this code to create our static website. Since this is a terraform code we need to initialize it, with “terraform init” command.
12. Apply the code, using “terraform apply -auto-approve” command.
12. After successful apply, we can see all the deployed instances, VPCs , subnets etc.
13. Finally, we can see our website that we have created through the IP provided .
Step 3. Finally after completion , its a good practice to clean the environment by destroying all the things we have created using “terraform destroy -auto-approve” command .
Finally , we have created a secure and static website. Further we can extend this with more services. Feel free to ask any query if you have.