DEV Community

Cover image for Secure Multi-Tier Web Application in a Custom VPC
Adah Okwara
Adah Okwara

Posted on

1

Secure Multi-Tier Web Application in a Custom VPC

In this project, i will create a secure and scalable network for a simple web application using a Virtual Private Cloud (VPC). The project will simulate a three-tier architecture (web, application, and database layers) with different security levels applied to each tier, showcasing VPC features like subnets, routing tables, and Network Access Control Lists (NACLs).

Objectives:

  1. Set up a custom VPC with public and private subnets.

  2. Deploy a basic web application that is accessible via the internet but has a securely protected application and database layer.

  3. Use security groups and NACLs to control traffic between the tiers.

  4. Enable logging for network traffic to monitor and troubleshoot network activity.

Step 1: Log in to AWS

  1. Go to AWS Management Console.

  2. Log in with your AWS account credentials.

  3. Open the VPC service by searching for "VPC" in the AWS Management Console search bar.

Step 2: Create a Custom VPC

  1. In the VPC Dashboard, click Your VPCs and Create VPC.

  2. Configure the VPC settings:

  • Name tag: Adah-Project-VPC

  • IPv4 CIDR block: 10.0.0.0/16.

  • IPv6 CIDR block: No IPv6.

  • Tenancy: Default.

  • Choose Region

Image description

Image description

  1. Click Create VPC.

Image description

Image description

Step 3: Create Subnets

I’ll create three subnets: one public for the web layer and two private for the app and database layers.

  1. Public Subnet
  • Go to subnets and create subnet.

  • Select Adah-Project-VPC for VPC.

  • *Subnet name: * Public-Subnet

  • Availability Zone: Choose an available zone (e.g., us-east-1a).

  • IPv4 CIDR block: 10.0.1.0/24

Add Another Subnet

Image description

Image description

Image description

  1. Application Private Subnet:
  • Create another subnet with:

    • Name: App-Private-Subnet
    • Availability Zone: us-east-1b
    • IPv4 CIDR block: 10.0.2.0/24.
    • **Click **on add
  1. Database Private Subnet:
  • Create a third subnet with:

  • Name: DB-Private-Subnet

  • Availability Zone

  • IPv4 CIDR block: 10.0.3.0/24

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read full post →

Top comments (0)

Eliminate Context Switching and Maximize Productivity

Pieces.app

Pieces Copilot is your personalized workflow assistant, working alongside your favorite apps. Ask questions about entire repositories, generate contextualized code, save and reuse useful snippets, and streamline your development process.

Learn more