π― Objective
Build a secure, production-like environment on AWS using a VPC with Public and Private subnets. Deploy a PHP-based Micro-Blog app with a MariaDB backend using EC2 instances. This part covers VPC, EC2 instance setup using CloudFormation, and GitHub repo creation.
π Step 1: Create GitHub Repository
- Create a new GitHub repo: micro-blog-aws
- Folder structure:
micro-blog-aws/
βββ cloudformation/
β βββ vpc-ec2-setup.yaml
βββ backend/ # MariaDB connection
β βββ setup.sql
βββ frontend/
β βββ index.php
β βββ post.php
β βββ db.php
βββ README.md
- Add all files, commit, and push to GitHub.
- Github repo link
𧱠Step 2: Write CloudFormation Template
- In our
Vpc-ec2-setup.yamlfile paste the below code. - This file contains all the setup config as a Code(Infrastructure as a Code)
- Setup the file and push it via Git sync option or download the file and upload via upload
.yamlor.jsontemplate file.
Infra Code:
AWSTemplateFormatVersion: '2010-09-09'
Description: VPC Setup for Micro-Blog App (Public:Frontend, Private:MySQL)
Resources:
MicroBlogVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
Tags:
- Key: Name
Value: MicroBlogVPC
InternetGateway:
Type: AWS::EC2::InternetGateway
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref MicroBlogVPC
InternetGatewayId: !Ref InternetGateway
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MicroBlogVPC
CidrBlock: 10.0.1.0/24
AvailabilityZone: !Select [ 0, !GetAZs '' ]
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: PublicSubnet
PrivateSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MicroBlogVPC
CidrBlock: 10.0.2.0/24
AvailabilityZone: !Select [ 1, !GetAZs '' ]
Tags:
- Key: Name
Value: PrivateSubnet
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MicroBlogVPC
PublicRoute:
Type: AWS::EC2::Route
DependsOn: AttachGateway
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet
RouteTableId: !Ref PublicRouteTable
PublicSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow HTTP and SSH
VpcId: !Ref MicroBlogVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
PrivateSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow MySQL and SSH from Public EC2
VpcId: !Ref MicroBlogVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 3306
ToPort: 3306
SourceSecurityGroupId: !Ref PublicSecurityGroup
- IpProtocol: tcp
FromPort: 22
ToPort: 22
SourceSecurityGroupId: !Ref PublicSecurityGroup
PublicEC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
KeyName: microblog-keypair # Replace this with your actual key pair name
ImageId: ami-0c02fb55956c7d316 # Amazon Linux 2 (update to match your region)
SubnetId: !Ref PublicSubnet
SecurityGroupIds:
- !Ref PublicSecurityGroup
Tags:
- Key: Name
Value: PublicEC2
PrivateEC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
KeyName: microblog-keypair # Same key used to SSH from public EC2
ImageId: ami-0c02fb55956c7d316 # Amazon Linux 2
SubnetId: !Ref PrivateSubnet
SecurityGroupIds:
- !Ref PrivateSecurityGroup
Tags:
- Key: Name
Value: PrivateEC2
Outputs:
VPCID:
Description: VPC ID
Value: !Ref MicroBlogVPC
PublicSubnetID:
Value: !Ref PublicSubnet
PrivateSubnetID:
Value: !Ref PrivateSubnet
PublicSGID:
Value: !Ref PublicSecurityGroup
PrivateSGID:
Value: !Ref PrivateSecurityGroup
PublicInstanceID:
Value: !Ref PublicEC2Instance
PrivateInstanceID:
Value: !Ref PrivateEC2Instance
βοΈ Step 3: Deploy CloudFormation Stack
- Go to AWS CloudFormation
- Upload
vpc-ec2-setup.yaml - Provide Stack name: micro-blog-stack
- Parameters: key pair, instance types, etc.
- Launch and wait until status is
CREATE_COMPLETE - check the below image for clarification
π Step 4: Generate SSH Key Pair
- In AWS EC2 Console β Key Pairs β Create Key Pair β Download
.pem - Secure the
.pemto authenticate the user of EC2 using this keypair .pem file. chmod 400 micro-blog-key.pem- Login to the Created EC2 Public(frontend-EC2) using SSH via Git-bash
ssh -i micro-blog-key.pem ec2-user@<Public_IP>We need to access Private EC2(Database) from Public EC2(Frontend) via SSH and Key-pair.pem
Step 5:Once Done, we'll Get:
A working VPC with:
- Public subnet (frontend EC2 lives here)
- Private subnet (MySQL EC2 lives here)
Two security groups:
- One allows HTTP + SSH
- One allows MySQL only from frontend server
We can access private EC2 from Public EC2 with same Key-pair using Git-bash SSH.
- The below image describes the Private EC2 which we connected through Public EC2 via SSH.
- Note:(Check the IP so that we can make it confirm which EC2 we are in.)
β Done! our VPC and EC2 infrastructure is ready.
In Part 2 weβll:
- Install Apache, PHP, MariaDB
- Configure database
- Connect backend and frontend
Stay tuned and Complete the project..!
Top comments (2)
@akashabish , Part #1 is good. Keep going
Sure sir ! β¨