Here is the 3 tire archietecture diagram
Components
Internet Gateway (Iaas): Enables the VPC to communicate with the internet, facilitating public access to resources in the Web Tier.
Elastic Load Balancer (ELB) (Iaas): Distributes incoming traffic across multiple EC2 instances in the Web Tier for fault tolerance and scalability.
Web Tier (Amazon EC2 - Public Subnet): Hosts web servers accessible over the internet, providing the first layer for user interaction.
App Tier (Amazon EC2 - Private Subnet): Runs the business logic and processes data securely, isolated from direct internet access.
Database Tier (Amazon Aurora Primary DB - Private Subnet): Manages the primary relational database in a secure environment, handling read/write operations.
Aurora Read Replica - Private Subnet: Provides read-only replicas to offload traffic from the primary database, ensuring high availability.
AZ1 & AZ2: Represent Availability Zones for high availability and redundancy across isolated data centers.
VPC (Virtual Private Cloud): Isolates and organizes the resources into subnets for security and control.
Public Subnet: Subnet exposed to the internet, hosting resources like web servers that need public access.
Private Subnet: Subnet restricted from internet access, used for resources like app servers and databases for enhanced security.
Step1: Create a S3 bucket
go to github and download the aws 3 tire archietecture zip file
Step2: Create IAM Role
Attach the following policies
AmazonS3ReadOnlyAccess
AmazonSSMManagedInstanceCore
Step3: Create a new VPC
Step 4: Create Subnets
You have to create 6 subnets in total.. 2 public subnets for 2 AZs and 2 private subnets 2 AZs and 2 DB subnets for 2 AZs
each with 10.0.0.0/24 , 10.0.1.0/24 , 10.0.2.0/24 ,...10.0.5.0/24
Step 5: Create a Internet Gateway
In order to give internet access to Public subnets Create internet gateway and attach the created VPC to the internet gateway
Step 6: Create 2 NAT gateway for each availability zones
In order to provide our instances in app layer private subnet to access the internet, Create a NAT gateway
Step 7: Create separate route table for Public subnets, and 2 Private subnets in each availability zones and connect it to the internet gateway
Step 8: After connecting the internet gateway with the route table for the AZs1 then connect the public subnet with the route table.
After completing this create the same for private subnet..
Step 9: Go to security groups and create 5 security groups
SG1: create this for the public, internet facing load balancer.(HTTP, MyIP)
SG2: create this for the public instances(web tier) in the web tier. (HTTP, Internet facing load balancer)
SG3: Create this for internal load balancer.(HTTP,web tier)
SG4: Configure this for the private instances (TCP-port 4000 MyIP , Internal load balancer)
SG5: Configure this for private database table (MYSQL / Aurora
Step 10: Create DataBase
Go to RDS -> Create DB Subnet group with the VPC we have created -> select the chosen Subnet and the AZs -> Create DB Subnet
Now navigate to create database and select the following options
- Standard Create
- Amazon MySQL Compatible
- Dev/Test
- Credentials - self managed
- Aurora Standard
- db.t3.medium
- Select the Vpc
- Select DBSG from existing security group
Now Select Create Database
Top comments (0)