DEV Community: Durga Vellingiri

Deploying a MERN Stack Application (FrontEnd & BackEnd)

Durga Vellingiri — Sun, 27 Apr 2025 10:34:47 +0000

This guide provides a comprehensive step-by-step process to deploy a MERN (MongoDB, Express.js, React, Node.js) stack application on an AWS EC2 instance. It includes setting up the EC2 instance, configuring an Elastic IP, installing necessary software, cloning the repository, configuring the backend and frontend, setting up NGINX as a reverse proxy, and troubleshooting common issues.

Prerequisites

An AWS account with access to the AWS Management Console.
A MERN application hosted on a Git repository (e.g., GitHub).
Basic knowledge of SSH, Linux commands, and MERN stack development.
A .pem key pair for SSH access to the EC2 instance.

Step 1: Creating an EC2 Instance

Log in to the AWS Console

Access the AWS Management Console at console.aws.amazon.com.
Launch an EC2 Instance
- Navigate to the EC2 Dashboard and click Launch Instance.
- Choose Ubuntu Server 20.04 LTS (or a newer version).
- Select the t2.micro instance type (eligible for free tier).
- Create or select an existing key pair (e.g., eventhub-keypair.pem) for SSH access.
- In the Network Settings, configure the security group to allow:
  - SSH (port 22) from 0.0.0.0/0 (or your IP for restricted access).
  - HTTP (port 80) from 0.0.0.0/0.
  - HTTPS (port 443) from 0.0.0.0/0.
  - Add custom TCP rules for ports used by your app (e.g., 3000 for React, 5000 for Express).
- Launch the instance.

Step 2: Setting Up an Elastic IP

Allocate an Elastic IP
- In the EC2 Dashboard, go to Elastic IPs under Network & Security.
- Click Allocate Elastic IP address and allocate a new IP.
Associate Elastic IP with EC2 Instance
- Select the allocated Elastic IP, click Actions, and choose Associate Elastic IP address.
- Select your EC2 instance and associate the IP.

Step 3: Editing Security Groups

Add Custom Ports
- Go to the Security Groups section in the EC2 Dashboard.
- Select the security group associated with your EC2 instance.
- Add inbound rules for the ports used by your application:
  - Custom TCP: Port 3000 (React frontend, if applicable).
  - Custom TCP: Port 5000 (Express backend).
  - Custom TCP: Port 9000 (optional, if used by your app).
  - Set the source to 0.0.0.0/0 (or restrict to your IP for security).
Verify Firewall Rules
- Later, you’ll enable these ports in the Ubuntu firewall (ufw) to ensure connectivity.

Step 4: Connecting to the EC2 Instance

SSH into the EC2 Instance
- Open a terminal or Git Bash on your local machine.
- Set permissions for your .pem key file:
```
 chmod 400 eventhub-keypair.pem
```

Connect to the EC2 instance using the Elastic IP or public DNS:

 ssh -i "eventhub-keypair.pem" ubuntu@ec2-54-176-197-112.us-west-1.compute.amazonaws.com

Step 5: Installing Required Software on Ubuntu

1. Install Node.js and npm

Update the package index and install Node.js:

sudo apt update
sudo apt install nodejs npm

Verify the installed versions:

node -v
npm -v

If the Node.js version differs from your local development environment, install nvm to manage versions:

curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.5/install.sh | bash
source ~/.bashrc
nvm install 18

Replace 18 with your desired Node.js version.

2. Set Up MongoDB Atlas

Create a free cluster on MongoDB Atlas.
Obtain the connection string (e.g., mongodb+srv://<username>:<password>@cluster0.mongodb.net/<dbname>?retryWrites=true&w=majority).
Add the connection string to your backend’s .env file:

  MONGO_URI=mongodb+srv://<username>:<password>@cluster0.mongodb.net/<dbname>?retryWrites=true&w=majority

In your Node.js backend, connect to MongoDB using Mongoose:

  const mongoose = require('mongoose');
  mongoose.connect(process.env.MONGO_URI, { useNewUrlParser: true, useUnifiedTopology: true });

3. Install PM2

PM2 is a process manager to keep your Node.js application running in the background.

sudo npm install -g pm2

Start your backend server with PM2:

pm2 start server.js

Useful PM2 commands:

pm2 show server
pm2 status
pm2 restart server
pm2 stop server
pm2 logs
pm2 flush
pm2 save

4. Configure UFW Firewall

Enable the firewall and allow necessary ports:

sudo ufw enable
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw allow 5000/tcp
sudo ufw status

5. Install NGINX

Install NGINX to serve the frontend and act as a reverse proxy for the backend:

sudo apt install nginx

Verify the installation:

nginx -v

Step 6: Cloning the Repository

Clone the Git Repository Navigate to /home/ubuntu and clone your MERN application repository:

   cd /home/ubuntu
   git clone <your-repository-url>

Set Up the Backend
- Navigate to the backend directory (e.g., cd EventHub-v2/backend).
- Install dependencies:
```
 npm install
```

Create a .env file with your environment variables (e.g., MONGO_URI, PORT).
Start the backend with PM2:
```
 pm2 start server.js
 pm2 save
```

Set Up the Frontend
- Navigate to the frontend directory (e.g., cd EventHub-v2/frontend).
- Install dependencies and build the React app:
```
 npm install
 npm run build
```

Verify the dist folder is created.

Step 7: Configuring NGINX

Create an NGINX Configuration File Create a new configuration file for your app:

   sudo nano /etc/nginx/sites-available/eventhub

Add the following configuration:

   server {
       listen 80;
       server_name <your-elastic-ip-or-domain>;

       root /home/ubuntu/EventHub-v2/frontend/dist;
       index index.html;

       location / {
           try_files $uri /index.html;
       }

       # Proxy API requests to backend
       location /api/ {
           proxy_pass http://localhost:5000/api/;
           proxy_http_version 1.1;
           proxy_set_header Upgrade $http_upgrade;
           proxy_set_header Connection 'upgrade';
           proxy_set_header Host $host;
           proxy_cache_bypass $http_upgrade;
       }
   }

Replace <your-elastic-ip-or-domain> with your Elastic IP or domain.

Save the file (Ctrl+O, Enter, Ctrl+X).

Enable the Configuration Link the configuration to the sites-enabled directory:

   sudo ln -s /etc/nginx/sites-available/eventhub /etc/nginx/sites-enabled/

Update Default Configuration (Optional) Edit the default NGINX configuration to avoid conflicts:

   sudo nano /etc/nginx/sites-available/default

Ensure it does not conflict with port 80 or your app’s configuration.

Test and Restart NGINX Test the NGINX configuration for syntax errors:

   sudo nginx -t

Reload and restart NGINX:

   sudo systemctl reload nginx
   sudo systemctl restart nginx

Step 8: Troubleshooting Common Issues

Frontend Connecting to localhost:5000
- Issue: The frontend makes API calls to http://localhost:5000 instead of http://<your-ip>:5000.
- Solution: Update the frontend code to use the correct backend URL. Edit the API base URL in your frontend (e.g., src/api.js or environment variables):
```
 const API_URL = 'http://<your-elastic-ip>:5000/api';
```
Rebuild the frontend:
```
 npm run build
```
Port 5000 Not Accessible
- Issue: The backend port (e.g., 5000) is not open.
- Solution: Ensure the security group allows inbound traffic on port 5000:
  - Add a Custom TCP rule for port 5000 with source 0.0.0.0/0 (or your IP range).
  - Enable the port in UFW:
```
   sudo ufw allow 5000/tcp
```

Backend Not Binding to All Interfaces

Issue: The Express server only listens on localhost.
Solution: Update the server code to listen on all interfaces:

 const PORT = process.env.PORT || 5000;
 app.listen(PORT, '0.0.0.0', () => {
     console.log(`Server running on port ${PORT}`);
 });

Restart the backend with PM2:
```
 pm2 restart server
```

Server Loses Connection
- Reconnect to the EC2 instance using the SSH command:
```
 ssh -i "eventhub-keypair.pem" ubuntu@<your-elastic-ip>
```

Check PM2 status and restart if needed:
```
 pm2 status
 pm2 restart server
```

Save PM2 Processes Ensure PM2 restarts your app on server reboot:

   pm2 save
   pm2 startup

Step 9: Verify Deployment

Access the Application

Open a browser and navigate to http://<your-elastic-ip>.
- The frontend should load correctly.
- Test API endpoints (e.g., http://<your-elastic-ip>/api/health) to ensure the backend is operational.
Test Application Features

Verify the following:
- Homepage: Displays correctly. User-Features:
  - User Registration: Works without errors.
  - User Login: Authenticates successfully.
  - Events Page: Loads events correctly.
  - Event Booking: Books events successfully.
- Admin Features:
  - Event registration works.
  - Event addition succeeds.
  - Event deletion works.

Step 10: Additional Configurations (Optional)

Set Up a Domain Name
- Purchase a domain (e.g., via AWS Route 53 or another registrar).
- Create an A Record in your DNS settings pointing to your Elastic IP.
- Update the NGINX configuration with the domain name:
```
 server_name yourdomain.com www.yourdomain.com;
```

Enable HTTPS with Let’s Encrypt

Install Certbot:

 sudo apt install certbot python3-certbot-nginx

Obtain and install an SSL certificate:

 sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

Follow the prompts to configure HTTPS.

Automate Backups
- Use AWS S3 or another service to back up your MongoDB Atlas data.
- Schedule regular snapshots of your EC2 instance.
Monitor Performance
- Use AWS CloudWatch to monitor EC2 instance metrics.
- Set up alerts for CPU usage, memory, or downtime.

Conclusion

Your MERN stack application is now deployed on an AWS EC2 instance, accessible via an Elastic IP or domain. The backend is powered by Node.js and MongoDB Atlas, managed by PM2, while the React frontend is served via NGINX. Security groups, UFW, and NGINX configurations ensure secure and reliable access. Regular maintenance, such as updating dependencies and monitoring performance, will keep your application running smoothly.

For further assistance, refer to:

Create Your First Serverless AWS Lambda Function (Node.js)

Durga Vellingiri — Fri, 25 Apr 2025 16:32:07 +0000

Create Your First Serverless AWS Lambda Function (Node.js)

Serverless computing is revolutionizing the way we build and deploy applications. Instead of managing servers, developers can focus on writing code that automatically scales, pays only for what’s used, and integrates seamlessly with cloud ecosystems.

AWS Lambda is one of the most popular serverless platforms, allowing you to run your code without provisioning or managing servers.

In this blog post, I will guide you through creating your very first AWS Lambda function using Node.js, which simply returns a “Hello from Serverless!” message.

Step 1: Navigate to AWS Lambda Console

Go to the AWS Management Console and search for Lambda.

Click on Create function to get started.

Step 2: Create a Lambda Function

You will see the “Create function” page with multiple options. For this tutorial:

Choose Author from scratch.
Provide a function name, e.g., helloServerless.
Choose Node.js 18.x (or latest available) as the runtime.
Leave the rest as default.

Then click Create function at the bottom.

Step 3: Add Simple Code to Lambda

In the function code editor, add the following Node.js code:

exports.handler = async (event) => {
    const response = {
        statusCode: 200,
        body: JSON.stringify('Hello from Serverless!'),
    };
    return response;
};

This handler simply returns a JSON string with your message and an HTTP 200 status.

After pasting the code, click Deploy to save and activate your function.

Step 4: Test Your Lambda Function

Next, test the function by clicking on the Test button.

Create a new test event.
Name it testHello (or any name).
Leave the default event JSON as-is.
Click Create and then Test.

You should see the Execution result section show your response:

{
  "statusCode": 200,
  "body": "\"Hello from Serverless!\""
}

Step 5: View Logs in CloudWatch

AWS Lambda automatically integrates with CloudWatch Logs.

Scroll down to the Monitor tab and click View logs in CloudWatch to see execution logs.

This helps you debug and monitor your Lambda functions.

Conclusion

Congratulations! You just created and tested your first AWS Lambda function that returns a simple "Hello from Serverless!" message.

AWS Lambda allows you to build scalable and cost-effective serverless applications. You can now extend this function to integrate with APIs, databases, and other AWS services, unlocking powerful cloud-native architectures.

Stay tuned for more tutorials on serverless development!

Create and Use IAM Role with Custom Policy for EC2 to Access S3 – Step-by-Step Guide

Durga Vellingiri — Fri, 25 Apr 2025 15:29:53 +0000

📝 Introduction

In AWS, IAM (Identity and Access Management) Roles are essential for securely managing access between services. Rather than embedding long-term credentials in your EC2 instances, IAM Roles allow you to delegate permissions dynamically and securely. In this guide, we demonstrate how to create an IAM Role named MyEC2S3AccessRole and attach a custom inline policy EC2MyPolicy that enables your EC2 instances to access Amazon S3 buckets.

✅ Step 1: Go to the Create Role Page

Navigate to IAM > Roles and click "Create Role".

✅ Step 2: Select Trusted Entity

Choose "AWS service" as the type of trusted entity.

Then, select "EC2" as the use case — this means the role will be assumed by EC2 instances.

✅ Step 3: Skip Permissions for Now

We will attach a custom policy later, so simply click "Next" without attaching any existing policy.

✅ Step 4: Add Tags (Optional)

You can add tags to help identify or group your resources (optional step). Click "Next" to continue.

✅ Step 5: Name the Role

Give your role a meaningful name — here we use MyEC2S3AccessRole.

Add a description to document its purpose.

✅ Step 6: Create the Role

Review the details and click "Create Role".

✅ Step 7: Attach Inline Policy

After creating the role, go to the role page → Permissions tab → click “Add inline policy.”

✅ Step 8: Create Custom Policy

In the policy editor:

Choose JSON tab.
Paste your custom policy that allows S3 access (example below):

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "s3:*",
      "Resource": "*"
    }
  ]
}

This policy gives full access to all S3 buckets. You can restrict it further by replacing "*" with specific bucket ARNs.

✅ Step 9: Review and Name Policy

Click Review policy, and give it a name — for example, EC2MyPolicy.

✅ Step 10: Verify Inline Policy Added

You’ll now see EC2MyPolicy listed as an inline policy under the role’s Permissions tab.

✅ Step 11: Launch an EC2 Instance

Go to the EC2 dashboard, launch a new instance, and under IAM Role, select MyEC2S3AccessRole.

✅ Step 12: Verify Access from EC2

Once logged into the EC2 instance, open a terminal and run:

aws s3 ls

If everything is set up correctly, it will list the S3 buckets your policy allows access to.

🎉 Done! You Have Created an IAM Role and Policy for EC2-S3 Access

This approach is scalable, secure, and follows AWS best practices by using IAM Roles instead of storing credentials directly on EC2.

🧠 Bonus: View Role with AWS CLI

To check the role later:

aws iam get-role --role-name MyEC2S3AccessRole
aws iam list-role-policies --role-name MyEC2S3AccessRole
aws iam get-role-policy --role-name MyEC2S3AccessRole --policy-name EC2MyPolicy

✅ Conclusion

By following this setup, you have securely enabled your EC2 instances to interact with S3 using IAM best practices — no hardcoded credentials, just temporary and managed access. This method enhances security, simplifies permission management, and aligns with the principle of least privilege. Whether you're building scalable cloud applications or just experimenting, this IAM Role and Policy pattern is a must-have in your AWS toolkit.

Set Up CloudFront Distribution with Geo Restriction (Country Blocking)

Durga Vellingiri — Thu, 24 Apr 2025 00:33:31 +0000

Content delivery networks (CDNs) like AWS CloudFront help serve your web content quickly and reliably across the globe. Sometimes, you might want to restrict access to your content by country—for compliance, licensing, or security reasons. This blog will guide you step-by-step on setting up a CloudFront distribution with geo restriction to block specific countries from accessing your content.

Step 1: Prepare Your Origin

Typically, your origin is an S3 bucket (for static websites) or an EC2 instance, Load Balancer, or custom origin server.

Enable static website hosting in the S3 bucket.
Ensure the bucket policy allows public reads.

For detailed instructions on setting up a static website on S3, check out this article.

Step 2: Go to CloudFront Console

Open the CloudFront console in AWS.
Click on “Create Distribution.”

Step 3: Create Distribution

Configure your distribution settings as needed.
Click “Create Distribution.”
Wait until the status changes to “Deployed” and “Enabled.”

Step 4: Test Your CloudFront Distribution

Use your CloudFront domain (e.g., d123abc456.cloudfront.net) to access your content.

Example URL: https://d123abc456.cloudfront.net/index.html

Step 5: Implement Geo Restriction (Block by Country)

Once your distribution is deployed, click on it in the CloudFront console.
Navigate to the Security section.
Under Geo restriction, click Edit.
Choose Blacklist.
Select the countries you want to block (e.g., India).
Click Save changes.

Conclusion

And there you have it! Your CloudFront distribution now restricts access by country, helping you control who can view your content. If needed, you can easily remove or update these geo restrictions by returning to the settings.

This method is perfect for compliance, content licensing, or blocking unwanted traffic from certain regions. Pair this with custom error pages to provide a better user experience for blocked users.

Implement an S3 Lifecycle Policy

Durga Vellingiri — Wed, 23 Apr 2025 16:43:39 +0000

Amazon S3's Lifecycle Policies are powerful tools to automate transitions and deletions of objects between storage classes. However, if not configured correctly, they can result in unexpected storage costs, especially when objects move to GLACIER or DEEP_ARCHIVE.

If you’ve created a lifecycle rule (like "TransitionAndExpirationRule") just for trial and want to delete it to stop incurring additional charges, follow this simple step-by-step guide.

🖥️ 1. Go to the AWS Console

Head over to AWS Console and log in with your credentials.

🪣 2. Navigate to the S3 Dashboard

Click on “S3” under the “Storage” category or use the search bar to find it.

📂 3. Select Your Bucket

Choose the S3 bucket that has the lifecycle rule you want to remove.

⚙️ 4. Go to the "Management" Tab

Navigate to the “Management” tab where all lifecycle rules are listed.

📜 5. Identify Your Lifecycle Rule

Locate the rule you created earlier, such as TransitionAndExpirationRule.

✅ 6. Click the Rule Name

Click on the rule name to view its configuration and actions.

🗑️ 7. Add expiration days

🔒 8. Confirm Deletion

Confirm the deletion when prompted. Once deleted, this rule will no longer transition or delete objects.

💸 Why Delete Lifecycle Policies?

Prevent accidental data transitions to high-cost storage like GLACIER.
Avoid automatic deletions of critical files.
Regain manual control over object storage.

✅ Final Result

Once deleted, you’ll see that the rule no longer exists in the management tab:

Set Up an Amazon RDS Database

Durga Vellingiri — Mon, 21 Apr 2025 21:57:11 +0000

Amazon Relational Database Service (RDS) allows you to easily set up, operate, and scale a relational database in the cloud. In this guide, we will walk you through setting up an Amazon RDS MySQL database instance.

1. Go to the RDS Console

Open the AWS Management Console.
In the search bar, type RDS and select RDS from the dropdown.

2. Click “Create Database”

Once you’re in the RDS dashboard, click on the “Create database” button.

3. Choose Database Creation Method

In this step, you will choose how you want to create the database. Select “Standard Create” for full control over your configuration.

4. Choose Engine

You’ll now need to choose the database engine. For this guide, select MySQL. You can also choose from other engines such as PostgreSQL, MariaDB, or Oracle.

5. Specify DB Details

Enter the following information:

DB Instance Identifier: This is the name of your database instance (e.g., mydbinstance).
Master Username: The username for your admin account (e.g., admin).
Master Password: Set a password for your admin user.
Confirm Password: Re-enter the password to confirm.

If you don’t want to manually set a password, you can choose to auto-generate a password.

6. Choose DB Instance Size

In this section, you’ll choose the instance type that fits your needs. If you are using the AWS Free Tier, select the db.t3.micro class (1 vCPU, 1 GiB RAM).

For production environments or larger applications, you may want to select larger instance sizes.

7. Storage Settings

For most cases, the default storage settings will be sufficient. However, if you need more storage, you can modify the allocated storage or enable storage autoscaling to automatically adjust the storage based on your usage.

8. Connectivity

In this step, configure your network settings:

VPC: Choose the Virtual Private Cloud (VPC) where your database will reside.
Public Access: Set this to Yes if you want to access the database from outside the VPC (i.e., from your local machine or other networks).
VPC Security Group: Select an existing security group or create a new one to allow access to your RDS instance. Ensure port 3306 (for MySQL) is allowed.

9. Database Authentication

The default authentication method is Password authentication. You can leave this as is or enable IAM database authentication for enhanced security.

10. Additional Settings (Optional)

In this step, you can:

Set an initial DB name (this will create a database within your RDS instance).
Enable automatic backups, monitoring, and other features based on your requirements.

11. Click "Create Database" 🚀

Once you have configured all settings, click the “Create Database” button. AWS will begin provisioning your MySQL database instance.

Accessing Your RDS Instance:

After the database is created, you can access it using MySQL Workbench, DBeaver, or the terminal.

Go to RDS Dashboard: Navigate to the Databases section in the RDS console.
Copy the Endpoint: Find your database instance and copy the endpoint URL (e.g., database-new-instance-1.cr0gosscc0ry.ap-south-1.rds.amazonaws.com).
Connect via MySQL Client:
- Use a MySQL client like MySQL Workbench or the terminal to connect to your database.

For terminal:

   mysql -h database-new-instance-1.cr0gosscc0ry.ap-south-1.rds.amazonaws.com -u admin -p

You will be prompted to enter the password you set earlier.

Tips for Using Amazon RDS:

Monitoring: Enable CloudWatch logs and Performance Insights to keep track of your database’s health and performance.
Backups: Regularly back up your database to ensure data recovery in case of failure.
Security: Always use a strong password, and limit access to your RDS instance using security groups and IAM roles.

By following these steps, you should have a fully functional MySQL database running on Amazon RDS. Whether you're using it for development, testing, or production, RDS offers scalability, high availability, and security for your data management needs.

AWS VPC Setup: Public & Private Subnets with IGW, NAT, and EC2

Durga Vellingiri — Mon, 21 Apr 2025 09:04:53 +0000

Setting up a Virtual Private Cloud (VPC) is foundational when deploying resources in AWS securely. This guide walks you through creating:

A VPC
Public & Private Subnets
Internet Gateway
NAT Gateway
Route Tables
Optional EC2 Instances

✅ 1. Create a VPC

Go to VPC Dashboard > Your VPCs > Create VPC
Choose VPC only
Name: MyVPC
IPv4 CIDR block: 10.0.0.0/16
Leave other fields as default
Click Create VPC

✅ 2. Create Subnets

Navigate to Subnets > Create Subnet

➤ Public Subnet:

Name: PublicSubnet
VPC: MyVPC
AZ: ap-south-1a
CIDR block: 10.0.1.0/24

➤ Private Subnet:

Name: PrivateSubnet
VPC: MyVPC
AZ: ap-south-1b
CIDR block: 10.0.2.0/24

✅ 3. Create and Attach Internet Gateway

Go to Internet Gateways > Create Internet Gateway
- Name: MyIGW
Click Attach to VPC and select MyVPC

✅ 4. Create a Public Route Table

Go to Route Tables > Create Route Table
- Name: PublicRT
- VPC: MyVPC
Select PublicRT > Routes > Edit Routes
- Add route:
  - Destination: 0.0.0.0/0
  - Target: Internet Gateway → MyIGW

Go to Subnet Associations > Edit Subnet Associations
- Select: PublicSubnet

✅ 5. Allocate Elastic IP (EIP)

Go to Elastic IPs > Allocate Elastic IP
Note the allocation ID

✅ 6. Create NAT Gateway

Go to NAT Gateways > Create NAT Gateway
- Name: MyNATGW
- Subnet: PublicSubnet
- Elastic IP: select the one you just allocated

⏳ Wait a few minutes for the NAT Gateway to become active.

✅ 7. Create a Private Route Table

Go to Route Tables > Create Route Table
- Name: PrivateRT
- VPC: MyVPC
Select PrivateRT > Routes > Edit Routes
- Add route:
  - Destination: 0.0.0.0/0
  - Target: NAT Gateway → MyNATGW

Go to Subnet Associations
- Attach PrivateSubnet

✅ 8. Launch EC2 Instances (Optional)

➤ Public EC2:

AMI: Amazon Linux 2
Network: MyVPC, Subnet: PublicSubnet
Auto-assign Public IP: Enabled
Security Group: Allow SSH (port 22) from your IP

➤ Private EC2:

Same AMI
Subnet: PrivateSubnet
Auto-assign Public IP: Disabled

✅ SSH Connection Established

Use your terminal to SSH into the public instance, and from there connect to the private one using its private IP.

⚠️ Troubleshooting Tip

If you're unable to connect:

Check your Security Group's inbound rules:
- Type: SSH
- Protocol: TCP
- Port: 22
- Source: My IP or 0.0.0.0/0 (for open access - use carefully!)

🧹 Clean Up Resources

To avoid unnecessary charges, clean up:

📌 Summary Diagram

VPC: 10.0.0.0/16
├── PublicSubnet (10.0.1.0/24)
│   ├── Internet Gateway → Public RT → 0.0.0.0/0
│   └── NAT Gateway (for private subnet)
├── PrivateSubnet (10.0.2.0/24)
    └── NAT Gateway → Private RT → 0.0.0.0/0

✨ Happy Cloud Building!

Simple Guide to Setting Up EC2 with Auto Scaling Groups (ASG) on AWS

Durga Vellingiri — Sun, 20 Apr 2025 03:42:34 +0000

Step 1: Create an EC2 Instance

Before creating an Auto Scaling Group (ASG), we need an EC2 instance to use as a base for the Auto Scaling template.

Go to the EC2 Dashboard:
- Navigate to the EC2 Dashboard in your AWS console.

Launch an EC2 Instance:
- Click Launch Instance.
Select an Amazon Machine Image (AMI):
- Choose an Amazon Linux 2 or any preferred AMI for your EC2 instance.
Choose an Instance Type:
- Select t2.micro (Free Tier) or t3.micro for a test environment.
Configure Instance:
- Leave the default settings unless you need specific configurations.
- Set the number of instances to 1.
Add Storage:
- The default 8GB is enough for a simple test setup.
Configure Security Group:
- Add rules for:
  - HTTP (port 80) – for web access
  - SSH (port 22) – for remote access (you can restrict to your IP for security)
Review and Launch:
- Select or create a key pair to SSH into the instance.
Launch the Instance.

Step 2: Create a Launch Template

A Launch Template defines the configuration for your EC2 instances.

Go to EC2 Dashboard and click Launch Templates.
Click “Create Launch Template”.

Fill in the following fields:
- Name: Choose a name for the template (e.g., MyWebAppTemplate).
- AMI: Select the same AMI you used for the EC2 instance (e.g., Amazon Linux 2).
- Instance Type: Select the instance type (e.g., t2.micro).
- Key Pair: Select the key pair you created earlier.
- Security Group: Select the same security group you used for the EC2 instance.
Click Create Launch Template.

Step 3: Create an Auto Scaling Group (ASG)

Now that we have the Launch Template, let’s create an Auto Scaling Group.

Go to EC2 Dashboard > Auto Scaling Groups.
Click “Create Auto Scaling group”.

Configure the Auto Scaling Group:
- Name: Enter a name (e.g., MyWebAppASG).
- Launch Template: Choose the template you created earlier (e.g., MyWebAppTemplate).
- Version: Select the latest version.
- Desired Capacity: Set to 2 (this means 2 instances should be running).
- Minimum Capacity: Set to 2.
- Maximum Capacity: Set to 3.
Configure Scaling Policies:
- Scaling Type: Choose Target Tracking Policy.
- Target Value: Set to 30% for CPU utilization.
Review and Create the Auto Scaling Group.

Step 4: Monitor EC2 Instances Scaling

After setting up the ASG, AWS will automatically create the required instances.

You will see something like this, where EC2 instances are automatically managed:

Even if you terminate an instance manually, the ASG will automatically launch a new one to replace it.

Step 5: Clean Up to Avoid Extra Costs

When you're done testing, it's important to clean up resources:

Terminate the Auto Scaling Group:
- This will stop it from launching new instances.
Delete EC2 Instances:
- Terminate any EC2 instances that are still running.
Delete Launch Templates (if no longer needed):
- This will prevent clutter in your account.

Final Notes:

Auto Scaling Groups incur costs, so remember to clean up after you’re done testing.
You can use this setup to automatically scale your application based on traffic and performance metrics.

That’s it! You’ve now created an EC2 instance, Launch Template, Auto Scaling Group, and learned how to clean up afterward to save costs.

Feel free to ask if you have any questions!

Setting Up EC2 Instances with an Application Load Balancer (ALB) on AWS

Durga Vellingiri — Sat, 19 Apr 2025 16:50:09 +0000

In this, we’ll go step by step through the process of launching two EC2 instances in different availability zones, setting up Apache web servers, uploading a website template, and configuring an Application Load Balancer (ALB) with target groups for high availability and load distribution.

🖥️ Step 1: Create the First EC2 Instance

Go to the AWS EC2 dashboard and follow these steps:

Click Launch Instance
Name: Web Server
AMI: Amazon Linux
Instance Type: t2.micro (Free Tier eligible)
Key Pair: Select an existing key or create a new one
Network Settings:
- Edit settings
- Choose Default VPC
- Enable Auto-assign Public IP
- Set Availability Zone: ap-south-1a
Security Group: Choose existing security group (Launch Wizard 1)
Click Launch Instance

🖥️ Step 2: Create the Second EC2 Instance (in a different zone)

Repeat the process above with a slight change:

Availability Zone: Select ap-south-1b

This ensures your setup is multi-AZ for better fault tolerance.

🔐 Step 3: Security Group Settings

For simplicity in testing:

Go to Security Groups
Select Launch Wizard 1
Edit inbound rules:
- Type: All traffic
- Protocol: All
- Port Range: All
- Source: Custom – 0.0.0.0/0

⚠️ Warning: Allowing all traffic from anywhere is only recommended for testing/demo purposes.

📁 Step 4: Upload Website Template to EC2 Instances

1. Connect to EC2:

In EC2 dashboard:

Select the instance
Click Connect
Choose EC2 Instance Connect → Connect

2. Run the Following Commands:

sudo su
yum update -y
yum install httpd -y
service httpd start

3. Move to Web Directory:

cd /var/www/html

4. Download Free Template:

Go to Free CSS Templates

Copy the ZIP link of your favorite template.

wget <paste-template-zip-link>
ls
unzip <template-name>.zip
ls
cd <unzipped-folder>
mv * ..

Repeat the same steps for the second instance, but use a different template for differentiation in load balancing.

⚖️ Step 5: Create Target Groups

Target Group 1:

Navigate to Target Groups → Create Target Group
Type: Instances
Protocol: HTTP
Port: 80
VPC: Default
Health Check Path: /index.html
Name: TG1
Register the first EC2 instance and set port to 80

Target Group 2:

Repeat the steps, name it TG2, and register the second EC2 instance.

🌍 Step 6: Create Application Load Balancer

Go to Load Balancers → Create Load Balancer → Application Load Balancer.

Name: App-LB
Scheme: Internet-facing
IP address type: IPv4
VPC: Default
Availability Zones: Select both Zone A and Zone B
Security Group: Launch Wizard 1

🎯 Step 7: Add Listeners and Target Groups

Listener 1:
- Port: 80
- Forward to: TG1 (First Instance)

Listener 2:
- Add another port like 81 or 89
- Forward to: TG2 (Second Instance)

🌐 Step 8: Test the Load Balancer

After creating the load balancer, go to:

Load Balancer > Description
Copy the DNS name

Open the DNS in your browser:

http://<DNS> will load the first instance
http://<DNS>:81 (or 89) will load the second one

✅ Conclusion

You’ve successfully:

Created multi-AZ EC2 instances
Deployed different web templates
Set up target groups
Created an Application Load Balancer
Configured multiple listeners for routing

Now, you’ve got a scalable, resilient architecture ready for production (with more secure settings, of course).

Launch and Configure an EC2 Instance( Step-by-Step EC2 Setup + SSH Connection (Windows)

Durga Vellingiri — Fri, 18 Apr 2025 06:43:03 +0000

Introduction

Launching an EC2 instance is one of the first and most crucial steps when working with Amazon Web Services (AWS). It allows you to run virtual servers in the cloud, providing you with flexibility and scalability. In this tutorial, we’ll go step-by-step to launch an EC2 instance and connect to it via SSH using Windows. This guide is designed for beginners, so even if you're just starting out with AWS, you'll be able to follow along easily.

Let’s dive into how to launch your first EC2 instance and establish an SSH connection.

✅ Step 1: Launch a New EC2 Instance

Go to the EC2 Dashboard:
Open the EC2 console by visiting EC2 Dashboard.
Click “Launch Instance”:
On the EC2 dashboard, find and click the Launch Instance button to start the process of creating a new instance.
Configure the Instance:
- Name your instance: This is for identification purposes. You can name your instance anything you'd like (e.g., Durga-EC2).
- Choose an Amazon Machine Image (AMI): For simplicity, we’ll choose Amazon Linux 2 AMI (HVM), SSD Volume Type, which is free-tier eligible and suitable for most use cases.
- Select Instance Type: Choose t2.micro (Free tier eligible) for a low-cost option. This instance type is great for lightweight workloads.
- Configure Key Pair:
  - Key Pair (login): Here, you can either choose an existing key pair or create a new one. For this guide, let’s create a new key pair with any name you like (e.g., my-key-pair).
  - Key Pair Type: Select .pem.
  - Download the key pair: Ensure that you download and save the .pem file in a safe location (e.g., C:\Users\Durga V\Downloads\my-key-pair.pem). You’ll need this file later to connect to your instance securely.
- Network Settings:
  - Click “Edit inbound rules” and add a new rule to allow SSH access:
  - Type: SSH
  - Port: 22
  - Source: Anywhere (0.0.0.0/0), which allows access from any IP address (you can adjust this for more security if needed).
Launch the Instance:
After configuring the settings, click “Launch Instance” to create your EC2 instance.

✅ Step 2: Verify Instance Is Running

Once the instance is launched:

Go to Instances in the EC2 console.
Find your instance in the list and verify that:
- ✅ Instance State = Running
- ✅ The Public IPv4 or DNS name is visible (you’ll need this to connect via SSH).

✅ Step 3: Open Git Bash (Not CMD)

Windows users should use Git Bash for the SSH connection process. Git Bash is a terminal emulator that supports the necessary Linux commands for SSH.

Open Git Bash:
- Press the Start menu, search for Git Bash, and open it.
Navigate to the Folder:
Use the cd command to change the directory to where you saved the .pem key pair file:

   cd "/c/Users/Durga V/Downloads"

✅ Step 4: Fix File Permission (Only Once)

Before connecting via SSH, ensure your key file has the correct permissions by running:

chmod 400 my-key-pair.pem

This command ensures that your key file is only readable by you, which is a requirement for secure SSH connections.

✅ Step 5: Connect to the EC2 Instance via SSH

Now, it’s time to connect to your EC2 instance using the SSH protocol.

Use the SSH Command: In Git Bash, replace ec2-XX-XX-XX-XX.us-east-2.compute.amazonaws.com with your instance’s Public IPv4 DNS (or IP address). The general SSH command looks like this:

   ssh -i "my-key-pair.pem" ec2-user@ec2-XX-XX-XX-XX.us-east-2.compute.amazonaws.com

Or you can use the public IP:

   ssh -i "my-key-pair.pem" ec2-user@<your-public-ip>

Accept the Security Warning:
The first time you connect, you may see a warning about the authenticity of the host. Type yes to accept and proceed.
Login:
If everything is set up correctly, you’ll be connected to your EC2 instance and be presented with a terminal prompt for the ec2-user account.

Cleanup or delete the instance:

🧠 Quick Notes

Default Username: For Amazon Linux 2, use ec2-user as the default login username. If you're using an Ubuntu AMI, the username will be ubuntu.
Git Bash: Always use Git Bash for SSH on Windows, as it avoids potential path and permission issues that CMD may cause.
Security Groups: Double-check that your security group allows incoming traffic on Port 22 (SSH) from Anywhere (0.0.0.0/0) (or restrict it to specific IPs for better security).

Conclusion

Congratulations! You’ve successfully launched an EC2 instance and connected to it using SSH from your Windows machine. This process is a foundational skill when working with AWS, and mastering it opens the door to managing servers, hosting applications, and scaling your infrastructure in the cloud.

Remember, you can always go back and adjust instance settings, security groups, or key pairs as needed. AWS is highly flexible and scalable, and this hands-on experience will help you in your cloud journey.

Feel free to drop your EC2 instance IP or a screenshot of your EC2 dashboard, and I can help you generate the exact SSH command if you run into any issues! Keep experimenting, and happy cloud computing!

Create a Static Website Using Amazon S3

Durga Vellingiri — Thu, 17 Apr 2025 04:53:19 +0000

Amazon S3 (Simple Storage Service) allows you to host static websites easily and cost-effectively. Whether it’s a personal portfolio, project landing page, or simple blog, here’s a step-by-step guide to help you set it up in minutes!

✅ To create a bucket

Sign in to the AWS Management Console and open the Amazon S3 console: https://console.aws.amazon.com/s3/
Click Create bucket.
Enter your Bucket name (e.g., example.com).
Choose your desired AWS Region.
Click Create to proceed with the default settings.

🌐 To enable bucket versioning

In the buckets list, click the bucket you just created.
Go to the Properties tab.
Scroll to Static website hosting and click Edit.
Choose Use this bucket to host a website.
Enable Static website hosting.
In the Index document, enter index.html.
Click Save changes.
You’ll now see a Website endpoint at the bottom of the section.

🔓 Edit Block Public Access settings

In the buckets list, click your bucket name.
Go to the Permissions tab.
Under Block public access (bucket settings), click Edit.
Uncheck Block all public access.
Confirm and click Save changes.

🔐 Add a bucket policy that makes your bucket content publicly available

Under your bucket, go to the Permissions tab.
Scroll to Bucket policy and click Edit.
Paste the following JSON policy (replace Bucket-Name with your actual bucket name):

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "PublicReadGetObject",
      "Effect": "Allow",
      "Principal": "*",
      "Action": ["s3:GetObject"],
      "Resource": ["arn:aws:s3:::Bucket-Name/*"]
    }
  ]
}

Click Save.

📁 Configure an index document

Create an index.html file. Here's a simple example:

<!DOCTYPE html>
<html>
<head>
  <title>My Website</title>
</head>
<body>
  <h1>Welcome to my website!</h1>
  <p>Now hosted on Amazon S3!</p>
</body>
</html>

Go back to your bucket and make sure website hosting is enabled with index.html set as your index document.
Upload the file:
- Drag and drop it into the bucket, or
- Click Upload, choose the file, and complete the upload process.

🌍 Test your website endpoint

In your bucket, go to the Properties tab.
Scroll to Static website hosting.
Click your Bucket website endpoint.
Your website should now open in a new tab, live and hosted!

✅ Conclusion

That’s it! 🎉 You’ve successfully hosted your static website using Amazon S3.

This setup is not only free or low-cost (especially with the AWS Free Tier), but also super scalable and efficient for quick deployments. Whether you're showcasing your portfolio, sharing a project, or building a micro site — S3 makes it incredibly easy.

You can now customize your HTML file, add more pages, or even integrate it with a custom domain and SSL using Amazon Route 53 + CloudFront.

Happy hosting! 💻✨

AWS 101 WORKSHOP ARCHITECTURE

Durga Vellingiri — Mon, 31 Mar 2025 12:12:56 +0000

1. Creating a Virtual Private Cloud (VPC)

Step 1: Navigate to VPC

Go to AWS Management Console.
Search for VPC in the services.

Step 2: Create a New VPC

Click on Create VPC.
Enter a suitable name and CIDR block.
Click Create VPC.

2. Configuring Security Groups

Step 1: Navigate to Security Groups

In the VPC Dashboard, go to Security Groups.
Click Create Security Group.

Step 2: Define Security Rules

Add inbound rules (e.g., HTTP, HTTPS, SSH).
Define source IP ranges.
Click Create.

3. Creating IAM Role

Step 1: Navigate to IAM

Go to AWS IAM Console.
Click on Roles > Create Role.

Step 2: Assign Policies

Choose a trusted entity (e.g., AWS Service).
Attach necessary permissions.
Click Create Role.

4. Launching an EC2 Instance

Step 1: Navigate to EC2

Go to AWS EC2 Console.
Click Launch Instance.

Step 2: Configure the Instance

Select an AMI.
Choose an instance type.
Assign the previously created IAM Role.
Attach the Security Group.
Click Launch.

5. Connecting to AWS Session Manager

Step 1: Open AWS Systems Manager

Navigate to Systems Manager.
Select Session Manager.

Step 2: Connect to EC2

Click Start Session.
Choose the EC2 instance and connect.

6. Creating a Target Group

Step 1: Navigate to Target Groups

Go to EC2 > Load Balancing > Target Groups.
Click Create Target Group.

Step 2: Register Targets

Select EC2 instances.
Click Create.

7. Creating a Load Balancer

Step 1: Navigate to Load Balancers

Go to EC2 > Load Balancing > Load Balancers.
Click Create Load Balancer.

Step 2: Configure Load Balancer

Choose an application or network load balancer.
Assign the target group.
Click Create.

8. Creating an S3 Bucket

Step 1: Navigate to S3

Open S3 Console.
Click Create Bucket.

Step 2: Configure Bucket

Enter a unique name.
Choose a region and configure settings.
Click Create Bucket.

9. Assigning Permissions to IAM Role

Step 1: Navigate to IAM Roles

Select the created IAM role.
Attach necessary policies.
Click Save.

10. Creating a Launch Template

Step 1: Navigate to Launch Templates

Go to EC2 > Launch Templates.
Click Create Template.

Step 2: Configure the Template

Define instance settings.
Click Create.

11. Setting Up Auto Scaling Groups

Step 1: Navigate to Auto Scaling

Go to EC2 > Auto Scaling Groups.
Click Create Auto Scaling Group.

Step 2: Define Scaling Policies

Select the launch template.
Set desired instance count.
Click Create.

12. Output

Conclusion

Successfully implementing this AWS project has provided me with valuable hands-on experience in cloud infrastructure. By setting up VPCs, configuring security groups, deploying EC2 instances, integrating IAM roles, and managing scalable resources, I have gained a deeper understanding of AWS services. This structured approach ensures a secure, efficient, and scalable cloud environment, which is essential for modern cloud-based applications.