Most tutorials jump straight into Terraform, AWS CLI, or Boto3 automation. That’s great for advanced workflows but what if you’re just starting out and want to see how AWS actually works?
In this guide, I’ll show you how we deployed a Spring Boot Java application on AWS, step by step, using only the AWS Console (GUI).
No automation, no shortcuts just a clean walkthrough so you truly understand the moving parts.
We’ll also attach the GitHub repo at the end that contains the application source code.
🔹 Architecture Overview
Here’s what we’ll build:
- VPC → custom networking environment for our app
- Subnets → public subnet for EC2 (app), private subnet for RDS (database)
- Internet Gateway + Route Table → so EC2 can be accessed from the internet
- Security Groups → fine-grained access control
- EC2 (Ubuntu) → to run our Java JAR
- RDS (MySQL) → managed database
- Application → Spring Boot JAR deployed on EC2
🔹 Step 1: Networking Setup (VPC & Subnets)
- Open VPC Console → Create a new VPC.
- Name:
app-vpc
- CIDR:
10.0.0.0/16
- Create two subnets:
-
public-subnet
→10.0.1.0/24
(for EC2) -
private-subnet
→10.0.2.0/24
(for RDS)
Create an Internet Gateway and attach it to the VPC.
Create a Route Table for the public subnet:
- Add route:
0.0.0.0/0 → Internet Gateway
- Associate this route table with the public subnet.
✅ Now, EC2 in the public subnet can be reached from outside.
✅ RDS in the private subnet will stay isolated (secure).
🔹 Step 2: Security Groups
We created two security groups:
-
EC2-SG
- Inbound: Allow SSH (22) from your IP
- Inbound: Allow HTTP (8080) from anywhere
- Outbound: Allow all
-
RDS-SG
- Inbound: Allow MySQL (3306) only from EC2-SG
- Outbound: Allow all
✅ This ensures only the app server can talk to the database.
🔹 Step 3: RDS Setup (MySQL)
- Open RDS Console → Create Database.
- Engine: MySQL
- Version: Choose latest stable
- Deployment: Single AZ (for demo)
- Instance:
db.t3.micro
(free-tier eligible) - DB Name:
appdb
- Master User:
admin
- Password: (set & note it down)
Place RDS in the private subnet group.
Attach
RDS-SG
security group.
✅ Database is now ready but only accessible from EC2.
🔹 Step 4: EC2 Setup (Ubuntu + Java)
- Open EC2 Console → Launch Instance.
- Name:
app-server
- OS: Ubuntu 22.04
- Type:
t2.micro
- Network: Choose
public-subnet
- Security Group:
EC2-SG
- Key Pair: Create & download
.pem
file
- Once launched, connect via SSH:
ssh -i your-key.pem ubuntu@<EC2-Public-IP>
- Install Java:
sudo apt update
sudo apt install openjdk-17-jdk -y
- Copy your JAR file to the server:
scp -i your-key.pem encryption-app-1.0.0.jar ubuntu@<EC2-Public-IP>:/home/ubuntu/
- Run the app with RDS config:
nohup java -jar encryption-app-1.0.0.jar \
--server.address=0.0.0.0 --server.port=8080 > app.log 2>&1 &
✅ Your Java app is now running on port 8080
.
🔹 Step 5: Application Properties (Database Connection)
Inside your Spring Boot application.properties
, configure the RDS DB:
spring.datasource.url=jdbc:mysql://<RDS-ENDPOINT>:3306/appdb
spring.datasource.username=admin
spring.datasource.password=your-password
spring.jpa.hibernate.ddl-auto=update
Restart the app after editing properties if needed.
🔹 Step 6: Verify Deployment
- Visit:
http://<EC2-Public-IP>:8080
- App should connect to MySQL and run successfully.
- Check logs if issues:
tail -f app.log
🔹 Key Takeaways
- We built everything step by step using the AWS GUI, not automation.
- Networking (VPC, subnets, IGW, route tables) is the foundation.
- Security groups = your firewall (keep them strict).
- EC2 in public subnet runs app, RDS in private subnet holds data.
* Works great for learning and small projects.
🔗 GitHub Repo: https://github.com/Harivelu0/aws-projects/tree/main/encryption-app
✨ That’s it! We deployed a Java application on AWS, end-to-end, without a single line of Terraform or CLI.
Top comments (1)
Awesome, thanks for sharing - great for beginner friendly conseptual understanding! 😃🏆🎉