Real-World Project – Hosting a Scalable Web App on AWS

From Architecture to Deployment of a Full-Stack, Scalable, and Secure Web Application

This chapter ties together everything we’ve learned—compute, networking, databases, IAM, and monitoring—into a real-world project: deploying a scalable, fault-tolerant web application using AWS services.

Project Overview

You’ll build and deploy a two-tier web application with the following characteristics:

Architecture Diagram

            [ User Browser ]
                   |
               [ Route 53 ]
                   |
         [ Application Load Balancer ]
                 /       \
        [ EC2 Instance A ] [ EC2 Instance B ] ← Auto Scaling Group
                 \       /
           [ Amazon RDS - MySQL ]
                   |
          [ Amazon CloudWatch Logs ]
                   |
          [ AWS IAM + VPC Security ]

            [ User Browser ]
                   |
               [ Route 53 ]
                   |
         [ Application Load Balancer ]
                 /       \
        [ EC2 Instance A ] [ EC2 Instance B ] ← Auto Scaling Group
                 \       /
           [ Amazon RDS - MySQL ]
                   |
          [ Amazon CloudWatch Logs ]
                   |
          [ AWS IAM + VPC Security ]

🔐 All communication secured with HTTPS + IAM roles for instance-to-service access.

Step-by-Step: Infrastructure Setup

Step 1: VPC and Subnets

• Create custom VPC (10.0.0.0/16)
• Create 2 Public Subnets (e.g., 10.0.1.0/24, 10.0.2.0/24)
• Create 2 Private Subnets for RDS
• Attach an Internet Gateway
• Add Route Tables:
  • Public → IGW
  • Private → NAT Gateway

Step 2: EC2 Launch Configuration

• Create a Launch Template with:
  • Amazon Linux 2 / Ubuntu
  • User Data Script (installs Node.js/Python app)
  • IAM Role: access to CloudWatch, S3
  • Security Group: allow port 80/443 from ALB only

#!/bin/bash
yum update -y
yum install -y nodejs npm git
git clone https://github.com/myuser/myapp.git
cd myapp
npm install
npm start

#!/bin/bash
yum update -y
yum install -y nodejs npm git
git clone https://github.com/myuser/myapp.git
cd myapp
npm install
npm start

💡 Use Elastic Beanstalk or Docker + ECS for containerized deployments.

Step 3: Application Load Balancer

• Target Type: EC2
• Protocol: HTTP or HTTPS (with ACM certificate)
• Health Check Path: /health
• Listener Rules: Route traffic to target group
• Attach to Auto Scaling Group

Step 4: Auto Scaling Group

• Attach to public subnets
• Min instances: 2, Max: 10
• Scaling policy: CPU > 70% → add instance
• Use CloudWatch Alarm to trigger scaling

Step 5: RDS Configuration

• Engine: MySQL or PostgreSQL
• Multi-AZ: Enabled
• Instance Type: db.t3.medium
• Subnet Group: Private subnets only
• Storage: 20 GB, enable auto-scaling
• Enable automatic backups
• Connect from EC2 via security group reference, not public IP

Step 6: Store Static Assets on S3

• Create bucket: myapp-static-content
• Enable static website hosting
• Upload HTML, CSS, JS
• Optional: Distribute via CloudFront

🛡️ Block public access via bucket policy and use signed URLs if needed.

Step 7: Domain Setup with Route 53

• Buy/transfer domain to Route 53
• Create Hosted Zone
• Create A Record → ALB DNS name
• Enable HTTPS via ACM Certificate and attach to ALB

Step 8: Monitoring and Logging

Step 9: Security Configuration

Step 10: Cost Optimization Tips

• Use t3.micro for dev (Free Tier eligible)
• Enable EC2 Auto Scaling to reduce idle compute
• Schedule non-prod EC2s to stop at night
• Use Aurora Serverless or DynamoDB on-demand
• Set up budgets in Billing Dashboard

📦 Deployment Automation (Optional)

Use CloudFormation or CDK to define your entire stack:

cdk deploy

cdk deploy

Or use CodePipeline + CodeBuild to:

• Detect changes in GitHub
• Run build scripts
• Deploy automatically to EC2 or S3

✅ Final Checklist