This cloud project demonstrates the use of a Virtual Private Cloud (VPC) with both public and private subnets to create a secure and resilient production environment.
Key aspects of the architecture:
- VPC Design: The VPC spans two Availability Zones and consists of public and private subnets.
- Public Subnets: These subnets host the load balancer and NAT gateways, providing internet connectivity.
- Private Subnets: The application servers are deployed in these subnets, which are not directly accessible from the internet.
- Auto Scaling: The application servers are managed by an Auto Scaling group, ensuring high availability and automatic scaling.
- Load Balancing: An Application Load Balancer is used to distribute traffic to the application servers.
- Internet Connectivity: The application servers in the private subnets can access the internet through the NAT gateways in the public subnets.
This cloud project is designed to:
- Provide a secure and resilient production environment for hosting web applications.
- Leverage the benefits of a VPC with public and private subnets to enhance the overall security posture.
- Implement automatic scaling and high availability using an Auto Scaling group and a load balancer.
- Ensure that the application servers in the private subnets can still access the internet for necessary functionalities.
The Virtual Private Cloud (VPC) is configured to span two Availability Zones for high availability and fault tolerance. It includes both public and private subnets in each AZ. The public subnets are configured with an Internet Gateway to allow inbound and outbound internet access, hosting the load balancer and NAT gateways. Private subnets, where application servers reside, do not have direct internet access. Instead, they use NAT gateways in the public subnets for outbound internet connectivity. This setup ensures a secure network architecture by isolating critical components while maintaining necessary internet access for updates and external services.
The Auto Scaling group is configured to manage the application servers deployed in the private subnets. It automatically adjusts the number of EC2 instances based on predefined conditions such as CPU utilization or network traffic. The group spans multiple Availability Zones to ensure high availability and fault tolerance. Launch templates or launch configurations are used to define the instance specifications, including the AMI, instance type, key pair, security groups, and user data for initial setup. Scaling policies are set to automatically increase or decrease the number of instances in response to changing demand, ensuring optimal performance and cost-efficiency.
The VPC is divided into public and private subnets across two Availability Zones:
-
Public Subnets: These subnets have a route to the Internet Gateway, allowing direct internet access. They host the Application Load Balancer and NAT gateways. The load balancer in the public subnets receives incoming traffic and distributes it to the application servers in the private subnets.
-
Private Subnets: These subnets do not have a direct route to the internet. They host the application servers, databases, and other backend systems that don't require direct internet access. Outbound internet access for these resources is facilitated through NAT gateways located in the public subnets. This configuration enhances security by isolating critical components from direct internet exposure while still allowing necessary outbound connections for updates and external services.
The bastion host serves as a secure entry point for accessing resources in private subnets:
- Deployed in a public subnet for direct internet access
- Acts as a jump server for SSH access to EC2 instances in private subnets
- Enhances security by minimizing the attack surface of the infrastructure
- Configured with strict security group rules, allowing inbound SSH only from trusted IP addresses
- Requires SSH key authentication for access
- Regularly updated and patched to maintain security posture
To access EC2 instances in private subnets:
- SSH into the bastion host using its public IP address
- From the bastion, SSH into private EC2 instances using their private IP addresses
The Application Load Balancer (ALB) is deployed in the public subnets to manage incoming traffic, distributing requests to application servers in the private subnets.
-
Traffic Distribution: The ALB routes incoming traffic to application servers in private subnets, ensuring balanced loads and improved performance.
-
High Availability: Spread across two Availability Zones, the ALB ensures continuous uptime by rerouting traffic to healthy instances in case of failure.
-
Auto Scaling Integration: The ALB works with Auto Scaling to distribute traffic to new instances as demand increases or decreases.
-
Secure Access: The ALB acts as the internet-facing entry point, securing the private subnet servers by isolating them from direct internet exposure.
-
SSL Termination: SSL certificates are managed by the ALB, ensuring secure traffic between clients and the load balancer.
In this project, the application servers are deployed in the private subnets to ensure they are isolated from direct internet access. The Bastion Host in the public subnet acts as a secure gateway for managing and accessing these instances.
- Deploying the Application in the Private Subnet:
- The web application is hosted on servers within the private subnets to enhance security and isolation. These servers are only accessible internally within the VPC.
- Application servers are configured to auto-scale based on demand and are not directly exposed to the internet, ensuring that only authorized traffic reaches them via the load balancer.
- Accessing the Private Subnet via Bastion Host:
- A Bastion Host (jump box) is deployed in the public subnet, allowing secure SSH access to the application servers in the private subnets.
- Administrators connect to the Bastion Host using SSH and then securely tunnel into the private subnet servers for maintenance or troubleshooting.
- This access flow ensures the private subnet remains secure while still providing necessary access for managing the application servers.
- Accessing the Application via DNS:
- The application is accessible to users via the DNS of the Application Load Balancer.
- End users interact with the ALB’s DNS, which routes their requests to the application servers in the private subnet, ensuring seamless access without directly exposing the servers.
- This setup maintains a secure environment while providing external access through the ALB.