Business Implications
Delivers a production-style, cost-efficient stack with clear separation of concerns, secure networking, and fault tolerance. The ALB improves uptime and scalability, RDS ensures data durability, and VPC controls reduce risk—providing a solid blueprint for migrating monoliths or bootstrapping small web platforms.
Steps Performed
Provisioned VPC networking, launched RDS in private subnets, deployed two EC2 web servers with Node.js and Nginx, fronted by ALB, and validated end-to-end functionality.
1.
Set Up VPC & Subnets
Created TodoAppVPC (10.0.0.0/16) with two public subnets for EC2 and two private subnets for RDS across AZs. Attached an IGW, built public/private route tables, and prepared isolated networking.
2.
Harden Access With Security Groups
Configured Webserver-SG (HTTP 80 from ALB-SG, SSH 22 as needed) and Database-SG (MySQL 3306 only from Webserver-SG). Added least-privilege IAM roles for EC2/RDS interactions and ops visibility.
3.
Provision RDS MySQL (Private)
Deployed RDS MySQL (free-tier) in private subnets, not publicly accessible. Connected via bastion host to create TodoAppDB and Tasks table. Stored credentials securely and recorded the RDS endpoint for app config.
4.
Launch & Configure EC2 App Tier
Launched two Amazon Linux EC2 instances (public subnets). Installed Node.js, cloned app repo, set .env with RDS details, ran with PM2, and configured Nginx reverse proxy to port 3000. Verified app on each instance.
5.
Add ALB & Target Group
Created ALB (internet-facing) with listener HTTP:80 and ALB-SG. Registered both EC2 instances in TodoApp-TG, set health check /, updated Webserver-SG to allow HTTP from ALB-SG, and validated round-robin traffic via ALB DNS.
AWS Services Used
Amazon EC2
Amazon RDS (MySQL)
Application Load Balancer (ALB)
Amazon VPC
AWS IAM
Security Groups
Node.js & PM2
Nginx
MySQL Workbench / CLI
Git
Technical Tools Used
Two-Tier Architecture Design
VPC Networking & Security
Load Balancing & HA
Linux & App Operations
Skills Demonstrated
Two-Tier To-Do App on AWS
EC2 + RDS With ALB, Secure VPC Networking
Deployed a scalable To-Do web app using a two-tier architecture: EC2 for the Node.js app, Amazon RDS (MySQL) for data, and an Application Load Balancer for traffic distribution. Built inside a secure VPC with public/private subnets, security groups, and least-privilege IAM.
