- In this project, we will be working with the web tier and the application tier to safely secure our application,
- VPC
-
What is a vpc Amazon Virtual Private Cloud (Amazon VPC) is a service offered by Amazon Web Services (AWS) that allows you to create a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. This gives you control over your network environment, including IP address ranges, subnets, route tables, and network gateways. This component will basically house all other services we will be using in this project
-
we will create our custom vpc in ohio region for this project
- SUBNETTING
- Within a VPC, you can create multiple subnets. Subnets are segments of the IP address range of your VPC, and they can be either public or private
lets create 4 subnets of which will consist of 2 private subnets and 2 public subnet in 2 different availability zones, the will ensure high availability
- SECURITY GROUPS
- create security groups for:
a- jumpserver RULES - port : 22 from: anywhere
b- webserver RULES - port : 22 from: <jumpserver_private_ip>
- port : 80
from : anywhere
4. KEYPAIRS
- create 2 seperate key pairs for both instances
- jumserver: jump-key.pem
- webserver: web-key.pem
-
INSTANCES
- Launch instances in all the subnets
- jumpserver : ubuntu OS
- webserver : centOS
-
create internet gateway
- when we create our internet gateway, we will attach it to the vpc we created. By attaching an Internet Gateway to oour VPC, it enables resources within our VPC, such as Amazon EC2 instances, to communicate directly with the internet.
-
NAT gateways
-
In a VPC, instances located in private subnets don't have a direct route to the internet through an Internet Gateway. To enable these instances to access the internet while still maintaining security, you use a NAT Gateway.
-
we will create a NAT gateway for our project, note NAT gatway is not free do not forget to delete it imediately after the completion of this project
-
-
ROUTE TABLES
-
let create public and private route table route table is essentially a set of rules (routes) that determine where network traffic should be directed. It acts as a map that helps network traffic find its way from source to destination.
-
Associate subnets with route tables associate the public subnets to the internet gateway
and also do same for private subnets
define routes
-
login to the jump server
- Now lets log in to our jump server
-
copy web server login key to the jump server machine
scp -i <jumpserverkeyname> <webserverkeyname> <destination>
-
login to web server from the jump server open gitbash and ssh in to the jump server to verify its working perfectly
-
Run the script
#!/bin/bash
# Elevate privileges to root
sudo -i
# Install required packages
yum update && yum install httpd wget unzip -y
# Start the Apache service and enable it to start automatically on boot
systemctl start httpd
systemctl enable httpd
# Download and extract the website template to a temporary directory
mkdir temp
cd temp
wget https://www.tooplate.com/zip-templates/2129_crispy_kitchen.zip
unzip 2129_crispy_kitchen.zip
# Copy the extracted files to the Apache document root directory
cp 2129_crispy_kitchen/* /var/www/html/
# Restart the Apache service to load the new website
systemctl restart httpd
- validate
check the httpd is active
goto to your web browser and validate that web page is loaded