Architecting On AWS - Lab 2 - Deploying A WEB Application On AWS
Architecting On AWS - Lab 2 - Deploying A WEB Application On AWS
https://labs.netec.com/pages/lab2.html 1/14
22/7/2021 AWS Labs
OBJECTIVES
After completing this lab, you will be able to:
DURATION
START LAB
This starts the process of provisioning your lab resources. An
estimated amount of time to provision your labs resources is
displayed. You must wait for your resources to be provisioned
before continuing.
https://labs.netec.com/pages/lab2.html 2/14
22/7/2021 AWS Labs
Open the AWS Console with the green button to the left of
this page.
On the login page, place the User assigned for the course
Select the name of the account and the list of labs will appear.
In this task, you define security groups for the Amazon EC2
application server and Amazon RDS database instance. The
following diagram shows these security groups and how traffic will
follow:
A security group acts as a virtual firewall that controls the traffic for
one or more instances, you Associate one or more security groups
with the instance. You add rules to each security group, and these
rules allow traffic to or from the group’s associated instances. You
can modify the rules for a security group at any time; the new rules
are automatically applied to all instances that are associated with
the security group.
A couple existing security groups are listed you will create a new
security group for the APP Server.
Type: HTTP
Source: Anywhere
Key Name
Value App-SG
The security group is created. You will use this security group later
in the lab when launching the App Server.
Type: MYSQL/AUROR
Source: Click inside the text field. Type the letters "sg" (just
Key Name
Value DB-SG
When you created the inbound rule for the Database Security
Group, notice that you used the Application Security Group ID as
the source. The ability for one security group to refer to another
security group is a powerful capability. It means that you can grant
additional EC2 instances to have access to the database by
associating them with the Application Security Group. Any instance
associated with the Application Security Group will then be
https://labs.netec.com/pages/lab2.html 5/14
22/7/2021 AWS Labs
You will use the new Database Security group in the next task.
https://labs.netec.com/pages/lab2.html 6/14
22/7/2021 AWS Labs
Select db.t2.micro
Tip: Feel free to look at the other options displayed on the page,
but Leave them set to their default values. Options include
automatic backups, the ability to Export log files, and automatic
version upgrades. The ability to actívate such features by clicking a
box shows the power of using a Fully managed database solution
rather than having to install, backup, and maintain the database
yourself.
For this lab, the application will use the Amazon Linux 2 AMI
You will launch the instance in a public subnet within the Lab VPC
network.
Public Subnet 1
"Version": "2012-10-17",
"Statement": [
"Action": "ssm:*",
"Resource":
"arn:aws:ssm:*:*:parameter/inventory-app/*",
"Effect": "Allow"
32. Copy and paste the following script into the User data field
Copy Code
#!/bin/bash
wget https://us-west-2-
tcprod.s3.amazonaws.com/courses/ILT-TF-200-
ARCHIT/v6.8.21/lab-2-webapp/scripts/inventory-app.zip
wget https://github.com/aws/aws-sdk-
php/releases/download/3.62.3/aws.zip
chkconfig httpd on
At this step, you can add additional Amazon Elastic Block Store
(Amazon EBS) disk volumes and configure their size and
performance.
You will use the default disk size, so no changes are required.
https://labs.netec.com/pages/lab2.html 10/14
22/7/2021 AWS Labs
Key: Name
The Name tag will appear on the instance in the EC2 management
console
Now associate the instance with the App Security Group (App-SG)
you created earlier in the lab
The inbound rules display and show that they permit HTTP traffic
from anywhere on the internet (0.0.0.0/0).
Note: If you receive a warning that you will not be able to connect
to this instance, click Continue
STEP 7: REVIEW
https://labs.netec.com/pages/lab2.html 11/14
22/7/2021 AWS Labs
Before continuing to the next task, wait for the instance state to
display running.
Note: The instance will start running after just a short time.
However, the status checks take a few minutes longer.
You are now ready to test that the applciation is operational. You
can access the web application via the IP address of the EC2
instance.
43. On the Details tab, copy the IPv4 Public IP to your clipboard
44. Open a new web browser tab, paste the IP address into the
address bar, and press ENTER
You can now configure the application to use the Amazon RDS DB
instance you created earlier. First retrieve the Database Endpoint
so that the application knows how to connect to the database.
Database: inventory
Username: dbadmin
Password: lab-password
CLEAN UP RESOURCES
54. Select in the radio button the only database called inventory-db
(Don't click on the name).
57. Click on the box that says "I acknowledge that upon ..."
58. In the text box write delete me and click on the Delete button
61. At the top select Instance State and click Terminate Instance
63. In the left panel go to Network & Security click on the Security
Groups option.
64. Select in the box the name of the security groups called DB-SG
In the lower panel click on Inbound rules and Edit inbound
https://labs.netec.com/pages/lab2.html 13/14
22/7/2021 AWS Labs
rules.
65. Click Delete the rule and click the Save rules button.
66. Select in the box the name of the security groups called App-SG
and DB-SG
68. In the text box write delete and click Delete button
CONCLUSION
END LAB
Click to go up
https://labs.netec.com/pages/lab2.html 14/14