Introduction
What is Elastic Beanstalk (EB)?
Elastic Beanstalk (EB) is a higher-level, managed ‘platform as a service’ (PaaS) for hosting web applications, similar in scope to Heroku. Rather than deal with low-level AWS resources directly, EB provides a fully-managed platform where you create an application environment using a web interface, select which platform your application uses, create and upload a source bundle, and EB handles the rest.
Using EB, you get all sorts of built-in features for monitoring your application environment and deploying new versions of your application.
CloudFront
We utilize CloudFront for its content distribution network and caching capabilities.
EC2 (Elastic Cloud Computing)
Elastic Load Balancer
Elastic Load Balancing(ELB) improves responsiveness and increases the availability of applications. A load balancer sits between the client and the server cluster accepting incoming network and application traffic and distributing the traffic across multiple EC2 Instances using various methods.
Alternatively, you can setup a Load balancer in front of your EC2 instance and use that as proxy to forward requests to your backend instance. For instance, Elastic Load Balancer is used to route traffic to Amazon EC2 instances, so to serve secure content over SSL/TLS, load balancers require that SSL/TLS certificates be installed on either the load balancer or the backend Amazon EC2 instance. AWS Certificate Manager (ACM) is integrated with Elastic Load Balancing and you can deploy ACM certificates on the load balancer. If you use load balancer, your architecture will look something like this: ======================================== Internet — — — →Load Balancer internet, Listeners, ACM certificate SSL offloading — — →Forwarding — — — → Backend Instance ========================================
EC2 Instance
An EC2 instance is a virtual server in Amazon’s Elastic Compute Cloud (EC2) for running applications on the Amazon Web Services (AWS) infrastructure. AWS is a comprehensive, evolving cloud computing platform; EC2 is a service that allows business subscribers to run application programs in the computing environment.
Port Forwarding
Accept connections via CloudFront over port 443 (redirect HTTP to HTTPS). Connections from the load balancer to EC2 Instances should be completed over port 80 — this will alleviate AWS asking for 2 SSL certificates.
HTTPS = ON
In your application, ensure you are forcing HTTPS, your system may not know this as traffic is delivered from load balancer to ec2 instance over port 80. In PHP $_SERVER[‘HTTPS’] = “on” save a lot of hardship and infinite loops.
Provision SSL in the correct region
CloudFront will only utilize SSL certificates provisioned under ACM in the certain Region
RDS (Relational Database Service)
This is a web service that makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks.
S3 (Simple Storage Service)
S3 is a scalable, high-speed, web-based cloud storage service designed for online media/file storage and serving. Extremely resilient and secure.
ACM (Amazon Certificate Manager)
ACM is a Private Certificate Authority (CA) is a managed private CA service that helps you easily and securely manage the lifecycle of your SSL certificates.
SES (Simple Email Service)
Amazon Simple Email Service (SES) is a cost-effective email service built on the reliable and scalable infrastructure that Amazon.com developed to serve its own customer base.
CloudWatch
Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS.
