Create High Availability Architecture With AWS CLI

Kanishka Shakya

6 min readNov 21, 2020

➡The architecture includes:-

🔸 Webserver configured on EC2 Instance

🔸 Document Root(/var/www/html) made persistent by mounting on EBS Block Device.

🔸 Static objects used in code such as pictures stored in S3

🔸 Setting up Content Delivery Network using CloudFront and using the origin domain as S3 bucket.

🔸 Finally place the Cloud Front URL on the Web App code for security and low latency.

What is IAM??

Identity and access management (IAM) is a collective term that covers products, processes, and policies used to manage user identities and regulate user access within an organization.

“Access” and “user” are two vital IAM concepts. “Access” refers to actions permitted to be done by a user (like view, create, or change a file). “Users” could be employees, partners, suppliers, contractors, or customers. Furthermore, employees can be further segmented based on their roles.

What is Key Pair??

A key pair, consisting of a private key and a public key, is a set of security credentials that you use to prove your identity when connecting to an instance. Amazon EC2 stores the public key, and you store the private key.

Two types of key:-

1.Private Key and 2.Public Key

The public key is placed into a public directory. A directory is a storage facility that can house user names and information about the users (e.g., e-mail address, phone numbers, and the public key).

The private key is stored in an area that only the designated user can access, such as his or her local PC or laptop. Note: This example does not address roaming users and the management of keys.

What is EBS Volume??

Elastic Block Store (EBS) adds to the persistent storage of AWS EC2 using random access block storage with volumes. EBS provides persistent, high-performance, and high-availability block-level storage which you can attach to a running EC2 instance (in the same availability zone) in the form of volumes (1GB — 1TB). Additionally, Amazon allows you to provision a specific level of I/O performance if desired (called Provisioned IOPS). Each EBS volume can be formatted and mounted as a file system. You also have direct, random access of each stored block of data.

What is S3??

Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases, such as data lakes, websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics. Amazon S3 provides easy-to-use management features so you can organize your data and configure finely-tuned access controls to meet your specific business, organizational, and compliance requirements.

How to use an S3 bucket??

An S3 customer first creates a bucket in the AWS region of his or her choice and gives it a globally unique name. AWS recommends that customers choose regions geographically close to them to reduce latency and costs.

What is CloudFront??

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront China has Edge locations in Beijing, Shanghai, Zhongwei, and Shenzhen. These four Edge locations are connected by private network directly to AWS China (Beijing) Region operated by Sinnet and AWS China (Ningxia) Region operated by NWCD for speedy content delivery to viewers in China. CloudFront works seamlessly with services, including AWS Shield Standard for DDoS mitigation, and Amazon S3, Elastic Load Balancing, or Amazon EC2 as origins for your applications.