Deploying to the Cloud
Deploying a complete VPC Architecture with CDK

Photo by Thomas Jensen on Unsplash

Deploying a complete VPC Architecture with CDK

Daniel Her's photo
Daniel Her
·

2 min read

Building a secure, scalable, and automated cloud infrastructure is a vital skill for modern developers. In this project, I used AWS CDK (Cloud Development Kit) to deploy a VPC with EC2 instances and an RDS MySQL database. The project demonstrates how to leverage IaC (Infrastructure as Code) to automate and simplify cloud resource provisioning.

Goals of the Project

  1. Design a VPC:

    • Spanning two Availability Zones (AZs) for high availability.

    • Configuring subnets for public, private, and database layers.

  2. Deploy an RDS MySQL Database:

    • Securely placed in private isolated subnets tagged as Database.

    • Configured with scalable storage and backups.

  3. Host an EC2 Instance:

    • Provisioned in private subnets for backend services.

    • Connected to the RDS database securely.

Code Snippets

VPC Configuration

this.vpc = new ec2.Vpc(this, 'MyVpc', {
  maxAzs: 2,
  subnetConfiguration: [
    { name: 'Public', subnetType: ec2.SubnetType.PUBLIC, cidrMask: 24 },
    { name: 'Private', subnetType: ec2.SubnetType.PRIVATE_ISOLATED, cidrMask: 24 },
    { name: 'Database', subnetType: ec2.SubnetType.PRIVATE_ISOLATED, cidrMask: 24 },
  ],
});

EC2 Deployment

new ec2.Instance(this, 'MyEC2Instance', {
  vpc: props.vpc,
  instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MICRO),
  machineImage: ec2.MachineImage.latestAmazonLinux(),
  vpcSubnets: {
    subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
  },
  securityGroup: ec2SecurityGroup,
});

RDS Deployment

new rds.DatabaseInstance(this, 'MyRDSInstance', {
  vpc: props.vpc,
  vpcSubnets: { subnetGroupName: 'Database' },
  engine: rds.DatabaseInstanceEngine.mysql({ version: rds.MysqlEngineVersion.VER_8_0_28 }),
  instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MICRO),
  allocatedStorage: 20,
  maxAllocatedStorage: 100,
  removalPolicy: cdk.RemovalPolicy.DESTROY,
});

Lessons Learned

  1. Subnet Planning: Designing subnets with specific purposes (e.g., Database) simplifies resource segregation and enhances security.

  2. AWS CDK Best Practices: Explicitly filtering subnets using subnetGroupName ensures predictable deployments.

  3. Security First: Keeping RDS and EC2 instances in private subnets protects sensitive resources from external threats.

Conclusion

This project highlights the importance of automation, security, and scalability in cloud infrastructure. By leveraging AWS CDK, I could define, deploy, and manage complex resources with ease, paving the way for future cloud-native applications. Let me know if you’d like any revisions or additional sections!

AWSCloudsoftware developmentvpc