I have been in the front end development before, but this is my first time researching how to use AWS services to host a public server for our web application. Currently, I have trouble understanding how does EC2 and API gateway work with each other. And I also have some trouble understanding how does public server host a web application in this case. I have reads a number of tutorials, but I have trouble understanding where does this API endpoint generate in this case. I saw that API gateway could generate an endpoint, but in this case, do I still use EC2 to host the web application? And how can the url from these 2 connect to each other? Yeah, I think I got messy on understanding this web app structure especially on server side. Coud someone help me on breif explain on these 2 services and maybe some useful tutorial that I could reference? As a beginner, everything is so confusing to me. Thank you so much!!
The simple approach is deploy your web/app server in EC2 instance and check on which port yours service is running e.g. 8080 , go to attached securty group of that EC2 instance and open port for 8080, you can also attach the elastic IP so that even after restart EC2 instance your IP will never change and then access your application publically using http;//<elastic-ip>:8080/<>
btw best approach is to use ELB on ECS/EKS and then use API gateway deploy your static content in S3 and use cloudfront.
Related
I'm trying to create a setup where all of my (mobile and home) traffic is encrypted and ad-blocked. The idea is to use this setup:
wherein all of my traffic when using the VPN client on my phone or PC is routed through a custom OpenVPN setup running on a AWS EC2 instance. On its way out of the EC2 instance towards the public internet, I want to have a PiHole or equivalent DNS sinkhole filtering requests for blacklisted sites.
It's important that this is configured in such a way that I'm not allowing for a public/open DNS resolver - only traffic coming from through the OpenVPN (and therefore coming from an OpenVPN client that is using one of my keys) should be allowed.
Is this possible? Am I correctly understanding the functionality of all the parts?
How do I set this up? What concepts do I need to understand to make this work?
This tutorial seems like a good place to start. This is using lightsail not EC2, but if you aren't planning to scale this up much that might be simpler and cheaper.
Hi there networking experts,
I have a Rails app hosted on Heroku, and I am looking to set up a VPN tunnel on a separate EC2 instance which will connect with a 3rd party.
3rd party <----(VPN tunnel)----> EC2 <----(HTTP/SSH)---> Heroku
Best case scenario would have been to set up the tunnel directly on our Heroku instance, but that doesn't seem possible according to some of these answers.
With my limited knowledge, I figured that the next best thing would be to set up a 'middle-man' EC2 instance with the capability to listen to the VPN tunnel as well as send HTTP requests to our Heroku server over SSH. The most important consideration in this integration would be security. I would like to encrypt end-to-end, and only decrypt on our Heroku server.
What would be the best practice for achieving something like this, if possible at all?
Thank you!
AWS has a managed VPN offering.
You configure a customer gateway for the client side, attach a virtual private gateway to your VPC, and the VPN connects the two. You can then set up routes which will allow them to connect securely to any services running inside your VPC.
A VPN in AWS can use static or dynamic routing. Static is generally simpler, especially if there is a limited IP range on the client side.
It's the first time I will be publishing a website and have no idea on how this works.
Here's a few details on what I'm trying to achieve.
I have created a sample website in nodejs and uploaded it to docker (two containers, one for nodejs and the other one for mongodb database)
Now I would like to upload this on aws but not really sure where to start and what I need to know.
In addition, I want a domain, the price is quite high for the .com domain I am looking.
My questions are as follow:
If I buy a domain, how do I hookup the domain so it's routed to the aws server where I have my website deign, logic and database, how exactly does this work?
What's the best way to buy a domain? does anyone have any experience and advice on the best approach?
Thanks
You'll need to setup your vm and begin hosting your site w/ the custom ec2 URL, then configure the Amazon dns server (Route 53) with your domain to point at the correct vm.
Step 1
Get an ec2 box running (whatever size you think you'll need for traffic/storage). When you go through the portal, you'll need to Authorize Inbound Traffic.
Now you can sign into your ec2 vm, download any dependencies you'll need (npm for instance) and run your site just like you would locally in a terminal. Here's a sample that may help if you have trouble.
Step 2
You now need to the dns servers to translate the domain you owned into the ip of your ec2 vm. You can use the Route 53 service to do this.
Alternatives
You can also use Azure's App Services to do this. It's a cloud app hosting service that's meant to help you get your app on the cloud and scale it without much trouble. Here's a Node.js Sample.
...And here's the instructions on how to setup a custom domain.
Noob question here but my google-fu is failing me.
I'm working with an app that uses the aws java SDK to talk to aws and scrapes some info about the instances and other information. We are not hitting the instances directly, just the sort of stuff you can get from aws cli console etc....
things like describe-instances...
The app is hosted inside an internal network and traffic currently is going out via a proxy server.
I can request to have some firewall rules opened but for the life of me I can't find which ports needs to be opened and the amazon urls... is it just standard https 443 and http 80? and what are the urls, are they the same as the amazon endpoints published for the API gateway?
I can't access or modify the code, this is a vendor product that uses the latest aws java SDK (I download the sdk, unzip and put int a specified folder)
any help would be greatly appreciated!
I assume the normal http(s) endpoints are all you need to be able to access.
They are all described here and run on standard http and https ports.
First of all let me say that I'm new to AWS and don't know much about servers but trying to learn something now!
I have been given access to AWS instance. I can access the server using ssh. It's ubuntu server.
There is an application deployed under var/www/. I have also public IP of server but when I try to access this public IP it's not opening and I also can't ping that IP.
Am I doing something wrong? I will note that I don't have very big experience with servers.
You will need to check security group credentials associated with your ec2. There http and any other required protocols will need to be opened. And also that internet gateway is correctly NATed. Good luck. It's a steep but fast learning curve with aws.