Upcoming · Intermediate
VPC Web App Lab
Deploy a basic web app across public and private subnets with logging and network controls.
Problem
Applications need isolated network tiers, controlled ingress, and observability from the start.
Solution
Place the load balancer in public subnets, app instances in private subnets, and restrict access with security groups.
Architecture Overview
Internet traffic reaches an ALB, forwards to private EC2 targets, and sends metrics and logs to CloudWatch.
AWS Services Used
VPCEC2ALBSecurity GroupsCloudWatch
Steps Taken
- - Design the VPC CIDR and subnet layout.
- - Create route tables and internet gateway access.
- - Launch EC2 targets in private subnets.
- - Connect the ALB and verify health checks.
Screenshots
Screenshot placeholder
Screenshot placeholder
Lessons Learned
- - Network boundaries are easier to manage when named clearly.
- - Health checks reveal routing and firewall mistakes quickly.