1.5 KiB
Security groups
Load balanced
1 for the EC2 instances (applied to the autoscaler). The instances can be private. Gateway VPC needed for S3 upload.
1 for the RDS.
1 for the LB.
Single instances
1 for the EC2 instances (applied to the autoscaler). The instances need to be public. No gateway VPC needed - they have internet access. 1 for the RDS.
If using --database you don't need to create any SG. Let EB use the default VPC. It will create everything for you.
If not using --database:
EC2:
- Create a SG for EC2
- Should have ingress from all (0.0.0.0:80+443)
- Should have egress to all (0.0.0.0:all)
RDS:
- Specify the
security_group_idswith the SG of the EC2 and EB will create the SG for you with this as ingress for the SG you pass in. - Specify
associate_security_group_idsto attach a security group to the RDS (if you need to enable public access)
Commands
Deploy CF
aws --profile admin cloudformation deploy --template-file ./03-stack-rdsinstance.yaml --stack-name strapi-rds --parameter-overrides StackName=strapi-vpc --tags git=web-dev owner=home project=strapi-elb test=true deployment=cloudformation
Destroy CF
aws --profile admin cloudformation delete-stack --stack-name strapi-rds
Terraform
gmake plan
gmake applu
gmake destroy
EB Single instance
eb create --single
with DB
eb create --single --database
Deploy code to environment
apps-awsebcli
Health check
eb health
Open the URL
eb open
Terminate
eb terminate