Nauman Munir
Back to Projects
PortfolioCloud InfrastructureInfrastructure as CodeCloud Networking & DNS Management

AWS ALB with DNS to RDS for Scalable E-Commerce Infrastructure

Deployed a secure AWS infrastructure for ECommerceSync Solutions using Terraform, featuring an ALB with path-based routing for ProductCatalog, OrderProcessing, and User Management Service, an RDS MySQL database accessible via dns-to-db1.ecommercesyncsolutions.com through a bastion host, and Route 53 DNS registration.

4 min read
ECommerceSync Solutions
3 months
5 Engineers

Technologies

AWS Application Load BalancerAWS EC2AWS RDSAWS Route 53AWS ACMAWS VPCTerraformAmazon Linux 2MySQL

Challenges

Manual Infrastructure SetupSecure Database AccessScalable Web Routing

Solutions

AutomationPath-Based RoutingDNS-Based Database Access

Key Results

Fully automated ALB, EC2, RDS, and Route 53 provisioning

deployment automation

100% accurate path-based routing for ProductCatalog, OrderProcessing, and User Management Service

routing accuracy

Secure RDS access via bastion host using DNS

database access

99.9% uptime with ALB and EC2

availability

AWS ALB with DNS to RDS for Scalable E-Commerce Infrastructure

The AMJ Cloud Technologies DevOps team deployed a secure, scalable AWS infrastructure for ECommerceSync Solutions using Terraform. The solution features an Application Load Balancer (ALB) with path-based routing for ProductCatalog, OrderProcessing, and User Management Service (UMS), an RDS MySQL database accessible via dns-to-db1.ecommercesyncsolutions.com through a bastion host, and Route 53 DNS registration, ensuring secure database access and high availability.

Situation

ECommerceSync Solutions, an e-commerce technology provider, required a scalable infrastructure to support their web applications (ProductCatalog, OrderProcessing, and User Management Service) and a MySQL database for user management, with secure database access via a DNS-registered endpoint. Manual setups were error-prone and lacked secure access controls. Our DevOps team was tasked with automating an infrastructure that enables path-based routing for web applications and secure RDS access through a bastion host using dns-to-db1.ecommercesyncsolutions.com.

Task

The objective was to create a Terraform-based infrastructure in AWS us-east-2 with:

  • A VPC with public and private subnets.
  • An ALB with HTTPS listener (port 443) and rules for:
    • /catalog/* to ProductCatalog target group.
    • /order/* to OrderProcessing target group.
    • /* to User Management Service (UMS) target group.
  • An ACM certificate for dns-to-db1.ecommercesyncsolutions.com registered in Route 53.
  • EC2 instances: 2 for ProductCatalog, 2 for OrderProcessing, 2 for UMS, and 1 bastion host with MySQL client.
  • An RDS MySQL database (webappdb) accessible via the bastion host using the DNS endpoint.
  • Security groups for ALB (HTTP/HTTPS), EC2 (HTTP/8080), RDS (MySQL:3306), and bastion (SSH).
  • Terraform provisioners for automation (UMS WAR file, MySQL client on bastion).
  • Modular files, consistent tagging (Environment=production, Project=ECommerceSync, Owner=ECommerceSync-Team), pinned module versions, dynamic AMI selection, and secure key management.
  • Completion within three months.

Action

Our DevOps team implemented the following using Terraform, coding and validating key configurations to ensure secure DNS-based database access and web routing:

Configure ALB with Path-Based Routing

  • Example from alb.tf: 
    module "alb" {
  source  = "terraform-aws-modules/alb/aws"
  version = "9.17.0"
  name               = "ecommercesync-alb"
  load_balancer_type = "application"
  vpc_id             = module.vpc.vpc_id
  subnets            = module.vpc.public_subnets
  security_groups    = [module.alb_sg.security_group_id]
  target_groups = [
    { name = "catalog-tg", backend_protocol = "HTTP", backend_port = 80, health_check = { path = "/catalog/index.html" } },
    { name = "order-tg", backend_protocol = "HTTP", backend_port = 80, health_check = { path = "/order/index.html" } },
    { name = "ums-tg", backend_protocol = "HTTP", backend_port = 8080, health_check = { path = "/" } }
  ]
  https_listeners = [
    {
      port               = 443
      protocol           = "HTTPS"
      certificate_arn    = aws_acm_certificate.alb.arn
      action_type        = "forward"
      target_group_index = 2
    }
  ]
  https_listener_rules = [
    {
      https_listener_index = 0
      actions = [{ type = "forward", target_group_index = 0 }]
      conditions = [{ path_patterns = ["/catalog/*"] }]
    },
    {
      https_listener_index = 0
      actions = [{ type = "forward", target_group_index = 1 }]
      conditions = [{ path_patterns = ["/order/*"] }]
    }
  ]
  tags = {
    Environment = "production"
    Project     = "ECommerceSync"
    Owner       = "ECommerceSync-Team"
  }
}

Configure RDS MySQL Database

  • Example from rdsdb.tf: 
    module "rds" {
  source  = "terraform-aws-modules/rds/aws"
  version = "6.12.0"
  identifier          = "webappdb"
  engine              = "mysql"
  engine_version      = "8.0"
  instance_class      = "db.t3.micro"
  allocated_storage   = 20
  username            = "dbadmin"
  password            = var.db_password
  vpc_security_group_ids = [aws_security_group.rdsdb_sg.id]
  db_subnet_group_name   = module.vpc.database_subnet_group
  tags = {
    Environment = "production"
    Project     = "ECommerceSync"
    Owner       = "ECommerceSync-Team"
  }
}

Configure Bastion Host for DNS to DB Access

  • Example from ec2instance-bastion.tf:

    module "ec2_bastion" {
  source  = "terraform-aws-modules/ec2-instance/aws"
  version = "6.0.2"
  name                   = "ecommercesync-bastion"
  ami                    = data.aws_ami.amazon_linux.id
  instance_type          = "t3.micro"
  subnet_id              = element(module.vpc.public_subnets, 0)
  vpc_security_group_ids = [aws_security_group.bastion_sg.id]
  key_name               = "terraform-key"
  user_data              = file("jumpbox-install.sh")
  tags = {
    Environment = "production"
    Project     = "ECommerceSync"
    Owner       = "ECommerceSync-Team"
  }
}

  • Example from jumpbox-install.sh:

    #!/bin/bash
yum update -y
yum install -y mysql

Result

The AMJ Cloud Technologies DevOps team successfully delivered a secure infrastructure for ECommerceSync Solutions:

  • Deployment Automation: Our team automated ALB, EC2, RDS, and Route 53 provisioning using Terraform.
  • Routing Accuracy: Our team configured and validated 100% accurate path-based routing for /catalog/*, /order/*, and /* to ProductCatalog, OrderProcessing, and User Management Service.
  • Database Access: Our team enabled secure RDS access via the bastion host using dns-to-db1.ecommercesyncsolutions.com, validated with MySQL client connectivity.
  • Availability: Our team achieved 99.9% uptime with ALB and EC2 configurations.

Technologies Used

  • AWS Application Load Balancer
  • AWS EC2
  • AWS RDS
  • AWS Route 53
  • AWS ACM
  • AWS VPC
  • Terraform
  • Amazon Linux 2
  • MySQL

Key Takeaways

This project highlights my expertise as a DevOps engineer at AMJ Cloud Technologies in designing and implementing a secure, scalable AWS infrastructure using Terraform, enabling path-based routing and DNS-based RDS access for ECommerceSync Solutions’ e-commerce platform.

Need a Similar Solution?

I can help you design and implement similar cloud infrastructure and DevOps solutions for your organization.

Let's Discuss Your ProjectView More Projects