Caf-Online-Ordering-System---AWS-Lab

Create a secure VPC for café admins, using a bastion host in a public subnet for remote server management. Include a NAT gateway for internet access to an EC2 instance in a private subnet, ensuring a robust and protected network for the café's web application server.

Café Online Ordering System - AWS Lab

Table of Contents

1. Setting Up the Hosting Environment
   • 1.1 Configuring an Amazon EC2 Instance
   • 1.2 Configuring AWS Cloud9 for Web Development
   • 1.3 Making the Website Accessible
2. Installing the Café Web Application
   • 2.1 Downloading and Extracting Application Files
   • 2.2 Copying Café Files to Web Server
   • 2.3 Configuring Application Parameters
   • 2.4 Configuring MySQL Database
   • 2.5 Updating PHP Timezone Configuration
   • 2.6 Testing Café Website
3. Duplicating the Café Website
   • 3.1 Creating an AMI and Launching Another EC2 Instance
   • 3.2 Verifying the New Café Instance
4. VPC Lab
   • 4.1 Creating a Public Subnet
   • 4.2 Creating a Bastion Host
   • 4.3 Allocating an Elastic IP for Bastion Host
   • 4.4 Testing Connection to Bastion Host
   • 4.5 Creating a Private Subnet
   • 4.6 Creating a NAT Gateway
   • 4.7 Creating EC2 Instance in Private Subnet
   • 4.8 Configuring SSH Client for SSH Passthrough
5. Enhancing the Security Layer
   • 5.1 Creating a Network ACL
   • 5.2 Testing Network ACL

---

1. Setting Up the Hosting Environment

1.1 Configuring an Amazon EC2 Instance

• Checked the status of the web server, database, and PHP.
• Started and set up the web server and database to run automatically.

1.2 Configuring AWS Cloud9 for Web Development

• Created a symlink to the web server's directory.
• Adjusted ownership permissions for web server file editing.
• Created a basic test webpage (index.html) in the html directory.

1.3 Making the Website Accessible

• Edited inbound Rules in the instance Security Group to allow inbound HTTP traffic on TCP port 80 from anywhere.

2. Installing the Café Web Application

2.1 Downloading and Extracting Application Files

• Downloaded and extracted web server application files.

2.2 Copying Café Files to Web Server

• Moved café application files to the web server's document root.

2.3 Configuring Application Parameters

• Configured application parameters in AWS Systems Manager Parameter Store.

2.4 Configuring MySQL Database

• Configured MySQL database for the café application.

2.5 Updating PHP Timezone Configuration

• Updated the PHP configuration to set the timezone to "America/New_York."
• Restarted the web server to apply the timezone configuration.

2.6 Testing Café Website

• Tested whether the café website is working and can be accessed from the internet.

3. Duplicating the Café Website

3.1 Creating an AMI and Launching Another EC2 Instance

• Created an AMI from the existing EC2 instance.
• Set a static internal hostname and created a new key pair.

3.2 Verifying the New Café Instance

• Verified that the new ProdCafeServer instance in the Oregon Region is running.
• Tested the café web application's functionality.

4. VPC Lab

4.1 Creating a Public Subnet

• Created a public subnet in the Lab VPC.
• Created an internet gateway and attached it to the Lab VPC.
• Updated the route table for the public subnet.

4.2 Creating a Bastion Host

• Created an EC2 instance (Bastion Host) in the Public Subnet.
• Configured security group for the bastion host.

4.3 Allocating an Elastic IP for Bastion Host

• Assigned an Elastic IP address to the bastion host.

4.4 Testing Connection to Bastion Host

• Tested the SSH connection to the bastion host.

4.5 Creating a Private Subnet

• Created a private subnet in the Lab VPC.

4.6 Creating a NAT Gateway

• Created a NAT gateway in the public subnet.
• Created a new route table for the private subnet.

4.7 Creating EC2 Instance in Private Subnet

• Created an EC2 instance (Private Instance) in the Private Subnet.
• Configured security group for the private instance.

4.8 Configuring SSH Client for SSH Passthrough