Skip to main content
Nauman Munir
Back to Projects
PortfolioE-commerceInfrastructure as CodeCloud Cost & Performance Optimization

E-commerce Infrastructure Deployment for Startup

Deployed a scalable AWS 3-tier architecture for an e-commerce startup using Terraform, achieving 300% traffic scalability, 25% cost savings, and 99.9% uptime.

4 min read
E-commerce Infrastructure Deployment for Startup

Technologies

AWS VPCAWS EC2AWS RDSAWS Application Load BalancerAWS Auto ScalingAWS Bastion HostAWS NAT GatewayAWS Internet GatewayAWS Security GroupsAWS IAMAWS CloudWatchTerraform

Challenges

Manual ManagementSecurity VulnerabilitiesScalability Issues

Solutions

AutomationSecurityScalability

Key Results

300% during peak seasons

traffic increase

25% AWS cost savings

cost reduction

99.9% availability

uptime

From days to hours

deployment time reduction

E-commerce Infrastructure Deployment for Startup

At AMJ Cloud Technologies, we delivered a secure and scalable AWS 3-tier architecture for Startup, a fast-growing e-commerce startup. Using Terraform, we automated infrastructure deployment to support a robust web storefront, application logic, and database operations, driving operational efficiency and customer satisfaction.

Situation

Startup faced challenges scaling its infrastructure to meet growing customer demand. Manual management led to errors, security vulnerabilities, and inefficiencies. The startup needed an automated, secure, and cost-optimized 3-tier architecture on AWS to ensure high availability and scalability.

Task

Our goal was to design and deploy a 3-tier AWS architecture using Terraform, including:

  • A VPC with Web, App, and Database tiers in private subnets.
  • A Bastion Host in a public subnet for secure access.
  • Automated EC2 provisioning with security groups.
  • Cost optimization and scalability.
  • Completion within four months.

Action

To meet Startup requirements, we implemented the following actions:

  1. Terraform as Infrastructure as Code:

    • Developed modular Terraform scripts for consistent, repeatable deployments.
    • Used commands: terraform init, terraform validate, terraform plan, terraform apply, terraform destroy.

  2. Virtual Private Cloud (VPC) Configuration:

    • Created a VPC with CIDR 10.0.0.0/16 across us-east-1a and us-east-1b.

    • Defined public subnets (10.0.1.0/24, 10.0.2.0/24) for Bastion Host and ALB, private subnets (10.0.3.0/24, 10.0.4.0/24 for Web/App, 10.0.5.0/24, 10.0.6.0/24 for Database).

      resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
  tags = {
    Name = "Startup-vpc"
  }
}
 
resource "aws_subnet" "public_1" {
  vpc_id            = aws_vpc.main.id
  cidr_block        = "10.0.1.0/24"
  availability_zone = "us-east-1a"
  tags = {
    Name = "public-subnet-1"
  }
}
 
resource "aws_subnet" "private_app_1" {
  vpc_id            = aws_vpc.main.id
  cidr_block        = "10.0.3.0/24"
  availability_zone = "us-east-1a"
  tags = {
    Name = "private-app-subnet-1"
  }
}
 
resource "aws_subnet" "private_db_1" {
  vpc_id            = aws_vpc.main.id
  cidr_block        = "10.0.5.0/24"
  availability_zone = "us-east-1a"
  tags = {
    Name = "private-db-subnet-1"
  }
}

  3. Security Groups for Controlled Access:

    • Configured security groups for Web (HTTP/80 from internet), App (from Web), Database (from App), and Bastion Host (SSH from restricted IPs).

      resource "aws_security_group" "web" {
  vpc_id = aws_vpc.main.id
  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}
 
resource "aws_security_group" "bastion" {
  vpc_id = aws_vpc.main.id
  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["<admin-ip>/32"]
  }
}

  4. EC2 Instance Provisioning:

    • Deployed EC2 instances with Amazon Linux 2 for Web (Nginx), App (Node.js), and RDS for Database.

    • Used user data scripts for automation.

      resource "aws_instance" "web" {
  ami           = "ami-12345678"
  instance_type = "t3.micro"
  subnet_id     = aws_subnet.private_app_1.id
  security_groups = [aws_security_group.web.id]
  user_data = <<-EOF
              #!/bin/bash
              yum install nginx -y
              systemctl start nginx
              EOF
}

  5. Bastion Host and NAT Gateway:

    • Deployed a Bastion Host in a public subnet and a NAT Gateway for private subnet internet access.

      resource "aws_instance" "bastion" {
  ami           = "ami-12345678"
  instance_type = "t3.micro"
  subnet_id     = aws_subnet.public_1.id
  security_groups = [aws_security_group.bastion.id]
}
 
resource "aws_eip" "bastion" {
  instance = aws_instance.bastion.id
  vpc      = true
}
 
resource "aws_nat_gateway" "nat" {
  allocation_id = aws_eip.nat.id
  subnet_id     = aws_subnet.public_1.id
}
 
resource "aws_eip" "nat" {
  vpc = true
}

  6. RDS MySQL in Multi-AZ Configuration:

    • Deployed a Multi-AZ RDS MySQL instance in private subnets.

      resource "aws_db_instance" "main" {
  identifier          = "Startup-db"
  engine             = "mysql"
  instance_class     = "db.t3.medium"
  allocated_storage  = 20
  multi_az           = true
  subnet_group_name  = aws_db_subnet_group.main.name
}
 
resource "aws_db_subnet_group" "main" {
  name       = "Startup-db"
  subnet_ids = [aws_subnet.private_db_1.id, aws_subnet.private_db_2.id]
}

  7. Cost Optimization and Scalability:

    • Configured Auto Scaling Groups for Web and App tiers.
    • Used t3.micro for non-production and optimized RDS scheduling.

  8. Security and Compliance:

    • Implemented IAM roles and encryption for RDS and HTTPS.

Result

The 3-tier architecture delivered transformative outcomes for Startup:

  • 300% Traffic Increase: Scaled seamlessly during peak seasons.
  • 25% Cost Reduction: Optimized instances and Auto Scaling saved costs.
  • 99.9% Uptime: Multi-AZ ensured reliability.
  • Operational Efficiency: Terraform reduced deployment time to hours.
  • Enhanced Security: Protected customer data with strict access controls.

This project highlights AMJ Cloud Technologies’ expertise in e-commerce cloud solutions.

Technologies Used

  • AWS VPC: Isolated network.
  • AWS EC2: Hosted web and app.
  • AWS RDS: Stored data.
  • AWS ALB: Balanced traffic.
  • AWS Auto Scaling: Scaled dynamically.
  • AWS Bastion Host: Secured access.
  • AWS NAT Gateway: Enabled outbound traffic.
  • AWS Internet Gateway: Public access.
  • AWS Security Groups: Restricted access.
  • AWS IAM: Managed permissions.
  • AWS CloudWatch: Monitored performance.
  • Terraform: Automated infrastructure.

Key Takeaways

This project demonstrates the power of Terraform and 3-tier architectures in e-commerce, ensuring scalability, security, and cost efficiency. AMJ Cloud Technologies empowers startups with innovative cloud solutions.

Architectural Diagram

Need a Similar Solution?

I can help you design and implement similar cloud infrastructure and DevOps solutions for your organization.

Let's Discuss Your ProjectView More Projects