Building A Three Tier Architecture In AWS

A Three-Tier Architecture in AWS is a well-structured cloud application model that separates the application into three distinct layers:

1. Presentation Layer (Frontend)

• This is the user interface (UI) layer where users interact with the application.

• It can be hosted on Amazon S3 (for static websites), or Amazon EC2 (for dynamic websites) with Elastic Load Balancer (ELB) to distribute traffic.

• AWS CloudFront can be used for content caching and faster performance.

2. Application Layer (Business Logic)

• This layer processes user requests and contains the core logic of the application.

• Typically hosted on Amazon EC2 instances (Auto Scaling for scaling needs) or AWS Lambda (for serverless architecture).

• Managed services like AWS Elastic Beanstalk can help deploy and manage applications easily.

3. Database Layer (Data Storage)

• This layer stores and retrieves application data.

• Common AWS database services include:

  • Amazon RDS (Relational Database Service) – for structured data (MySQL, PostgreSQL, etc.).

  • Amazon DynamoDB – for NoSQL databases.

  • Amazon ElastiCache – for caching frequently accessed data.

How AWS Supports Three-Tier Architecture

• Security: AWS Security Groups, IAM roles, and VPCs ensure controlled access between layers.

• Scalability: Auto Scaling, ELB, and RDS Read Replicas ensure performance under heavy load.

• Reliability: AWS provides multi-AZ deployments and backup solutions to prevent failures.

This architecture is widely used for web applications, ensuring better security, scalability, and maintainability.

In This blog, we'll learn how to deploy a Three-Tier Architecture in Amazon Web Services (AWS).

Step 1: Setup AWS VPC (Networking Layer)

1. Create a VPC

   • Go to AWS Management Console → VPC Dashboard → Create VPC.

   • Choose IPv4 CIDR Block (e.g., 10.0.0.0/16).

   • Click Create VPC.

2. Create Subnets

   • Create two public subnets (for Load Balancer, NAT Gateway).

   • Create two private subnets (for Application Layer & Database Layer).

   • Assign different Availability Zones (AZs) for redundancy.

3. Create an Internet Gateway (IGW)

   • Attach it to the VPC for public access.

4. Create Route Tables

   • Create one public route table → Associate it with public subnets → Add a route to 0.0.0.0/0 via Internet Gateway.

   • Create one private route table → Associate it with private subnets.

   • (Optional) Attach a NAT Gateway in the public subnet for private subnet internet access.

---

Step 2: Deploy the Presentation Layer (Frontend)

Option 1: Using Amazon S3 (For Static Websites)

1. Create an S3 Bucket → Upload website files (HTML, CSS, JS).

2. Enable Static Website Hosting in S3 settings.

3. Use Amazon CloudFront for global content delivery.

Option 2: Using Amazon EC2 (For Dynamic Web Apps)

1. Launch an EC2 instance (Amazon Linux / Ubuntu) in the public subnet.

2. Install a web server (e.g., Apache, Nginx).

    bashCopyEditsudo yum install httpd -y
    sudo systemctl start httpd
    sudo systemctl enable httpd
   

3. Configure Security Group: Allow HTTP (80) and HTTPS (443) traffic.

---

Step 3: Deploy the Application Layer (Backend)

1. Create an EC2 Auto Scaling Group

   • Go to EC2 Dashboard → Auto Scaling Groups → Create.

   • Set the minimum and maximum number of instances based on expected traffic.

2. Attach a Load Balancer

   • Create an Application Load Balancer (ALB) in the public subnet.

   • Attach it to the Auto Scaling Group for distributing traffic.

   • Configure a Target Group and register backend EC2 instances.

3. Install Backend Services (e.g., Node.js, Python, PHP)

   • SSH into an EC2 instance and install necessary software.

Example: Installing Node.js on Amazon Linux:

    bashCopyEditsudo yum install -y gcc-c++ make
    curl -fsSL https://rpm.nodesource.com/setup_16.x | sudo bash -
    sudo yum install -y nodejs

---

Step 4: Deploy the Database Layer

Option 1: Using Amazon RDS (Relational DB)

1. Go to RDS Dashboard → Create Database.

2. Select MySQL / PostgreSQL / MariaDB / Aurora.

3. Choose Multi-AZ Deployment for high availability.

4. Place RDS in private subnets (so it’s not publicly accessible).

5. Modify Security Group to allow access from the Application Layer (EC2 instances).

Option 2: Using DynamoDB (NoSQL DB)

1. Go to DynamoDB Console → Create Table.

2. Define Primary Key and configure settings.

3. Ensure EC2 backend has IAM Role permissions to access DynamoDB.

---

Step 5: Configure Security & IAM Roles

1. Create Security Groups

   • Frontend (S3 / EC2): Allow HTTP (80) & HTTPS (443) access.

   • Application Layer (EC2 Backend): Only allow traffic from the Load Balancer.

   • Database Layer (RDS/DynamoDB): Only allow traffic from the Application Layer EC2 instances.

2. Set up IAM Roles & Policies

   • Attach an IAM Role to EC2 instances for DynamoDB/RDS access.

   • Attach an IAM Policy to S3 for public read access if needed.

---

Step 6: Test & Monitor the Architecture

1. Test Frontend (S3/CloudFront or Load Balancer URL)

2. Test Backend API (Postman or curl)

3. Test Database Connectivity (from EC2 to RDS/DynamoDB)

    bashCopyEditmysql -h your-rds-endpoint -u admin -p
   

4. Use AWS CloudWatch for Monitoring

   • Enable logs for EC2, RDS, and Load Balancer.

   • Set up AWS CloudTrail for security logging.

---

Step 7: Scale & Optimize

1. Auto Scaling Configuration

   • Configure scaling policies based on CPU utilization.

   • Set up notifications using AWS SNS.

2. Enable Caching (Amazon ElastiCache)

   • Use Redis / Memcached to reduce database load.

3. Implement CDN (CloudFront)

   • Improve frontend performance for global users.

---

Final Architecture Overview

---

Conclusion

Now we have successfully deployed a Three-Tier Architecture in AWS using EC2, Load Balancer, Auto Scaling, S3, CloudFront, RDS/DynamoDB! 🎉

This architecture ensures:
✅ Scalability – Auto Scaling and Load Balancer
✅ Security – Private subnets, IAM roles, Security Groups
✅ Performance – CloudFront caching, ElastiCache, Multi-AZ RDS