{"id":23036088,"url":"https://github.com/mohammedalics/aws_practices","last_synced_at":"2025-10-07T14:19:57.025Z","repository":{"id":149252935,"uuid":"144635470","full_name":"mohammedalics/aws_practices","owner":"mohammedalics","description":"Practices on AWS. All practices are built with CloudFormation. Diagrams are opensourced via draw.io and GDrive ","archived":false,"fork":false,"pushed_at":"2018-08-19T16:02:11.000Z","size":341,"stargazers_count":8,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-08-14T17:45:17.155Z","etag":null,"topics":["aws","cloudformation","cloudformation-template","practice"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mohammedalics.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-08-13T21:26:02.000Z","updated_at":"2024-07-31T07:00:52.000Z","dependencies_parsed_at":null,"dependency_job_id":"f9a199ef-976f-4fe5-b125-6933fa6b3352","html_url":"https://github.com/mohammedalics/aws_practices","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/mohammedalics/aws_practices","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammedalics%2Faws_practices","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammedalics%2Faws_practices/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammedalics%2Faws_practices/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammedalics%2Faws_practices/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mohammedalics","download_url":"https://codeload.github.com/mohammedalics/aws_practices/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mohammedalics%2Faws_practices/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278788096,"owners_count":26045892,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-07T02:00:06.786Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cloudformation","cloudformation-template","practice"],"created_at":"2024-12-15T16:48:20.428Z","updated_at":"2025-10-07T14:19:57.020Z","avatar_url":"https://github.com/mohammedalics.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# AWS Practices \r\n\r\n## \u003ca name=\"1\"\u003e\u003c/a\u003e VPC/Subnet/Internet Gateway (1 instance)\r\n[1_1_vpc_1_public_subnet_1_instance_1_internet_gateway.json:](../master/1_1_vpc_1_public_subnet_1_instance_1_internet_gateway.json)\r\n   Simple stack that contains `one VPC`, `one public subnet`, `Internet gateway` and `one instance` connected to the internet through the gateway.\r\n\r\n\u003cp align=\"center\"\u003e\r\n    \u003cimg src=\"https://github.com/mohammedalics/aws_practices/blob/master/1_1_vpc_1_public_subnet_1_instance_1_internet_gateway.png\" alt=\"1_1_vpc_1_public_subnet_1_instance_1_internet_gateway.json\"/\u003e\r\n\u003c/p\u003e\r\n\r\n## \u003ca name=\"2\"\u003e\u003c/a\u003e VPC/Subnet/Internet Gateway (2 instances) \r\n[2_1_vpc_1_public_subnet_2_instances_1_internet_gateway.json:](../master/2_1_vpc_1_public_subnet_2_instances_1_internet_gateway.json)\r\n   Simple stack that contains `one VPC`, `one public subnet`, `Internet gateway` and `two instances` connected to the internet through the gateway.\r\n\r\nThe above sample has been updated to: \r\n- Include one more instance in the same public subnet but without assigning a publicIP. \r\n- Add IpProtocol `icmp` from port `8` to all `-1` in `SecurityGroup` to enable `ping` request between the machines. \r\n\r\n\u003cp align=\"center\"\u003e\r\n    \u003cimg src=\"https://github.com/mohammedalics/aws_practices/blob/master/2_1_vpc_1_public_subnet_2_instances_1_internet_gateway.png\" alt=\"2_1_vpc_1_public_subnet_2_instances_1_internet_gateway.json\"/\u003e\r\n\u003c/p\u003e\r\n\r\n## \u003ca name=\"3\"\u003e\u003c/a\u003e VPC/2 Subnets/Internet Gateway (2 instances) \r\n[3_1_vpc_1_public_subnet_1_private_subnet_2_instances_1_internet_gateway.json:](../master/3_1_vpc_1_public_subnet_1_private_subnet_2_instances_1_internet_gateway.json)\r\n   Simple stack that contains `one VPC`, `one public subnet`, `one private subnet`, `Internet gateway` and `two instances`. The `public subnet` connected to the internet through the `CustomRouteTable` route the traffic to the `Internet gateway`. The `private subnet` is not connected to the internet and use the `MainRouteTable`. \r\n\r\nThe above sample has been updated to: \r\n- Move the private instance to a private subnet. \r\n\r\n\u003cp align=\"center\"\u003e\r\n    \u003cimg src=\"https://github.com/mohammedalics/aws_practices/blob/master/3_1_vpc_1_public_subnet_1_private_subnet_2_instances_1_internet_gateway.png\" alt=\"3_1_vpc_1_public_subnet_1_private_subnet_2_instances_1_internet_gateway.png\"/\u003e\r\n\u003c/p\u003e\r\n\r\n## \u003ca name=\"4\"\u003e\u003c/a\u003e VPC/Subnet/Internet Gateway with recovery alarm (1 instance)\r\n[4_1_vpc_1_public_subnet_1_instance_1_internet_gateway_recovery_alarm.json:](../master/1_1_vpc_1_public_subnet_1_instance_1_internet_gateway_recovery_alarm.json)\r\n   Same as [VPC/Subnet/Internet Gateway (1 instance)](#1) but a recovery alarm `CloudWatch` was added. \r\n_`UserData` added to start jenkins server on 8080 for later use_\r\n\r\n\u003cp align=\"center\"\u003e\r\n    \u003cimg src=\"https://github.com/mohammedalics/aws_practices/blob/master/4_1_vpc_1_public_subnet_1_instance_1_internet_gateway_recovery_alarm.png\" alt=\"4_1_vpc_1_public_subnet_1_instance_1_internet_gateway_recovery_alarm.json\"/\u003e\r\n\u003c/p\u003e\r\n\r\n## \u003ca name=\"5\"\u003e\u003c/a\u003e VPC/2 Subnets/Internet Gateway/AutoScaling (1 instance max/min) \r\n[5_1_vpc_2_public_subnet_1_internet_gateway_autoscaling.json:](../master/5_1_vpc_2_public_subnet_1_internet_gateway_autoscaling.json)\r\n   Simple stack that contains `one VPC`, `two public subnets`, `Internet gateway`, `launch configruation` and `autoscaling for one instance min/max` `two instances`. The `subnets` connected to the internet through the `CustomRouteTable` route the traffic to the `Internet gateway`.\r\n\r\n\u003cp align=\"center\"\u003e\r\n    \u003cimg src=\"https://github.com/mohammedalics/aws_practices/blob/master/5_1_vpc_2_public_subnet_1_internet_gateway_autoscaling.png\" alt=\"5_1_vpc_2_public_subnet_1_internet_gateway_autoscaling.png\"/\u003e\r\n\u003c/p\u003e\r\n\r\n## \u003ca name=\"6\"\u003e\u003c/a\u003e VPC/2 Subnets/Internet Gateway/AutoScaling/EBS Recovery  (1 instance max/min) \r\n[6_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery.json:](../master/6_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery.json)\r\n   Same as [VPC/2 Subnets/Internet Gateway/AutoScaling (1 instance max/min)](#5) but the `imageId` is parameterized as an `optional` parameter. so we can:\r\n   - Create snapshots of the EBS volume, and use snapshot if a virtual server needs to recover in another availability zone. EBS snapshots are stored on S3 to be available in multiple availability zones.\r\n   ```\r\n   aws ec2 create-image --instance-id=i-0ad5005528a7ed71f --name jenkins-instance\r\n   ```\r\nwait until recieving `available` for the image status.\r\n```\r\naws ec2 describe-images --image-id $newImageId --query \"Images[].State\"\r\n```\r\n- Update the stack with the new imageId. \r\n```\r\naws cloudformation update-stack --stack-name $stackName --template-url $tempateUrl --parameters ParameterKey=JenkinsAdminPassword,UsePreviousValue=true ParameterKey=AMISnapshot,ParameterValue=$newImageId\r\n```\r\n\r\n### To Test it: \r\n- Open the jenkins server and create a job (just to make sure that the EBS Recovery is working)\r\n- Write down the current instance avaialability zone. \r\n- Terminiate the current running instance\r\n```\r\naws ec2 terminate-instances --instance-ids $instanceId\r\n```\r\n- Wait until the instance terminiated and newely instance created. \r\n- Get the new publicIP\r\n- Log in to the jenkins server http://$publicIP:8080/ and verify if the job is there.\r\n\r\n### To clean up:\r\n\r\nRun below:\r\n```\r\naws cloudformation delete-stack --stack-name $stackName\r\naws cloudformation describe-stacks --stack-name $stackName #wait until return error or stack deleted.\r\naws ec2 deregister-image --image-id $newImageId\r\naws ec2 delete-snapshot --snapshot-id $snapshotId\r\n```\r\n\u003cp align=\"center\"\u003e\r\n    \u003cimg src=\"https://github.com/mohammedalics/aws_practices/blob/master/6_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery.png\" alt=\"6_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery.png\"/\u003e\r\n\u003c/p\u003e\r\n\r\n## \u003ca name=\"7\"\u003e\u003c/a\u003e VPC/2 Subnets/Internet Gateway/AutoScaling/EBS Recovery/ElasticIP  (1 instance max/min) \r\n[7_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery_elastic_ip.json:](../master/7_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery_elastic_ip.json)\r\n   Same as [VPC/2 Subnets/Internet Gateway/AutoScaling/EBS Recovery  (1 instance max/min)](#6) but overcoming the problem of assigning another publicIP/PrivateIP to the new instance in another availability zone since we can't keep the same publicIP between different zones. \r\n   By default, you also can’t use an Elastic IP as a public IP address for a virtual server launched by auto-scaling.\r\n- Allocating an Elastic IP\r\n- Adding the association of an Elastic IP to the script in the user data\r\n- Creating an IAM role and policy to allow the EC2 instance to associate an Elastic IP\r\n\r\n### To Test it: \r\n- Open the jenkins server with the elasticIP assigned. \r\n- Terminiate the current running instance\r\n- Wait until the instance terminiated and newely instance created. \r\n- Log in to the jenkins server http://$elasticIP:8080/ and verify if jenkins is running.\r\n\r\n\u003cp align=\"center\"\u003e\r\n    \u003cimg src=\"https://github.com/mohammedalics/aws_practices/blob/master/7_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery_elastic_ip.png\" alt=\"7_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery_elastic_ip.png\"/\u003e\r\n\u003c/p\u003e\r\n\r\n\r\n## \u003ca name=\"8\"\u003e\u003c/a\u003e VPC/2 Subnets/Internet Gateway/AutoScaling/EBS Recovery/LoadBalaner (2 instance max/min) \r\n[8_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery_loadbalancer.json:](../master/8_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery_loadbalancer.json)\r\n   Same as [VPC/2 Subnets/Internet Gateway/AutoScaling/EBS Recovery  (1 instance max/min)](#6) but overcoming the problem of assigning another publicIP/PrivateIP to the new instance in another availability zone since we can't keep the same publicIP between different zones. \r\nFor that reason, a loadbalancer has been created to distribute the traffic to the EC2 instances. Once a new instance created, It registers itself to the loadbalaner. \r\n\r\n\r\n\u003cp align=\"center\"\u003e\r\n    \u003cimg src=\"https://github.com/mohammedalics/aws_practices/blob/master/8_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery_loadbalancer.png\" alt=\"8_1_vpc_2_public_subnet_1_internet_gateway_autoscaling_ebs_recovery_loadbalancer.png\"/\u003e\r\n\u003c/p\u003e\r\n\r\n___\r\n- [draw.io source folder](https://drive.google.com/drive/folders/1u0WFI9xcUswzycxNzZ1JL4MwiRtE45CF?usp=sharing). \r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmohammedalics%2Faws_practices","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmohammedalics%2Faws_practices","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmohammedalics%2Faws_practices/lists"}