WOUSB Student Productivity Platform - AWS Deployment and Infrastructure Design

Project Overview

The WOUSB Student Productivity Platform was designed, developed, and deployed as a full-stack web application utilizing a LAMP architecture (Linux, Apache, MySQL, PHP) hosted within Amazon Web Services (AWS). The project provided hands-on experience with cloud infrastructure, system administration, networking, security, backup strategies, monitoring, and disaster recovery planning.

The deployment was designed to follow industry best practices for security, scalability, reliability, and maintainability while providing a production-ready environment for hosting web applications.

AWS Account Security and Identity Management

Security was established as a foundational component of the environment.

Multi-Factor Authentication (MFA)

• Configured Multi-Factor Authentication (MFA) for AWS account access.

• Implemented additional authentication controls to protect cloud resources and administrative access.

Identity and Access Management (IAM)

• Created IAM users and roles based on least-privilege access principles.

• Assigned permissions according to specific administrative and operational responsibilities.

• Restricted use of the AWS root account to emergency and account-level functions only.

• Implemented role-based access control to improve security and account management.

Compute Infrastructure - Amazon EC2

EC2 Instance Deployment

An Amazon EC2 instance was provisioned to host the application environment.

Key configuration activities included:

• Selection of appropriate instance sizing based on application requirements.

• Deployment within a Virtual Private Cloud (VPC).

• Configuration of Elastic Block Storage (EBS) volumes.

• Creation of Security Groups to restrict inbound and outbound traffic.

• Opening only required ports such as HTTP (80) and HTTPS (443).

• Installation and configuration of Linux, Apache, MySQL, and PHP components.

Secure Administrative Access

Administrative access was secured using SSH key authentication.

Example connection method:
ssh -i private-key.pem ec2-user@server-address

This approach eliminated password-based remote administration and improved overall security.

DNS and Domain Management

Amazon Route 53

Amazon Route 53 was implemented to provide DNS management for the application domain.

Configuration included:

• Creation of a hosted zone.

• Management of A records for primary domain routing.

• Configuration of CNAME records for subdomains.

• DNS routing between domain services and AWS infrastructure resources.

The DNS implementation provided a professional domain presence while enabling centralized domain administration.

Backup and Disaster Recovery Strategy

Amazon Machine Images (AMI)

Amazon Machine Images (AMI) were used to create recoverable snapshots of the server environment.

Each AMI captured:

• Operating system configuration

• Apache web server configuration

• PHP application environment

• System settings

• Installed software

• Application files

The AMI strategy provided rapid server recovery and simplified infrastructure restoration.

Data Protection

To improve resiliency:

• Backup data was stored separately from application servers.

• Amazon S3 was utilized for backup storage.

• Automated backup procedures were implemented where appropriate.

• Recovery procedures were documented to support disaster recovery planning.

Scalability and High Availability

Application Load Balancer (ALB)

An Application Load Balancer was evaluated and configured to distribute traffic across application resources.

Benefits included:

• Improved application availability

• Enhanced performance

• Fault tolerance

• Future scalability planning

Auto Scaling

Auto Scaling Groups were incorporated into the design to support:

• Dynamic resource allocation

• Increased availability

• Cost optimization

• Automatic response to workload demands

Database Architecture

Amazon RDS

Amazon Relational Database Service (RDS) was selected as the preferred database solution.

Advantages included:

• Managed database administration

• Automated backups

• Improved reliability

• Simplified maintenance

• Enhanced disaster recovery capabilities

Separating application and database services improved overall architecture resiliency and reduced the risk of data loss.

Monitoring and Operational Visibility

Amazon CloudWatch

Amazon CloudWatch was implemented to monitor system health, resource utilization, and application performance.

Monitoring included:

• CPU utilization

• Memory consumption

• Network performance

• System availability

• Application health indicators

CloudWatch Alarms

Automated alerts were configured to notify administrators when predefined performance thresholds were exceeded.

This provided proactive monitoring capabilities and improved operational awareness.

AMI Backup and Recovery Considerations

Amazon Machine Images provide a complete snapshot of an EC2 instance, including:

• Operating system

• Installed applications

• Configuration files

• Application code

• Server settings

When launching a new instance from an AMI, the environment can be recreated with the same configuration as the original system.

Best Practices

• Remove unnecessary files before creating images.

• Exclude sensitive information whenever possible.

• Store dynamic application data separately using services such as Amazon RDS or Amazon S3.

• Document firewall, networking, and security configurations to ensure proper recovery procedures.

Benefits

The AMI strategy provided:

• Rapid environment recovery

• Consistent infrastructure deployment

• Simplified testing environments

• Disaster recovery readiness

• Reduced deployment time for future systems

Technologies Utilized

• Amazon Web Services (AWS)

• Amazon EC2

• Amazon Route 53

• Amazon IAM

• Amazon RDS

• Amazon S3

• Amazon CloudWatch

• Application Load Balancer (ALB)

• Auto Scaling Groups

• Linux

• Apache

• MySQL

• PHP

• DNS

• SSH

• Virtual Private Cloud (VPC)

• Disaster Recovery Planning

• Systems Administration

• Cloud Infrastructure Design

This project provided practical experience in cloud architecture, Linux administration, web application hosting, security implementation, monitoring, backup strategies, disaster recovery planning, and enterprise infrastructure management.