AWS ALB with DNS to RDS for Scalable E-Commerce Infrastructure

Deployed a secure AWS infrastructure for ECommerceSync Solutions using Terraform, featuring an ALB with path-based routing for ProductCatalog, OrderProcessing, and User Management Service, an RDS MySQL database accessible via dns-to-db1.ecommercesyncsolutions.com through a bastion host, and Route 53 DNS registration.

July 4, 2025

Scroll to explore

AWS ALB with DNS to RDS for Scalable E-Commerce Infrastructure

The AMJ Cloud Technologies DevOps team deployed a secure, scalable AWS infrastructure for ECommerceSync Solutions using Terraform. The solution features an Application Load Balancer (ALB) with path-based routing for ProductCatalog, OrderProcessing, and User Management Service (UMS), an RDS MySQL database accessible via dns-to-db1.ecommercesyncsolutions.com through a bastion host, and Route 53 DNS registration, ensuring secure database access and high availability.

Situation

ECommerceSync Solutions, an e-commerce technology provider, required a scalable infrastructure to support their web applications (ProductCatalog, OrderProcessing, and User Management Service) and a MySQL database for user management, with secure database access via a DNS-registered endpoint. Manual setups were error-prone and lacked secure access controls. Our DevOps team was tasked with automating an infrastructure that enables path-based routing for web applications and secure RDS access through a bastion host using dns-to-db1.ecommercesyncsolutions.com.

Task

The objective was to create a Terraform-based infrastructure in AWS us-east-2 with:

A VPC with public and private subnets.
An ALB with HTTPS listener (port 443) and rules for:
- /catalog/* to ProductCatalog target group.
- /order/* to OrderProcessing target group.
- /* to User Management Service (UMS) target group.
An ACM certificate for dns-to-db1.ecommercesyncsolutions.com registered in Route 53.
EC2 instances: 2 for ProductCatalog, 2 for OrderProcessing, 2 for UMS, and 1 bastion host with MySQL client.
An RDS MySQL database (webappdb) accessible via the bastion host using the DNS endpoint.
Security groups for ALB (HTTP/HTTPS), EC2 (HTTP/8080), RDS (MySQL:3306), and bastion (SSH).
Terraform provisioners for automation (UMS WAR file, MySQL client on bastion).
Modular files, consistent tagging (Environment=production, Project=ECommerceSync, Owner=ECommerceSync-Team), pinned module versions, dynamic AMI selection, and secure key management.
Completion within three months.

Action

Our DevOps team implemented the following using Terraform, coding and validating key configurations to ensure secure DNS-based database access and web routing:

Configure ALB with Path-Based Routing

Example from alb.tf:

module "alb" {
  source  = "terraform-aws-modules/alb/aws"
  version = "9.17.0"
  name               = "ecommercesync-alb"
  load_balancer_type = "application"
  vpc_id             = module.vpc.vpc_id
  subnets            = module.vpc.public_subnets
  security_groups    = [module.alb_sg.security_group_id]
  target_groups = [
    { name = "catalog-tg", backend_protocol = "HTTP", backend_port = 80, health_check = { path = "/catalog/index.html" } },
    { name = "order-tg", backend_protocol = "HTTP", backend_port = 80, health_check = { path = "/order/index.html" } },
    { name = "ums-tg", backend_protocol = "HTTP", backend_port = 8080, health_check = { path = "/" } }
  ]
  https_listeners = [
    {
      port               = 443
      protocol           = "HTTPS"
      certificate_arn    = aws_acm_certificate.alb.arn
      action_type        = "forward"
      target_group_index = 2
    }
  ]
  https_listener_rules = [
    {
      https_listener_index = 0
      actions = [{ type = "forward", target_group_index = 0 }]
      conditions = [{ path_patterns = ["/catalog/*"] }]
    },
    {
      https_listener_index = 0
      actions = [{ type = "forward", target_group_index = 1 }]
      conditions = [{ path_patterns = ["/order/*"] }]
    }
  ]
  tags = {
    Environment = "production"
    Project     = "ECommerceSync"
    Owner       = "ECommerceSync-Team"
  }
}

Configure RDS MySQL Database

Example from rdsdb.tf:

module "rds" {
  source  = "terraform-aws-modules/rds/aws"
  version = "6.12.0"
  identifier          = "webappdb"
  engine              = "mysql"
  engine_version      = "8.0"
  instance_class      = "db.t3.micro"
  allocated_storage   = 20
  username            = "dbadmin"
  password            = var.db_password
  vpc_security_group_ids = [aws_security_group.rdsdb_sg.id]
  db_subnet_group_name   = module.vpc.database_subnet_group
  tags = {
    Environment = "production"
    Project     = "ECommerceSync"
    Owner       = "ECommerceSync-Team"
  }
}

Configure Bastion Host for DNS to DB Access

Example from ec2instance-bastion.tf:

module "ec2_bastion" {
  source  = "terraform-aws-modules/ec2-instance/aws"
  version = "6.0.2"
  name                   = "ecommercesync-bastion"
  ami                    = data.aws_ami.amazon_linux.id
  instance_type          = "t3.micro"
  subnet_id              = element(module.vpc.public_subnets, 0)
  vpc_security_group_ids = [aws_security_group.bastion_sg.id]
  key_name               = "terraform-key"
  user_data              = file("jumpbox-install.sh")
  tags = {
    Environment = "production"
    Project     = "ECommerceSync"
    Owner       = "ECommerceSync-Team"
  }
}

Example from jumpbox-install.sh:

#!/bin/bash
yum update -y
yum install -y mysql

Result

The AMJ Cloud Technologies DevOps team successfully delivered a secure infrastructure for ECommerceSync Solutions:

Deployment Automation: Our team automated ALB, EC2, RDS, and Route 53 provisioning using Terraform.
Routing Accuracy: Our team configured and validated 100% accurate path-based routing for /catalog/*, /order/*, and /* to ProductCatalog, OrderProcessing, and User Management Service.
Database Access: Our team enabled secure RDS access via the bastion host using dns-to-db1.ecommercesyncsolutions.com, validated with MySQL client connectivity.
Availability: Our team achieved 99.9% uptime with ALB and EC2 configurations.

Technologies Used

AWS Application Load Balancer
AWS EC2
AWS RDS
AWS Route 53
AWS ACM
AWS VPC
Terraform
Amazon Linux 2
MySQL

Key Takeaways

This project highlights my expertise as a DevOps engineer at AMJ Cloud Technologies in designing and implementing a secure, scalable AWS infrastructure using Terraform, enabling path-based routing and DNS-based RDS access for ECommerceSync Solutions’ e-commerce platform.

Project Details

Industry

Cloud Infrastructure

Technologies Used

AWS Application Load BalancerAWS EC2AWS RDSAWS Route 53AWS ACMAWS VPCTerraformAmazon Linux 2MySQL

Related Portfolio Projects

AWS Load Balancer Controller - NLB External DNS

AMJ Cloud implemented AWS Network Load Balancer (NLB) with External DNS using AWS Load Balancer Controller on EKS for an e-commerce client, enabling secure and automated DNS management for a web application at app.clienteks.com.

AWS ALB with Context Path-Based Routing Using Terraform

The AMJ Cloud Technologies DevOps team deployed a scalable AWS Application Load Balancer with context path-based routing in a custom VPC for TechPulse Solutions, routing /* to a fixed response, /shop* to ShopService EC2 instances, and /api* to ApiService EC2 instances, achieving automated, secure, and modular infrastructure.

AWS ALB and Auto Scaling Group with Launch Templates for Scalable Web Application

The AMJ Cloud Technologies DevOps team deployed a scalable AWS infrastructure for TechPulse Solutions using Terraform, featuring an ALB with path-based routing for PulseWeb, an Auto Scaling Group with launch templates, SNS notifications, and dynamic scaling policies for high availability.

Ready to Transform Your Business?

Contact AMJ Cloud Technologies to optimize your software delivery and drive growth.