AWS CLI | CloudFront+s3+ec2+EBS |

Gaurav Khore
6 min readOct 29, 2020



Amazon CloudFront is a content delivery network (CDN) offered by Amazon Web Services. Content delivery networks provide a globally-distributed network of proxy servers which cache content, such as web videos or other bulky media, more locally to consumers, thus improving access speed for downloading the content.


Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.[1][2] Amazon S3 uses the same scalable storage infrastructure that uses to run its global e-commerce network.[3] Amazon S3 can be employed to store any type of object which allows for uses like storage for Internet applications, backup and recovery, disaster recovery, data archives, data lakes for analytics, and hybrid cloud storage.

Task Description:-

🔰 *Create High Availability Architecture with AWS CLI* 🔰

The architecture includes-
🔅Webserver configured on EC2 Instance
🔅 Document Root(/var/www/html) made persistent by mounting on EBS Block Device.
🔅 Static objects used in code such as pictures stored in S3
🔅 Setting up Content Delivery Network using CloudFront and using the origin domain as S3 bucket.
🔅Finally place the Cloud Front URL on the webapp code for security and low latency.

Diagrammatic representation of the Architecture:-

Solution for the Task:-

Step1: Create keypair and security group:-

aws ec2 create-key-pair --key-name task6 --query KeyMaterial        --output text > task6.pem

Will create a keypair and also store the key material to .pem file which can be use to connect the instance using the ssh protocol.

aws ec2 create-security-group --group-name task6 --description    "for task6"  --vpc-id vpc-aef7eac6

Will create a security group with no rules.

aws ec2 authorize-security-group-ingress --group-name task6         --ip-permissions IpProtocol=tcp,FromPort=22,ToPort=22,IpRanges=[{CidrIp=}] IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges=[{CidrIp=}]

Will add rule to the following security group. It add port 22 and 80 to the following security group and by doing so the client can access the webpage using the http protocol i.e 80 port.

Step 2: Launch an ec2 instance using the above keypair and security group , also configure the web server:-

aws ec2 run-instances  --image-id ami-0e306788ff2473ccb             --instance-type t2.micro --security-group-ids sg-060ae285029c964ec  --subnet-id subnet-78003a10 --count 1 --key-name task6

Will launch an ec2 instance using the above created keypair and security group. we had attached the security group that has rule for the http protocol so that the web page which we create in this instance can be accessed by the client.

For configuring a http web server we have to perform three steps i.e:-

=> yum install httpd
=> create a html page in the /var/www/html directory
=> systemctl start httpd

first install the httpd in the os and than setup it by creating a web page in the /var/www/html and after this just start the server by running the systemctl start httpd.By using the public_ip:80/webpage_name.html we can access the webpage .

Step 3: Create a ebs volume and attach it to the /var/www/html dir of the ec2instance:-

aws ec2 create-volume --availability-zone ap-south-1a  --size 1     --volume-type gp2

It will create an ebs volume of size 1 gb in the ap-south-1a azs of the aws. It will have the status as available.

aws ec2 attach-volume --device  /dev/sdf  --instance-id            i-0772ef4517002029c  --volume-id vol-021abdab4c03ebc9c

Will attach the ebs volume to the instance. We have mark a point that the instance and the ebs should be created in the same availability zone otherwise we will be not able to connect the ec2 instance with the ebs volume.

we can see that the ebs is attached or not by the following cmds:-

For connecting the ebs to the /var/www/html we have to perform three steps i.e first create the partition in the disk(/dev/xvdf is the disk name in this case), than format the partition and after this we can mount the drive to any directory(in this case directory will be /var/www/html). The cmds for the above three steps will be:-

1) fdisk /dev/xvdf
2) mkfs.ext4 /dev/xvdf1
3) mount /dev/xvdf1 /var/www/html

Step 4: Create a s3 bucket and put object in the same bucket:-

aws s3api create-bucket --bucket gktask6 --region ap-south-1        --acl public-read --create-bucket-configuration LocationConstraint=ap-south-1

Will create a s3 bucket in the ap-south-1 region and this bucket will have public-read access. The name of the s3 bucket should be unique because it is given to the url of the object uploaded inside the following bucket.

For uploading the object in the bucket from the cli use the following cmd:-

aws s3api put-object --bucket gktask6 --acl public-read --key arth_task6.png --body arth_task6.png

Will upload the data from the location given in the — body option with name given in the — key option.

Step 5: Launch a Cloudfront with origin as the s3 bucket:-

aws cloudfront create-distribution --origin-domain-name

It will create a cloudfront server for the s3 bucket. by using the cloudfront we are creating the local cache to the client(who will access the page) nearest edge location of the aws.

Step 6: Create a html page in the ec2 instance and provide the domain name as url in the img src for accessing the image using the cloudfront:-

By using the following cm client can access the webpage from anywhere


Thanks for reading…….