3-Tier Architecture Diagram

VPC: empty-vpc (10.1.0.0/16)

Internet Gateway (IGW)

NAT Gateway + EIP

Public Subnet

AZ: ap-southeast-1a
CIDR: 10.1.1.0/24

🖥️ Public EC2
(Web Server - Nginx)
t2.micro

🛡️ Security Group: ec2-sg
• HTTP (80) ← Internet
• HTTPS (443) ← Internet
• SSH (22) ← Internet

Port 80/443

→

Nginx

→

Port 5000

📦 S3: Frontend Files
three-tier-web-app-satya/frontend

Private Subnets

Subnet 1 (AZ: ap-southeast-1b)
CIDR: 10.1.2.0/24

🖥️ Private EC2
(Flask Backend)
t2.micro

🛡️ Security Group: private-sg
• Port 5000 ← Public EC2
• SSH (22) ← Public EC2

Flask API

→

Port 5432

→

PostgreSQL

📦 S3: Backend Files
three-tier-web-app-satya/backend

Subnet 2 (AZ: ap-southeast-1c)
CIDR: 10.1.3.0/24

🗄️ RDS PostgreSQL
(Database)
db.t3.micro

🛡️ Security Group: rds-sg
• Port 5432 ← Private EC2
• No Outbound Access

SQL Queries

→

Database

🔐 IAM Role: ec2-s3-access-role
• S3 Access • SSM Session Manager

EC2 Instances

→

S3 Bucket

🔄 Detailed Traffic Flow:

🌐 Internet

→

IGW

→

Public Subnet

→

Nginx (Port 80)

Public EC2

→

Private Subnet

→

Flask (Port 5000)

Private EC2

→

RDS (Port 5432)

→

PostgreSQL DB

Private EC2

→

NAT Gateway

→

IGW

→

S3 / Internet

📊 Resource Summary:

Compute: 2 EC2 instances

Database: 1 RDS PostgreSQL

Network: 1 VPC, 3 Subnets

Security: 3 Security Groups

Gateways: 1 IGW, 1 NAT Gateway

Storage: 1 S3 Bucket

3-Tier Architecture Diagram

🔄 Detailed Traffic Flow:

Legend:

📊 Resource Summary: