Infrastructure scheme

The following scheme describes the infrastructure that will be installed using the terraform script. It contains the following main objects: VPC, security groups, instances, and databases. Besides, you can see the nonessential services that help to achieve certain security and flexibility. This scheme is relevant for deploying non-clustered infrastructure.
The VPC consists of three subnets: Public, Private, and Database. The public network has direct internet access via Internet Gateway. Private network has internet access via NAT instance that is located in the Public network. The database network does not have internet access.
NoPass™ server is located on the private network. It is started with the AWS ECS Service. Inbound traffic is routed to the server using AWS Application Load Balancer. It makes traffic termination from HTTPS into HTTP.
At the moment, the script supports only MySQL database installation, but the server supports MySql, PostgreSQL, MSSQL as well.
To improve security, only the networks and ports required for the application are open.
This scheme is relevant for deploying non-clustered infrastructure.

Next topic: Preparation

Previous topic: Prerequisites