🏗️
Web App (EC2 + RDS)
ALB → EC2 in VPC with RDS PostgreSQL. Classic 2-tier web application.
What you can build with this
Run a traditional web application on a server — Node.js, Python/Django, Ruby on Rails, or PHP. Your code runs on an EC2 instance. A managed PostgreSQL database (RDS) stores your data. The Application Load Balancer handles HTTPS and routes traffic to your server.
Deployment timing
After you run the deploy command, resources come online at different times. Check the validation steps in order.
| Resource | Ready in |
|---|---|
| VPC, subnets, security groups | 1–2 min (early in stack deploy) |
| Load Balancer | 2–3 min |
| EC2 Instance launched | 2–4 min |
| EC2 fully booted and accessible | 3–5 min |
| RDS Database available | 5–10 min |
| Your app starts accepting traffic | After you deploy and start your app on EC2 |
| Custom domain DNS | 5–30 min after Route53 record saved |
DNS / Certificate note: The load balancer DNS name (e.g. my-alb-123456789.us-east-1.elb.amazonaws.com) is the correct target for a Route53 alias A record — do not use the raw IP address as it can change. The load balancer handles SSL termination using your ACM certificate.
CloudFormation parameters
These are the values you will fill in when deploying the exported template. Changing these does not break the template — that is the point.
| Parameter | What to provide | Example |
|---|---|---|
| KeyPairName | Name of your EC2 key pair for SSH access | my-keypair |
| Ec2InstanceType | EC2 server size | t3.small |
| DbMasterPassword | Password for the database admin user | SecurePassword123! |
| AcmCertificateArn | ACM certificate ARN for HTTPS | arn:aws:acm:us-east-1:... |