0

Infrastructure buildout on AWS using ECS with Terraform

Leveraging terraform to setup a webserver, database and backend for a personal project

Project Overview

In order to keep cost of scaling low and to try and build and manage our own infrastructure, we took to building out our server, frontend and database purely using Terraform.

myPortfolio

Details

My team and I built out the necessary terraform infrastructure to provision EC2, a VPC, the necessary security groups, target groups, regional configurations, container builds, and networking between them. This is for a stealth startup that I am currently working on, and rather than use other pre built services, we opted for EC2 and then plugged in all of the necessary infrastructure connections.

Server buildout

We weighed different frameworks for their strengths and weaknesses. It ended up being between Golang and Express in TS, and since we were already mostly familiar with TS and Express ecosystem, we opted for building in Express.

Frontend buildout

There are always new frontend web development framworks coming out. Since we decided on the backend already, we opted for using Vite.

DB management and config

Yes, writing raw SQL calls is cool but we opted for an layer below an ORM and between raw SQL using .

Challenges and learning experiences

When we first set out to intitially build this project, we intially attempted to use to the AWS GUI, pointing and clicking the necessary ECS configurations, as well as other VPC and networking considerations. However, after having issues connecting our containers within the VPC we opted to use Terraform as we can version control our infrastructure and me and another team member were familiar with using it. This task was undoubedtly daunting, as we had provisioned some small infra in the past but not to the scale of a completely built out website running on AWS, scalable to many thousands of users for a manageable cost.

When starting out development, especially on a project like this there are often a lot of questions that take a signiicant amount of time to answer correctly, like "What should my networking policy be?" or "Should I make my DB public or private?". It is often a challenge to decide on these questions in a reasonable amount of time. It takes weighing security, efficiency and robustness of code to move forward.

Notes on containerization. I think a fair amount of the modern world runs on the containers, and ending up in dependency hell is not ideal but make sure that you have your container networking down when attempting a project like this. There are often many .env files for varying build stages and depdendency injection at the ECS level vs the local or dev level can prove to become very difficult to track, as we have learned.