DEV Community

Israel .O. Ayanda
Israel .O. Ayanda

Posted on • Updated on

How to: Deploy a Java Web App on AWS Elastic Beanstalk


  • AWS account
  • Have a VPC (or you may also use the default VPC)
  • Have maven and JDK8 installed
  • AWS account
  • Have a signed certificate (SSL from Certificate Manager)
  • You have a domain name

Lets Begin!

1. Create Key Pairs for Beanstalk instance
Incase of troubleshooting, we need provide a secure way of accessing the EC2 instances.

  • Login into your AWS account.
  • Type Key pair in the AWS search bar
  • Click create key pair
  • Enter Name, Type and Format
  • Click create key pair

key pair

2. Create Security group (SG)
Next, create security group for the backend services (RDS MySQL, Amazon MQ and ElastiCache/memcahed ). All services need to be able to communicate between each other. This means we All traffic should route to itself. To do this, you need to add dummy inbound rule, save it and then click on edit, delete it, and then add All traffic and destination would be the name of the security group.

  • Type Security groups in the AW search bar
  • Click on create security group
  • Enter a Name and add a inbound rule and click create security group


  • Click on edit inbound rules again, this time, delete it and click on add rule
  • Select All traffic and select the SG you just created as the destination.
  • Click on save rules

save rules

3. Create Backend Services

RDS MySQL Database

  • As usual, type RDS in the AWS Search bar
  • Select subnet groups
  • Select create DB subnet group
  • Enter Name, select the your VPC and select two AZs as shown in the diagram below
  • Select subnets and click create

Subnet group

Next, still on this same page, click Parameter groups and click create parameter group. This is useful, if some parameter for the database needs some level of customization.

Enter the following values below

  • Parameter family: Mysql5.7
  • Type: DB parameter group
  • Group name: rds-parameter-gp
  • Description: rds parameter group
  • Click on create

parameter group

Next, still on the same page, click Databases and click create database

  • Standard create
  • Engine Options: MySQL
  • Engine version: 5.7.*
  • Template: Dev/Test (or Free tier for low cost)
  • DB instance identifier: rds-mysql-database
  • master username: admin
  • Select Auto generate a password
  • DB instance class: Burstable classes:db.t3.micro
  • Allocated storage: 20GB
  • Select VPC
  • Select your DB subnet group
  • Public access: NO
  • VPC security group: vprofile_backend_service SG
  • Additional configuration - enter database name: accounts
  • Click Create Database

Click on view credentials to copy your password.

Amazon Elastic Cache
Like RDS, you need to create parameter group and subnet groups.
For parameter group, enter a name and select 1.4 for family_, enter a description and click create.

memchached family

For Subnet group, enter a Name, VPC and leave the default settings and click create.

security group

Next, Click Memcached clusters and click create Memcached clusters

  • Location: AWS CLoud
  • Name: vprofile-memcached-cluster
  • Engine version: 1.4.5
  • Parameter groups: vprofile_memcached-pg
  • Node type: cache.2t.micro
  • Subnet group:vprofile_memcached-sg **_ and click next
  • select manage under security group, select backend_service sg, click next to review
  • Click create


Create Amazon MQ

  • Broker engine: RabbitMQ
  • Deployment mode: single-instance
  • Enter Name: app-rmq
  • Broker instance type: t3 micro
  • Enter username and password
  • Under additional settings, select private access below network
  • Select the default VPC and the security group we created from the dropdown.
  • Enter and click next to review settings
  • Click create broker


4. Login into the instance and initialize RDS DB
At this point, you add the database accounts schema to RDS MYSQL. To do this lunch a temporary EC2 instance to initialize the database with the database schema.

Lunch a EC2 instance

  • Enter instance name
  • AMI : ubuntu 20 / free tier
  • Instance type: t2.micro
  • Select your key pair
  • Create Security group: Name: mysql-client-sg: Allow SSH to MyIP ( in some cases you might need to use instead)
  • Add User data
# update ubuntu OS and install MySQL client at startup
sudo apt update
sudo apt install mysql-client -y
Enter fullscreen mode Exit fullscreen mode
  • Click lunch instance


Update backend security group (backend services) to allow MySQL traffic from the security group of the instance.

Next, copy the Endpoint of RDS MYSQL database for _accounts _ which is the hostname, you will need this to connect to RDS MYSQL and also to update the connection to the application.


SSH into the instance and Connect to RDS MYSQL

Clone the application repo Here

# Make sure git is installed and clone repo
git clone

# navigate to **_src/main/resource_**

mysql -h <Replace RDS Endpoint> -u admin 
-p<Replace RDS DATABASE PASSWORD> accounts < db_schema.sql

# Show all database 
show databases;

# Use databases accounts
use accounts;

# Show the tables in the database accounts
show tables;
Enter fullscreen mode Exit fullscreen mode


Copy the endpoint for Amazon MQ

Amazon MQ

Copy the endpoint for Memcached Cluster


Update web application with backend connection credentials. Navigate to src/main/resource in the repo and open with the editor of your choice.

# update the file with the endpoints, username, and password
Enter fullscreen mode Exit fullscreen mode


Build Artifact with Backend information using Maven on your local machine.
Make sure you are in the top level of the folder where the pom.xml is located.
Image description

5. Configure Beanstalk

  • Click Configuration
  • Edit Instances, add EC2 Security Group : Backend service SG and continue.
  • Edit Capacity, Environment type: Load balancer Instances: Min:2 and Max:4 Placement: us-east-1a and us-east-1b Click on continue.
  • Edit Load Balancer Listeners: add lister 443 for HTTPS and select SSL certificate as shown in the diagram below and click https
  • Processes: click on action to edit the default process Scroll down to Health check and add /login as the endpoint and click save. -Click continue endpoint
  • Rolling updates and deployments Deployment policy: Rolling Percentage : 50% and click on continue.
  • Security: select key pair and Create instance profile and click Continue.

The simple application created earlier enable beanstalk to create the instance profile for us.

You should also add an email for notification.
Click on apply all changes and confirm


After the changes are applied the Health would be serve as shown in the diagram below. This is because of the endpoint /login we added, however the current application does not have this endpoint but our application does.


Deploy the Application

  • Click on Upload and deploy
  • Click choose file : Select the build vprofile-v2.war file from your machine. (located in the targets folder)
  • Enter Labal version: v2


Next, Update backend security group

  • Add rabbit MQ, elasticache and RDS MYSQL ports - 3306, 11211 and 5671 to Security Group created by beanstalk.

SG updated
Note, Elastic beanstalk would create two SGs, check the names and make sure you are not pointing to the Load balancer SG

  1. Update Entry in Route 53 Hosted Zone

Route 53

  1. Test The URL



Username: Admin_vp
Password: Admin_vp

Note: Incase you face any issues while uploading your artifact, disable your anti-virus software and try the upload again.

Source: visualpath

As always, I look forward to getting your thoughts on this article. Please feel free to leave a comment!

Top comments (0)