DEV Community

Cover image for Day 15: Setting Up Your AWS Environment for Lift & Shift
Kanavsingh
Kanavsingh

Posted on

Day 15: Setting Up Your AWS Environment for Lift & Shift

Welcome Back to My DevOps Journey!

Hello everyone! Welcome to Day 15 of my 30-day DevOps journey. Yesterday, we discussed the concept of Lift & Shift and how it enables rapid cloud migration with minimal modifications to existing applications. Today, I’ll be diving into the practical aspects of setting up an AWS environment to support a Lift & Shift migration, based on Section 12 of Imran Teli's "DevOps Beginners to Advanced with Projects" course.

Preparing Your AWS Environment
Setting up your AWS environment correctly is crucial for a successful Lift & Shift migration. This involves configuring key components such as VPCs, EC2 instances, security groups, and IAM roles to replicate your existing on-premises environment in the cloud.

Key Components to Set Up

  1. Virtual Private Cloud (VPC) What It Is: A VPC is a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define.

Setup Steps:
Create a VPC: Define the IP address range (CIDR block) for your VPC. A typical setup might include a /16 CIDR block, which provides a large number of IP addresses.
Subnets: Create public and private subnets within the VPC. Public subnets are for resources that need internet access, while private subnets are for internal resources like databases.
Internet Gateway: Attach an internet gateway to your VPC to enable internet access for resources in public subnets.
Route Tables: Configure route tables to manage traffic between subnets and the internet gateway.

  1. EC2 Instances
    What It Is: Amazon EC2 provides resizable compute capacity in the cloud, making it easy to scale up or down as needed.
    Setup Steps:
    Choose an AMI: Select an Amazon Machine Image (AMI) that closely matches your existing server configuration. For example, if your on-premises servers are running Ubuntu, choose a similar Ubuntu AMI.
    Instance Type: Choose an instance type that matches your current server’s compute and memory requirements. Consider using T3 or T3a instances for general-purpose workloads.
    Key Pair: Create or use an existing key pair for SSH access to your instances.
    Security Groups: Configure security groups to control inbound and outbound traffic. For instance, allow SSH access on port 22 and HTTP/HTTPS access on ports 80 and 443.

  2. Security Groups and Network ACLs
    What They Are: Security groups act as virtual firewalls for your instances, controlling inbound and outbound traffic at the instance level. Network ACLs provide an additional layer of security at the subnet level.
    Setup Steps:
    Security Groups: Define rules to allow necessary traffic, such as SSH (port 22) for remote management, HTTP/HTTPS (ports 80/443) for web traffic, and database access on appropriate ports (e.g., 3306 for MySQL).
    Network ACLs: Set up network ACLs to provide stateless filtering of traffic at the subnet level, allowing or denying traffic based on your organization’s security policies.

  3. IAM Roles and Policies
    What They Are: IAM roles and policies are used to manage permissions for AWS resources. They help you securely control access to AWS services.
    Setup Steps:
    Create IAM Roles: Define roles that allow EC2 instances or other AWS services to interact with each other. For example, create a role that allows EC2 instances to access S3 buckets for backup storage.
    Attach Policies: Attach managed or custom policies to your IAM roles to define the level of access granted. For instance, you might attach the AmazonS3FullAccess policy to an IAM role used by EC2 instances that need full access to S3.
    Practical Application: Replicating Your On-Premises Environment
    Now that you’ve set up the key components of your AWS environment, you can begin replicating your on-premises environment in the cloud:

Launch EC2 Instances: Deploy EC2 instances in your public and private subnets based on your current server configurations.
Configure Security: Apply the appropriate security groups and network ACLs to protect your instances and data.
Networking: Set up VPC peering if you need to connect multiple VPCs or enable communication between different environments.
Data Migration: Begin migrating data to S3, and databases to RDS using AWS DMS or other migration tools.
My Learning Experience
Today’s setup phase has been a crucial step in ensuring a successful Lift & Shift migration. Properly configuring the AWS environment is vital for replicating the on-premises infrastructure in the cloud while maintaining security, performance, and scalability. This hands-on experience has deepened my understanding of how AWS’s networking, compute, and security services work together to support complex cloud migrations.

What’s Next?
Tomorrow, I’ll start the actual process of migrating applications to the AWS cloud using the Lift & Shift strategy. This will involve moving data, applications, and databases to their new cloud environment, testing them, and optimizing performance.

Connect with Me
Feel free to connect with me on LinkedIn for more updates and to join the conversation. Let’s continue learning and growing together in this exciting journey through DevOps!

Top comments (0)