Pink Tree Health
Project Summary
Pink Tree Health LLP is aligned with vision and mission for digital health. Their mission is to create a patient support ecosystem focused on delivering better respiratory health to the patient, by engaging diverse set of healthcare professionals, enabled by technology. The name of the firm denotes our unwavering focus on healthy lungs. The Pink Tree is the “respiratory tree” within our body. Healthy lungs are pink in colour. Thus, the name “Pink Tree”. They want their infrastructure must have Scalability and Rapid Elasticity, cost effective, Security, Flexibility, Measured and Reporting Service as well as Easy Maintenance. They want to deploy the resources to host the web application and Database on EC2 server keeping the necessary security measures in concern on AWS Cloud.
Team Members
- Akshay Kenny
- Smit Mehta
- Saylee Chavan
- Omkar Shinde
- Juhi Bhadouria
Estimated Time
Project starts from July 2023 and successful completion in October 2023.
Description
We created a new AWS account for Pink Tree Health LLP. We established a Virtual Private Cloud (VPC) in the Mumbai region, configured subnets, set up an Internet Gateway, created a NAT Gateway, and defined route tables to enable server connectivity.
In the public subnet, we deployed a Bastion Host server to facilitate connections to servers in the private subnet. In the private subnet, we deployed an EC2 instance running Ubuntu 20.04, installed the necessary software and dependencies, and performed thorough testing to ensure proper configuration before handing over the servers to the client for verification.
With the successful completion of the initial configuration, we proceeded to deploy an Application Load Balancer (ALB), implement Web Application Firewall (WAF), and established connections using security groups and routing tables in accordance with the client’s requirements.
We also secured the EC2 instance by restricting access and allowing traffic only for individual IPs with the custom port using security groups. To restrict service-level access for users.
According to their role, we used AWS managed and custom policies within IAM. Additionally, we enabled Multi-factor Authentication (MFA) for all IAM users to enhance account-level security and prevent misuse of individual user credentials. Added extra level of security we restricted the traffic for other countries except India using AWS Web application firewall (WAF).
We created an S3 bucket for data storage and configured a daily database backup plan to store backups in S3. This setup is designed to ensure fast data recovery in the event of a critical situation or disaster recovery (DR) scenario. Additionally, we implemented a retention policy for the AWS backup plan to help manage costs effectively.
To monitor the health of the servers, we set up CloudWatch (CPU, Memory, Disk & Network Out) alerts, and we created budget alerts to monitor monthly consumption and billing.
Infrastucture Diagram
AWS Services used
Virtual private cloud (VPC)
Elastic compute cloud (EC2)
Elastic Load Balancing
Identity and access management (IAM)
AWS Web Application Firewall (WAF)
Amazon Simple Storage Service (S3)
Amazon Elastic Block Store (EBS)
CloudWatch
Benefits:
Scalability And Rapid Elasticity
Resiliency And Availability
On-Demand Self-Service
Easy Maintenance
Security
Flexibility
Work From Any Location