❯ebinitTodoApplication-backendSelectadefaultregion1) us-east-1 : US East (N.Virginia)2) us-west-1 : US West (N.California)3) us-west-2 : US West (Oregon)4) eu-west-1 : EU (Ireland)5) eu-central-1 : EU (Frankfurt)6) ap-south-1 : Asia Pacific (Mumbai)7) ap-southeast-1 : Asia Pacific (Singapore)8) ap-southeast-2 : Asia Pacific (Sydney)9) ap-northeast-1 : Asia Pacific (Tokyo)10) ap-northeast-2 : Asia Pacific (Seoul)11) sa-east-1 : South America (SaoPaulo)12) cn-north-1 : China (Beijing)13) cn-northwest-1 : China (Ningxia)14) us-east-2 : US East (Ohio)15) ca-central-1 : Canada (Central)16) eu-west-2 : EU (London)17) eu-west-3 : EU (Paris)18) eu-north-1 : EU (Stockholm)19) eu-south-1 : EU (Milano)20) ap-east-1 : Asia Pacific (HongKong)21) me-south-1 : Middle East (Bahrain)22) af-south-1 : Africa (CapeTown)(defaultis3):10Selectaplatform.1) .NET Core on Linux2) .NET on Windows Server3) Docker4) GlassFish5) Go6) Java7) Node.js8) PHP9) Packer10) Python11) Ruby12) Tomcat(makeaselection):6Selectaplatformbranch.1) Corretto 11 running on 64bit Amazon Linux 22) Corretto 8 running on 64bit Amazon Linux 23) Java 8 running on 64bit Amazon Linux (Deprecated)4) Java 7 running on 64bit Amazon Linux (Deprecated)(defaultis1):2CannotsetupCodeCommitbecausethereisnoSourceControlsetup,continuingwithinitializationDoyouwanttosetupSSHforyourinstances?(Y/n):n
packagecom.todoweb.todoSpringApp.controller;importorg.springframework.web.bind.annotation.GetMapping;importorg.springframework.web.bind.annotation.RestController;@RestControllerpublicclassHealthCheckController { @GetMapping("/")publicStringhealthCheck() {return"The server is up and running..."; }}
❯ebinitTodoApplication-frontendSelectadefaultregion1) us-east-1 : US East (N.Virginia)2) us-west-1 : US West (N.California)3) us-west-2 : US West (Oregon)4) eu-west-1 : EU (Ireland)5) eu-central-1 : EU (Frankfurt)6) ap-south-1 : Asia Pacific (Mumbai)7) ap-southeast-1 : Asia Pacific (Singapore)8) ap-southeast-2 : Asia Pacific (Sydney)9) ap-northeast-1 : Asia Pacific (Tokyo)10) ap-northeast-2 : Asia Pacific (Seoul)11) sa-east-1 : South America (SaoPaulo)12) cn-north-1 : China (Beijing)13) cn-northwest-1 : China (Ningxia)14) us-east-2 : US East (Ohio)15) ca-central-1 : Canada (Central)16) eu-west-2 : EU (London)17) eu-west-3 : EU (Paris)18) eu-north-1 : EU (Stockholm)19) eu-south-1 : EU (Milano)20) ap-east-1 : Asia Pacific (HongKong)21) me-south-1 : Middle East (Bahrain)22) af-south-1 : Africa (CapeTown)(defaultis3):10ApplicationTodoApplication-frontendhasbeencreated.ItappearsyouareusingNode.js.Isthiscorrect?(Y/n):ySelectaplatformbranch.1) Node.js 16 running on 64bit Amazon Linux 22) Node.js 14 running on 64bit Amazon Linux 23) Node.js 12 running on 64bit Amazon Linux 2 (Deprecated)4) Node.js 10 running on 64bit Amazon Linux 2 (Deprecated)5) Node.js running on 64bit Amazon Linux (Deprecated)(defaultis1):2CannotsetupCodeCommitbecausethereisnoSourceControlsetup,continuingwithinitializationDoyouwanttosetupSSHforyourinstances?(Y/n):❯ebinitTodoApplication-frontendCannotsetupCodeCommitbecausethereisnoSourceControlsetup,continuingwithinitializationDoyouwanttosetupSSHforyourinstances?(Y/n):n
6.4.2 eb create를 이용한 애플리케이션 배포
❯ebcreate--elb-typeapplication--instance-typet2.microEnterEnvironmentName(defaultisTodoApplication-frontend-dev):EnterDNSCNAMEprefix(defaultisTodoApplication-frontend-dev):TODOWEB-REACTWouldyouliketoenableSpotFleetrequestsforthisenvironment? (y/N): nCreatingapplicationversionarchive"app-220315_002104127825".Uploading: [---------------------------------------Uploading: [###------------------------------------Uploading: [######---------------------------------Uploading: [########-------------------------------Uploading: [###########----------------------------Uploading: [##############-------------------------Uploading: [#################----------------------Uploading: [###################--------------------Uploading: [######################-----------------Uploading: [#########################--------------Uploading: [############################-----------Uploading: [###############################--------Uploading: [#################################------Uploading: [####################################---Uploading: [#######################################Uploading: [#######################################Uploading: [#######################################Uploading: [#######################################Uploading: [##################################################] 100% Done...
Environmentdetailsfor:TodoApplication-frontend-devApplicationname:TodoApplication-frontendRegion:ap-northeast-2DeployedVersion:app-220315_002104127825EnvironmentID:e-p6yipvqbrdPlatform:arn:aws:elasticbeanstalk:ap-northeast-2::platform/Node.js14runningon64bitAmazonLinux2/5.5.0Tier:WebServer-Standard-1.0CNAME:TODOWEB-REACT.ap-northeast-2.elasticbeanstalk.comUpdated:2022-03-1507:21:38.883000+00:00PrintingStatus:2022-03-1507:21:37INFOcreateEnvironmentisstarting.2022-03-15 07:21:39 INFO Using elasticbeanstalk-ap-northeast-2-436991251381 as Amazon S3 storage bucket for environment data.
2022-03-15 07:22:00 INFO Created target group named: arn:aws:elasticloadbalancing:ap-northeast-2:436991251381:targetgroup/awseb-AWSEB-1RFO8GOEU7W59/6b388c7b388805f0
2022-03-1507:22:00INFOCreatedsecuritygroupnamed:sg-0b76a4275006b8b4f2022-03-1507:22:16INFOCreatedsecuritygroupnamed:awseb-e-p6yipvqbrd-stack-AWSEBSecurityGroup-J7TAPLTJBJ182022-03-15 07:22:16 INFO Created Auto Scaling launch configuration named: awseb-e-p6yipvqbrd-stack-AWSEBAutoScalingLaunchConfiguration-H8umFripfbeZ
2022-03-15 07:23:17 INFO Created Auto Scaling group named: awseb-e-p6yipvqbrd-stack-AWSEBAutoScalingGroup-HOZH7WHUCJ2W
2022-03-1507:23:18INFOWaitingforEC2instancestolaunch.Thismaytakeafewminutes.2022-03-15 07:23:18 INFO Created Auto Scaling group policy named: arn:aws:autoscaling:ap-northeast-2:436991251381:scalingPolicy:fe2cb749-714e-440a-a345-b889f776f86b:autoScalingGroupName/awseb-e-p6yipvqbrd-stack-AWSEBAutoScalingGroup-HOZH7WHUCJ2W:policyName/awseb-e-p6yipvqbrd-stack-AWSEBAutoScalingScaleDownPolicy-1FNMDGSFKI763
2022-03-15 07:23:18 INFO Created Auto Scaling group policy named: arn:aws:autoscaling:ap-northeast-2:436991251381:scalingPolicy:29ed2050-a2a9-4745-90b6-686bfbf2a4d2:autoScalingGroupName/awseb-e-p6yipvqbrd-stack-AWSEBAutoScalingGroup-HOZH7WHUCJ2W:policyName/awseb-e-p6yipvqbrd-stack-AWSEBAutoScalingScaleUpPolicy-14CFWVTERE2GT
2022-03-15 07:23:18 INFO Created CloudWatch alarm named: awseb-e-p6yipvqbrd-stack-AWSEBCloudwatchAlarmLow-1HHHJBOR3E2N9
2022-03-15 07:23:18 INFO Created CloudWatch alarm named: awseb-e-p6yipvqbrd-stack-AWSEBCloudwatchAlarmHigh-GNV4XXPLJYHI
2022-03-15 07:23:33 INFO Created load balancer named: arn:aws:elasticloadbalancing:ap-northeast-2:436991251381:loadbalancer/app/awseb-AWSEB-W7TXB7BKRZQD/d0d3508d29326e5a
2022-03-15 07:23:36 INFO Created Load Balancer listener named: arn:aws:elasticloadbalancing:ap-northeast-2:436991251381:listener/app/awseb-AWSEB-W7TXB7BKRZQD/d0d3508d29326e5a/88dee002a64f7916
2022-03-15 07:23:50 INFO Instance deployment: You didn't specify a Node.js version in the 'package.json' file in your source bundle. The deployment didn't install a specific Node.js version.
2022-03-1507:23:53INFOInstancedeploymentcompletedsuccessfully.2022-03-1507:24:59INFOApplicationavailableatTODOWEB-REACT.ap-northeast-2.elasticbeanstalk.com.2022-03-1507:24:59INFOSuccessfullylaunchedenvironment:TodoApplication-frontend-dev
6.4.3 크로스-오리진 문제
6.5 Route 53 도메인 설정
인증과 인가를 구현할 때 JWT는 반드시 HTTPS와 사용해야 한다.
HTTPS 인증서를 받기 이전에 도메인을 구입해야 하는데, 인증서는 자기 자신이 소유한 도메인에 대해서만 추가할 수 있기 때문이다.
6.5.1 도메인 구매
Route 53
도메인과 호스팅 관리를 도와주는 서비스
AWS console → Route 53
도메인 등록
도메인 구매
6.5.2 호스팅 영역 생성
AWS console → Route 53 → 왼쩍 탭에서 호스팅 영역 추가
구매한 도메인 이름 기입하고 호스팅 영역 생성 버튼 클릭
호스트 영역
DNS 영역 파일
DNS 영역이란 DNS spdlatmvpdltm wmr, <도메인 이름>이 관리할 영역
DNS 영역을 생성하는 이유는 여러 개의 레코드를 한 곳에서 관리하기 위해서임
레코드
이름과 IP를 연결해 놓은 파일 혹은 엔트리
여러 종류가 존재
호스트 영역을 생성하면 SOA와 NS가 각각 하나씩 자도 ㅇ생성
SOA (Start of Aututhority) 레코드 : 이 영역을 관리하는 관리자의 정보를 가지고 있음
NS (Name Server) 레코드 : 해당 도메인
A 레코드 : 해당 도메인으로 프론트엔드 도메인 혹은 백엔드 도메인을 특정 IP 또는 다른 도메인(로드 밸런서의 도메인)으로 연결하는 레코드
서브 도메인 추가 (프론트, 백)
레코드 생성
단순 라우팅 선택
로드 밸런서의 이름은 AWS 콘솔 → EC2 → 로드밸런서에서 확인
6.5.3 백엔드 재배포
http://<도메인>, https://<도메인> 추가하연 CORS 문제 해결
6.5.4 프론트엔드 재배포
http://<도메인>, https://<도메인> 추가하연 CORS 문제 해결 (프론트, 백)
6.6 백엔드/프론트엔드 AWS Certificate Manager 를 이용한 https설정
6.6.1 인증서 요청
AWS console → Certificate Manager
인증서 프로비저닝의 시작하기 또는 인증서 요청
공인 인증서 요청
*.<도메인이름> 기입
DNS 검증
확인 및 요청
이후 테이블에 검증 보류 상태의 도메인 이름이 추가 된다. 이 레코드를 검증하려면 Route 53에서 레코드를 생성해야 한다.
Route 53에서 레코드 생성 버튼을 클릭
6.6.2 백엔드 애플리케이션 HTTPS 설정
AWS console → Elastic Beanstalk
환경창 → 백엔드 애플리케이션 → 구성
로드 밸런서 → 편집 → 리스너 추가
HTTPS가 있으니 HTTP, 즉 80포트를 비활성화
적용 클릭
6.6.3 프론트엔드 애플리케이션 HTTPS 설정
AWS console → Elastic Beanstalk
환경창 → 프론트엔드 애플리케이션 → 구성
로드 밸런서 → 편집 → 리스너 추가
HTTPS가 있으니 HTTP, 즉 80포트를 비활성화
적용 클릭
여기까지 ACM으로 SSL 인증서를 만들고 인증서를 로드 밸런서에 추가하였다.
이제 백엔드와 프론트엔드 API 모두 HTTPS로만 접근할 수 있으며, JWT를 네트워크 중간에 누가 가로채로 암호화됐기 때문에 토큰을 사용할 수 없다