A step-by-step guide for AWS EC2 provisioning using Terraform: HA, CloudFront, WAF, Custom Domain name, and SSL Certificate — Part 2

This paper explores two main approaches for integrating AWS WAF with EC2 instances: Application Load Balancers (ALB) and CloudFront. While CloudFront with WAF is cost-effective for static content delivery with basic edge filtering, ALB with WAF offers a more robust solution for dynamic content, advanced traffic management, and comprehensive security. The optimal approach depends on your application’s content mix and prioritization between cost and features. Even a hybrid CloudFront-ALB architecture with WAF integration can be considered for complex scenarios.

To enhance readability, this handbook is divided into chapters and split into parts. The first, part, “A step-by-step guide for AWS EC2 provisioning using Terraform: HA, ALB, VPC, and Route53 — Part 1”, and the second part “A step-by-step guide for AWS EC2 provisioning using Terraform: HA, CloudFront, WAF, and SSL Certificate — Part 2”, and “A step-by-step guide for AWS EC2 provisioning using Terraform: Cloud Cost Optimization, AWS EC2 Spot Instances — Part 3”, was covered in a separate article to keep the reading time manageable and ensure focused content. The next part or chapter will be published in the next post, upcoming in a few days, “A step-by-step guide for AWS EC2 provisioning using Terraform: VPC peering, VPN, Site-to-site Connection, tunnels ( multi-Cloud ) — Part 12“ and so much more !!

Table of Contents

· Table of Contents
∘ There are two main approaches to connecting AWS WAF to your EC2 instance
∘ CloudFront, WAF, and SSL Configuration using Terraform
· Steps to Deploy
· Conclusion
· About me
· References

There are two main approaches to connecting AWS WAF to your EC2 instance

Application Load Balancer (ALB): This is the recommended approach for most scenarios. ALB operates at the application layer (layer 7) and allows for advanced routing and health checks for your EC2 instances. Here’s how it works: