AWS VPC + RDS Migration

Overview

This project focused on taking a database that worked locally and making it production-appropriate in AWS. I designed a custom VPC layout with subnet boundaries and security groups to control access paths. The end result was an application environment connected to RDS through explicit network rules and managed configuration.

Highlights

• Designed VPC networking with separated subnets for cleaner traffic control.
• Configured security groups to allow only required app-to-database paths.
• Migrated schema and data into RDS with environment-specific credentials.
• Validated connectivity and failure cases before treating the setup as stable.

Architecture

• Application tier runs inside VPC and reaches RDS through scoped security groups.
• Private database subnet isolates RDS from direct public internet exposure.
• Environment variables and secret values are separated by deployment target.
• Operational checks cover startup connectivity, migration success, and rollback path.

Key Learnings

• Network diagrams prevent misconfiguration when projects grow beyond one service.
• Least-privilege security group rules make debugging slower at first but safer long term.
• Database migrations need rehearsal in staging to avoid downtime surprises.
• Cloud infrastructure work benefits from repeatable checklists as much as code does.

Outcomes

• Cloud scope: VPC, subnets, security groups, and RDS
• Outcome: Local DB stack migrated to managed AWS database