šØ I Deployed My First Cloud Serverā¦ and Almost Left It Wide Open (Beginner Friendly Guide)
Hi, Iām Betini Akarandut, a Backend/DevOps Engineer at TracTrac MSL (tractrac.co), where I architect, build, and scale backend systems powering Nigeriaās leading agricultural mechanization and logistics platform. I specialize in building scalable APIs, real-time data pipelines, and AI-driven workflows using Django REST Framework, FastAPI, NodeJS, PostgreSQL, Celery, Redis, and Kafka. With a strong focus on TDD, CI/CD, and Agile/Scrum practices, I deliver production-ready software that scales. šØš¾āš» What Iāve built: AI & LLM Integration: Integrated OpenAI with LangChain to power simulation feedback and certificate issuance in Job Simulator AI. Background Task Orchestration: Deployed Celery + Redis for certificate requests, tractor leasing workflows, and high-throughput event handling. Real-Time & IoT Systems: Used Kafka, Socket.IO, and TimescaleDB to enable persistent messaging, real-time GPS tracking, and geofencing. TDD & Quality: Championed test-driven development with Pytest + Flake8, improving release confidence and reducing regression bugs. Agile Collaboration: Delivered features through Scrum sprints (GitLab Boards, Jira), actively contributing to planning, reviews, and code quality. Deployment & Scale: Managed CI/CD pipelines on Render and Azure, with experience planning migration paths to Kubernetes/GCP. š± I began in Chemical Engineering before transitioning into backend engineering, driven by a passion for solving real-world problems with technology. Today, I focus on designing systems that are not only technically sound but also impactful to communities. š Passions: āØ Building scalable, practical systems at the intersection of APIs, data, and AI āØ Leveraging LLMs and LangChain for intelligent, workflow-driven applications āØ Empowering communities through real-time systems and IoT integration āØ Teaching, mentoring, and supporting developer growth āØ Exploring decentralized applications for real-world impact š Beyond my current role, Iāve built: Scalable APIs with Django & FastAPI Contentful CMS & Certifier.io integrations for digital certifications OTP-based Gmail API authentication flows Two Python packages for automation & data manipulation A YouTube server clone to sharpen system design skills
Most beginners learning AWS make the same dangerous mistake.
They launch an EC2 instanceā¦ Open all portsā¦ And unknowingly expose their server to the entire internet.
I almost did the same.
But while learning EC2 and Security Groups, I realized something powerful:
In AWS, security is YOUR responsibility.
This post will walk you through:
What EC2 really is (without confusing jargon)
How Security Groups actually protect you
A real-world mini project (deploying a live website)
Clean diagrams you can visualize instantly
This diagram summarizes everything weāll build in this post.
āļø What EC2 REALLY Is (No Buzzwords)
Forget definitions.
Think of EC2 like this:
š You are renting a computer in another country.
š You can turn it on/off anytime.
š You control everything inside it.
Thatās it.
ā ļø The Mistake That Can Cost You
When I first launched an EC2 instance, I saw this option:
Allow: 0.0.0.0/0
It looked harmless.
But it actually means:
"Allow ANYONE on the internet to access this port"
Thatās when Security Groups became real to me.
Security Groups = Your Cloud Firewall
Security Groups decide:
Who can enter your server
Which doors (ports) are open
Simple Mental Model
Internet ā Security Group ā EC2 Server
If the Security Group blocks it ā it NEVER reaches your server.
The Only Ports You Should Care About (As a Beginner)
| Port | Purpose |
|---|---|
| 22 | SSH (connect to server). Linux |
| 21 | FTP (File Transfer Protocol) |
| 80 | HTTP (website) |
| 443 | HTTPS (secure website) |
| 3389 | RDP (Remote Desktop Protocol) . Connecting to Windows EC2 instances |
REAL PROJECT: Deploy a Live Website on EC2
This is where most tutorials stop being useful.
Letās actually build something.
šŖ Step 1: Launch EC2 Instance
Choose: Amazon Linux
Instance type: t3.micro (It can be t2.micro for you, depending on your region)
Create key pair ( and download the '.pem' file for later use)
š Step 2: Configure Security Group (CRITICAL)
Add ONLY these rules:
SSH Access
Port: 22
Source: Your IP only
HTTP Web Access
Port: 80
Source: 0.0.0.0/0
āļø Step 3: Auto-Install Web Server (User Data)
Paste this during launch: This is a one time script that runs at launch of the instance.
#!/bin/bash
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "<h1>Deployed from AWS EC2 š</h1>" > /var/www/html/index.html
š Step 4: Access Your Website
Copy your EC2 public IP ā paste in browser
Boom.
You now have a LIVE website.
š§ What Just Happened (Architecture)
User Browser
ā
Internet
ā
Security Group (checks rules)
ā
EC2 Instance (Apache running)
ā
Returns your webpage
Production Insight (This Is What Makes You Stand Out)
Beginners do this:
Open all ports
Use access keys inside servers
Ignore cost tracking
Professionals do this:
Restrict SSH to specific IP
Use IAM Roles (NOT access keys)
Set AWS Budgets alerts
š IAM Roles vs Access Keys (Real Talk)
If you remember ONE thing from this post:
Never store AWS access keys inside your EC2 server.
Use IAM Roles instead.
Why?
Temporary credentials
Automatically rotated
Much safer
Donāt Skip This (Budget Setup)
Before doing anything serious in AWS:
Set a budget alert.
Because cloud bills donāt warn you ā they surprise you.
šÆ Final Takeaway
Learning AWS isnāt about memorizing services.
Itās about understanding:
How systems connect
Where security boundaries exist
How real applications are deployed
š What Iām Learning Next
Load Balancers
Auto Scaling
VPC Networking
š¬ If Youāre Starting Cloud/DevOps
Donāt just watch tutorials.
Build things. Break things. Fix things.
Thatās how this finally starts making sense.
Final Note
If this helped you even a little, youāre already ahead of most beginners.
Iāll keep sharing as I go deeper into AWS.
Letās build in public āļøš„
