AWS Multi-Tenant Deployment Guide
This AWS Multi-Tenant deployment guide covers setting up an Elastic Beanstalk environment, configuring AWS RDS for SQL Server, and ensuring seamless multi-tenant database management.
We’ll use an Elastic Beanstalk environment in Amazon Web Service (AWS) to run our application and deploy a multi-tenant web application with separate tenant databases.
Using the Nano ASP.NET Boilerplate CLI tool, you can instantly generate new multi-tenant web applications with single-database or per-tenant database multi-tenancy.
In this guide, we’ll generate an app with per-tenant (multi DB) multi-tenant architecture and deploy it to AWS.
If you don’t have the Nano Boilerplate, you can use the simple multi-tenant app from these guides on building multi-tenant application with .NET: Part 1 and Part 2. The steps will be the same.
Create a New Multi-Tenant Application
Either from the command line with dotnet new nano or by creating a new project in Visual Studio, create a new multi-tenant application with per-tenant databases. Leave the multi-tenancy option to default (multi DB).
The default connection string will be set for a local SQL Server instance with the name of the database being the same name as the project. You can edit this in appsettings.json
At this point, we have a multi-tenant app that will create new databases for new tenants on a local SQL server host. There’s just one issue… this only works locally.
To run our app in AWS, we’ll use the Relational Database Service (Amazon RDS).
What is Amazon Relational Database Service (Amazon RDS)?
Amazon Relational Database Service (Amazon RDS) is a web service that simplifies the process of setting up, operating, and scaling a relational database in the AWS Cloud. It offers cost-effective, scalable capacity for an industry-standard relational database and handles common database administration tasks.
Learn more about AWS RDS: What is Amazon Relational Database Service (Amazon RDS)? – Amazon Relational Database Service
Setup an AWS RDS Instance for SQL Server
To set up an AWS RDS Instance for SQL Server, log into your AWS account and use the search bar to find RDS.
Then, navigate to the Amazon RDS resources page and click on “Create Database” to create a new RDS database instance, which will be our SQL Server.
In the “Engine type” section, select “Microsoft SQL Server” and then choose “Amazon RDS” for the database management type. For this demonstration, we will opt for “SQL Server Express Edition,” but please select the edition that best suits your needs. Next, choose the engine version you prefer; it’s always best to select the latest engine version.
In the Templates section, choose the Free tier since we are planning to create a demo application.
Next, fill up the Setting Form
- DB Instance Identifier:
- Enter a unique name for your DB instance. This name must be unique across all DB instances owned by your AWS account in the current AWS region.
- Master Username:
- Choose a login ID for the master user of your DB instance. This should be between 1 to 16 alphanumeric characters, starting with a letter.
- Master Password Management:
- You have two options:
- Managed in AWS Secrets Manager: AWS will generate and manage the password for you, which is the most secure option.
- Self-Managed: You can create your password or have RDS create one for you. Note that managing the master user credentials in AWS Secrets Manager may incur additional charges.
- You have two options:
- Encryption Key:
- Select the encryption key for your database. You can use the default key created by Secrets Manager or a customer-managed key that you create.
In our case will let AWS generate a password by selecting Managed in AWS Secrets Manage next select the default AWS encryption key.
We need to set up our instance configuration and storage. We will select the instance size ‘db.t3.small’ and choose ‘General Purpose SSD (gp2)’ as the Storage type in the Storage section. We will allocate 20 GB of storage for our DB instance.
In the final step, we must set up the Connectivity section to connect our application to the DB instance. We should choose the Virtual Private Cloud (VPC) by selecting “Create new VPC” and selecting “Yes” for Public access. Finally, we can create the DB Instance by clicking on “Create Database”.
Getting RDS Credentials Details
Next, you will need the RDS instant connection credentials. Shortly after clicking “Create Database,” you will see a notification with a button labeled “View credential details” at the top right corner of the page.
Click on “View credential details” and then “Retrieve secret value” to reveal the RDS instance username and password, generated by AWS.
Copy them somewhere since we’ll need them when changing the connection string of our application inside Visual Studio.
Building our new Connecting String to connect to AWS RDS
Let’s navigate back to the AWS RDS page by typing “RDS” in the search bar and selecting the RDS service from the menu.
Then use DB instances to access our newly created database instance.
In the “Instance” table, select the “nanosqlsrv” instance as needed.
In our Db Instance page, under the “Connectivity & Security” tab, you’ll see the RDS endpoint that we’ll need to build our new connection string in appsettings.json
Now that we have all the information we need to connect to our RDS your new connection string should look like this:
"DefaultConnection": "Data Source={Your RDS Endpoint };Initial Catalog=NanoAWSDb; User ID={Your RDS Username };Password={Your RDS Generated Password}; TrustServerCertificate=True;"
We can test the connection by running the application locally. All initial database migrations should be applied to our remote database created in AWS RDS. However, you will need to create a security group rule to allow your IP address to connect to your RDS. Please follow these instructions to allow your IP address in AWS: Create a security group for your Amazon EC2 instance – Amazon Elastic Compute Cloud
Deploying the application to AWS Elastic Beanstalk
Amazon Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.
Upload your code and Elastic Beanstalk automatically handles the deployment—from capacity provisioning, load balancing, and auto-scaling to application health monitoring.
You can read more about it here: Web App Deployment – AWS Elastic Beanstalk – AWS.
Install AWS Toolkit in Visual Studio
To easily deploy our application inside Visual Studio we’ll use the AWS Toolkit extension for Visual Studio. In the Visual Studio, click “Extension” on the top menu bar, then “Manage Extension”.
Please make sure to follow these steps:
1. Go to the Extension Manager’s tab and use the search field on your left to type “AWS” to look for the AWS Toolkit. Then, click on “Install.”
2. After that, close Visual Studio to start the installation process.
3. Once the installation is complete, reopen the project in Visual Studio.
Once Visual Studio is fully open, click on “Extensions” in the top menu bar, then hover over “AWS Toolkit” and click on “Get Started”.
Visual Studio will guide you through connecting your AWS account to the Toolkit.
Publishing the Application Using the AWS Toolkit Extension
In the project explorer on the right side of Visual Studio, select the web api project “NanoAWS.WebApi” and perform a right click then select “Publish to AWS Elastic Beanstalk (Legacy)”.
Note: We are choosing the legacy version because the new version of “Publish to AWS” is not unstable with many issues to be fixed.
On the Environment page, start by naming out the application, then the environment, and finally the application’s subdomain, and click Next.
Next, We’ll set up our application container environment:
On the AWS Options page, configure additional options and security information for your deployment.
Select The RDS security group we created earlier to allow access to the EC2 (hosting server Instance), Click Next.
- For Container Type, select 64bit Windows Server 2022 running IIS 10.0
- For Instance Type, I’d recommend selecting Medium or Large.
- For the Key pair, select Create new key pair. Type a name for the new key pair—in this example, we use nanotest and click OK. A key pair enables remote desktop access to your Amazon EC2 instances.
- Select Use a non-default VPC
- Let’s select to run our application in a Single instance environment
On the VPC page configure the additional options to allow public access for our application
- Select the VPC ID of the VPC that is running with our RDS since the default VPC doesn’t have access to a public network.
- Select the default security group, Elastic Beanstalk assigns an Elastic IP address to the instance that lets the instance access the Internet.
- For Instance Subnet Select one of the subnet IDs related to our VPC then click Next.
On the Permissions page select aws-elastic-beanstalk-ec2-role for both roles Deployed Application Permission and Service Permission to grant permissions to our deployed application and for the service to monitor resources, then click Next.
On the Options page set additional build and deployment options for our application.
- For Project build configuration select Debug|Any CPU
- For Framework, select net8.0
- For the App path, Leave it as it is
- Rename the Deployment version label to your liking then click Next
Review all configurations on the Review page then click Next.
After clicking “Deploy,” Visual Studio will initiate the deployment process by building and zipping the application for deployment. It will then open the deployment tab, allowing you to monitor the progression of the deployment.
Once the application is successfully deployed, go back to the AWS portal in the search bar, look for Elastic Beanstalk then click on Application.
You will be directed to the list of deployed applications. Click on the application we just deployed.
You will be directed to the application management and monitoring page, where you can locate the domain of our application. Click on the domain to access our newly deployed application.
Now you can see that the application is available online. Let’s test a new isolated tenant creation through API with Postman.
Testing Multi-Tenant Operations in AWS in Postman
Remember to set hasIsolatedDatabase to true. From the API response, we can see that we have successfully created a new tenant with an isolated database in AWS.
The connection string will be for the new tenant database