The three-tier architecture is the most popular implementation of a multi-tier architecture when architecting an application consisting of a web server that hosts all the static contents (HTML, CSS, Javascript and Images), the Business logic layer is built using Lambda functions fronted by API Gateway APIs, and database layer used for data storage.

The following illustration shows an example of a generic three-tier application in the AWS cloud.

Each of these layers does a specific task and can be managed independently of each other. This is a shift from the monolithic way of building an application where the frontend, the backend and the database are both sitting in one place and a failure of a single component can affect the performance of the whole application.


High-Availability: This is the ability of a system to operate continuously without failure for a designated period of time. If a natural disaster such as an earthquake or flood ever occurred and affected a data centre hosting our application, our application will not be available. With AWS, we can design our infrastructure to be by hosting it in another Availability Zone.

Fault-Tolerance: We need our infra to scale vertically by adding or removing instances depending on the traffic volume. We achieve this by using an AutoScaling group and it also helps by cut costing since instances are shut down when they are not in use.

Modularity: With modularity, teams can focus on different tiers of the application and changes made as quickly as possible. Also, modularization helps us recover quickly from an unexpected disaster by focusing solely on the faulty part.

Scalability: Each tier of the architecture can scale horizontally to support the traffic and request demand coming to it. This can easily be done by adding more EC2 instances to each tier and load balancing across them.

Security: This is an integral part of a well-architected framework to ensure that our infrastructure is protected from attacks by hackers. We want to avoid exposing our interactions within the application over the internet. The backend and the database tier will be in the private subnet because we do not want to expose them over the internet. We will set up the Bastion host for remote SSH and a NAT gateway for our private subnets to access the internet. The AWS security group helps limit access to instances.


Creating a Three-Tier Web Application is an insanely complex process and involves a lot of clicking in the Management Console, however, there is an easier option of automating the whole process using IaC tools such as Terraform or CloudFormation.

Here is the CloudFormation template code.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store