Deploying a Python Flask Web Application on AWS Cloud ☁️


To start this tutorial, you will need to sign up for a free tier account with AWS. You can do it here. Make sure you create an IAM role with Administrator access and sign in using that IAM role. It is not wise to work from your root AWS account. In fact, it is recommended that you create an IAM role for all of your specific uses, like for instance, doing this tutorial. But, for now, let’s just keep things simple and work from the admin IAM role.


From the EC2 console, click on the “Launch Instance” button. Choose the “AWS Linux 2 AMI” machine image and make sure it’s “free-tier” eligible. Click “Select” and then choose “t2.micro” as the type of your instance, which again should be “free-tier” eligible. Now, click on “Next: Configure Instance Details”. Here, you need to leave all of the configuration as it is, except the IAM role for your instance. Let’s create a new IAM role for our specific use. Click on “Create IAM role” next to the IAM field. This will open the IAM console in a new browser tab.

"Version": "2012-10-17",
"Statement": [
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"Resource": "arn:aws:s3:::dcp-685169213993-eu-west-2-logs"
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"Resource": "*"
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"Resource": "arn:aws:s3:::dcp-685169213993-eu-west-2-logs/session-manager/*"


We’ll connect to the EC2 instance using a session manager. Select the instance and click on “Connect” and select the Session Manager option and click on the “Connect” button. This should open a CLI in a new tab. Switch to the “sudo” user by typing in:

$ sudo su
$ yum update -y
$ yum install -y git docker
$ mkdir /apps
$ cd /apps
$ git clone
$ cd simple-dockerised-flask-app
$ systemctl start docker
$ docker build -t app:latest .
$ docker run -d -p 80:90 -t app:latest
$ curl localhost:80


Security groups allow us to control traffic that goes in and out of one or more of our instances. You can add one or multiple security groups to an instance. You can assign inbound and outbound rules to the security group allowing specific type of traffic using specific protocols coming from specific sources and hitting specific ports of our instance. Or you can just allow all traffic from anywhere. The same applies to outbound traffic. It essentially “acts as a virtual firewall” as described by AWS.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store