Nucleator Cage

Architecture Diagram for a Nucleator Cage

A Nucleator cage corresponds to a Virtual Private Cloud in AWS.  Several subnets are created, two public, two private and two for database instances.  Two EC2 instances are created, the Bastion which accepts incoming SSH requests and enables login to private and public instance machines.  The NAT box performs Network Address Translation for outgoing requests from the machines to the Internet.  CloudFormation stack templates are used to create the cage, so from the AWS Management Console one can see all the resources created with the cage, including Hosted Zones, an Internet gateway, subnets, security groups, route tables, DNS entries in Route53, Elastic IP Addresses and the two EC2 instances mentioned above.