Using the AWS Blockchain Template for Hyperledger Fabric

Amazon announced the launch of AWS blockchain templates for Ethereum and Hyperledger Fabric in 2018. The introduction of AWS blockchain template for Hyperledger Fabric has completely transformed the perception of blockchain-based cloud offerings. AWS blockchain templates help developers in setting up their blockchain infrastructure faster than possible. Most important of all, the AWS Blockchain templates can help developers focus their attention solely on application building.

Now, developers won’t have to worry about the concerns of managing underlying infrastructure, its development, maintenance, and security. However, many users don’t have profound knowledge regarding the use of AWS Hyperledger Fabric blockchain templates. So, the following discussion helps you obtain a clear impression of the different ways to deploy your Hyperledger Fabric blockchain application through AWS blockchain templates.

Want to learn the basic and advanced concepts of Blockchain and Hyperledger Fabric? Enroll Now: Getting Started with Hyperledger Fabric Course

Importance of AWS in Deploying Blockchains

Before starting the AWS Hyperledger Fabric tutorial, it is important to know the reasons for selecting AWS. Amazon Web Services (AWS) presently offer two common alternatives for deploying blockchains. The Amazon Managed Blockchain works as a completely managed platform operating on the PaaS service delivery model. 

On the other hand, Amazon Blockchain Templates work according to the IaaS service delivery model. AWS Blockchain Templates primarily use containers that are subject to setup and management by users. Furthermore, AWS also specializes in the blockchain domain with Amazon Quantum Ledger Database (QLDB), a distributed ledger technology. Let us reflect a bit more on the blockchain offerings available on AWS.

Build your identity as a certified blockchain expert with 101 Blockchains’ Blockchain Certifications designed to provide enhanced career prospects.

Amazon Managed Blockchain – AWS Blockchain Offering

Amazon Managed Blockchain serves as a fully managed service for developing and managing blockchain networks with desired scalability. It can help in capitalizing on the power of open-source frameworks such as Hyperledger Fabric and Ethereum, thereby indicating parallels with AWS Blockchain Template for Hyperledger Fabric. Amazon Managed Blockchain takes away the additional overhead required for creation of a network. In addition, it also enables automatic scalability for addressing the demands of multiple transactions. 

Understanding Blockchain Templates on AWS

On the other end, it is important to focus on AWS Hyperledger Fabric blockchain templates. AWS Blockchain Templates are suitable for users aspiring to carry out management of their own blockchain network. AWS Blockchain templates offer the perfect fit as an easy method for getting started with blockchain on AWS. 

Amazon Blockchain Templates are basically AWS CloudFormation templates that can help developers in faster and easier creation of cloud deployments alongside flexible management. AWS Blockchain templates generally deploy the blockchain framework selected by the user on Amazon Elastic Container Service or ECS cluster. 

On the other hand, they can also deploy blockchain frameworks directly on EC2 instances that are operational on Docker. The blockchain network deployed with AWS blockchain template for Hyperledger Fabric leverages its personal Amazon Virtual Private Cloud or VPC. The VPC provides assurance of improved granular control across network ACLs, AWS IAM or Identity and Access Management, and VPC subnets. 

Furthermore, AWS blockchain templates also showcase exceptionally high availability throughout all public AWS regions. Most important of all, users don’t have to pay additional charges for using AWS blockchain templates. You have to pay only for the resources that you need to run AWS blockchain templates. Another interesting highlight regarding AWS blockchain templates refers to the facility of public or private blockchains for Ethereum deployments. On the contrary, Hyperledger Fabric deployments through AWS blockchain templates are private only at present.

The Significance of Hyperledger Fabric

With so much being said about AWS blockchain templates, let’s move towards the other contributor in AWS Hyperledger Fabric relation. Hyperledger Fabric is basically the blockchain framework capable of running smart contracts known as chaincode. The smart contracts or chaincode on Hyperledger Fabric are scripted by using the Go programming language. 

Users could easily create private networks with Hyperledger Fabric. Therefore, it is clear that Hyperledger Fabric allows the options for restricting the number of participants eligible for connecting to and participating in the network. So, if you want to deploy Hyperledger Fabric applications on the cloud, then the AWS blockchain template for Hyperledger Fabric is your ideal pick. 

The Hyperledger Fabric AWS blockchain template supports a ‘docker-local’ container platform, a unique achievement. The unique facet with the AWS Hyperledger Fabric blockchain template ensures that Hyperledger Fabric containers can be deployed only on a single EC2 instance.

Components in AWS Blockchain Template for Hyperledger Fabric

The next important point of concern in the AWS Hyperledger Fabric tutorial refers to the components. The components of AWS blockchain template built for Hyperledger Fabric blockchain network applications. The AWS Blockchain Template for Hyperledger Fabric establishes an EC2 instance by using Docker. 

In addition, the AWS Blockchain Template also triggers a Hyperledger Fabric network by leveraging containers on the concerned instance. Another critical component addition in the network refers to one order service and three organizations. The three organizations feature one peer service, each as a unique differentiator. Furthermore, the AWS blockchain template also sets up a Hyperledger Explorer container. 

The Hyperledger Explorer container is a suitable instrument for helping users with blockchain data browsing functions. Interestingly, the AWS blockchain templates for Hyperledger Fabric also include the feature of launching a PostgreSQL server container for supporting Hyperledger Explorer. You can find a succinct outline of the components in an AWS Hyperledger Fabric blockchain template in the following diagram.

Image Source: aws.amazon.com

Stages of Deploying a Hyperledger Fabric AWS Blockchain Template

With a clear impression of the different components that are evident in an AWS Blockchain Template for Hyperledger Fabric, it is important to obtain a high-level perspective on creation of Hyperledger Fabric blockchain service on AWS. Here are some of the high-level steps that you must follow for creating a Hyperledger Fabric blockchain service on AWS. 

Step 1: The first step in deploying an AWS Hyperledger Fabric blockchain service is the selection of a blockchain framework. The common choices include Ethereum, Hyperledger Fabric, or Corda. For the case of this discussion, we shall select Hyperledger Fabric as the preferred blockchain framework for deployment. 

Step 2: The second stage of creating and deploying a Hyperledger Fabric blockchain service on AWS involves selection of the region on AWS for deployment. Users have the option for selecting the deployment of AWS blockchain template for Hyperledger Fabric in three public AWS regions. 

Step 3: Subsequently, the users depending on AWS blockchain templates to run Hyperledger Fabric blockchain applications should create a VPC. The Amazon Virtual Private Cloud service can provide adequate support in this case. 

Step 4: Now, you have to develop the key pairs and security groups according to the specifications of your application. 

Step 5: Users must also configure the CloudFormation stack for their blockchain application for running the application on cloud. 

Step 6: After finalizing the design of the template with all verified components, you can move ahead with the process of deploying the template. 

Step 7: In the final step, users can carry out tasks such as installation of smart contracts or chaincode to ensure desired functionality from the blockchain network. 

Are you preparing for your Hyperledger interview? Here’s a quick guide to the top Hyperledger interview questions and answers to help you prepare for the interview.

Prerequisites for Deploying AWS Blockchain Template for Hyperledger Fabric

The high-level presentation of deploying a Hyperledger Fabric blockchain network on AWS shows the simplicity of using AWS blockchain templates. However, any AWS Hyperledger Fabric tutorial would focus prominently on the prerequisites. Users must pay attention to the following requirements when launching AWS blockchain template for Hyperledger Fabric applications.

• First of all, users must ensure that the IAM principle, such as the user or group used by them, has the necessary permissions to work with related services. 
• The next important prerequisite for using AWS Hyperledger Fabric blockchain template points out access to a key pair. The key pair in concern here refers to the one used for accessing EC2 instances, such as using SSH. It is also important to ensure that the key is available in the exact region where the instance is located. 
• It is also important for users to have an EC2 instance profile featuring an attached permissions policy. The permissions policy can allow access of the Hyperledger Fabric network to Amazon Elastic Container Registry for pulling containers and Amazon S3. Users can view the official documentation on instances of IAM permissions for EC2 instance profile. 
• The next important prerequisite for using AWS Blockchain Template for Hyperledger Fabric refers to the Amazon VPC network. The Amazon VPC network must feature a public subnet or a private subnet having an Elastic IP address along with a NAT Gateway for enabling easier access to AWS CloudFormation, Amazon ECR, and Amazon S3. 
• The final and most important prerequisite for setting up AWS Hyperledger Fabric blockchain network is an EC2 security group. The security group must feature inbound rules for enabling SSH traffic at port 22 from different IP addresses which want to connect to the instance by using SSH. The security group is also essential for clients who have to connect with Hyperledger Explorer at port 8080.

Start learning Blockchain with World’s first Blockchain Skill Paths with quality resources tailored by industry experts Now!

Example of IAM Permissions for Selected EC2 Instance Profile

After a detailed overview of the prerequisites to deploy a Hyperledger Fabric blockchain network on AWS, it is important to understand the example IAM permissions. Users could set up specifications for an EC2 instance profile ARN to serve as a parameter in the use of AWS blockchain template for Hyperledger Fabric. The following example policy statement offered on official AWS website serves as a reference for creating the permissions policy related to a concerned EC2 role and instance profile.

{

    "Version": "2012-10-17",

    "Statement": [

        {

            "Effect": "Allow",

            "Action": [

                "ecr:GetAuthorizationToken",

                "ecr:BatchCheckLayerAvailability",

                "ecr:GetDownloadUrlForLayer",

                "ecr:GetRepositoryPolicy",

                "ecr:DescribeRepositories",

                "ecr:ListImages",

                "ecr:DescribeImages",

                "ecr:BatchGetImage",

                "s3:Get*",

                "s3:List*"

            ],

            "Resource": "*"

        }

    ]

}

Connection with Hyperledger Fabric Resources

Users can easily connect with Hyperledger Fabric resources on a concerned EC2 instance after finding the ‘CREATE_COMPLETE’ message by the root stack created with the concerned template. This is one of the important aspects of an AWS Hyperledger Fabric tutorial as it plays a crucial role in achieving the comprehensive functionalities of Hyperledger Fabric blockchain on AWS. 

If users have a specified public subnet, then they could connect to the EC2 instance easily, just like any other common EC2 instance. On the other hand, if you have set up a private subnet, you can configure and deploy a bastion host on proxy connections to Hyperledger Fabric resources. 

It is also important to note that the AWS blockchain template for Hyperledger Fabric assigns a public IP address to the EC2 instance that hosts Hyperledger Fabric services. On the other hand, the IP address is not accessible to the public due to routing policies specified in the private subnet. The routing policies specified by users impose formidable limitations on movement of traffic between public sources and concerned IP address. 

Not sure how to build your career in enterprise blockchains? Enroll Now in How to Build Your Career in Enterprise Blockchains Course

Using a Bastion Host for Proxy Connections 

In the final stage of the tutorial on getting started with AWS Hyperledger fabric blockchain, the main discussion would focus on proxy connections by leveraging a Bastion Host. As a matter of fact, Hyperledger Fabric services can experience setbacks in public availability. In such cases, users can easily leverage a bastion host for connecting to Hyperledger Fabric resources. The bastion host is basically an EC2 instance, and users have to focus on addressing certain important requirements before running. Here is an outline of the important requirements that you must follow while setting up a bastion host. 

The concerned EC2 instance for the specific bastion host must be vested in a public subnet featuring auto-assign public IP functionality alongside an internet gateway.

The bastion host must feature a key pair that enables supports for SSH connections.

The bastion host is related closely with a security group that has the capability to enable inbounded SSH traffic from clients connecting to the host.

Finally, the security group allocated for the Hyperledger Fabric hosts must support inbound traffic across all ports from sources in the VPC. The Hyperledger Fabric host could be the host EC2 instance in case of docker-local being the container platform or Application Load Balancer in case of ECS being the container platform.

Start learning Blockchain with World’s first Blockchain Career Paths with quality resources tailored by industry experts Now!

Bottom Line

On a concluding note, you can clearly observe the various best practices for using AWS Blockchain Template for Hyperledger Fabric. Blockchain templates are indeed a flexible instrument for deploying blockchain applications on the cloud. They take away the prominent burden of setting up a blockchain network and configuring other specifications to deploy a blockchain application. 

Now, you can easily deploy your blockchain application with your preferred blockchain framework on AWS with blockchain templates. The official documentation of AWS blockchain template service can help you expand your knowledge about using them for Hyperledger Fabric applications. With blockchain gaining profound importance in recent times, you should start learning more about AWS blockchain templates for Hyperledger Fabric blockchain networks right now!

Hyperledger is an open-source project for building private blockchain applications for a range of domains. Getting Started with Hyperledger Fabric Course Today!