AWS Deployment Release Engineering

I'm the architect and founder of a new startup. I'm looking for help creating deployment setup on AWS EC2. The startup site runs on Java/Tomee/JSF (it's Tomcat for JavaEE and follows same design and structure as Tomcat) and Linux. The goal is to automate deployment and EC2 instance creation process. So in case an instance had failed, a new one can be automatically started without manual intervention. There are two parts to this assignment; EC2 instance setup, and a build script to deploy latest WAR. To complete this work you need to have your own Amazon account. You can finish needed work for free on Amazon free tier. Be sure to parameterize all needed info (Amazon Id, secret, S3 buckets, user names, passwords, etc...) in scripts, nothing should be hard-coded. The solution I came up with is to use ubuntu cloudInit to setup EC2 when an instance is created. All detailed steps are below. I'm open to suggestions and improvements. Depending on quality of work and neatness I'll pay for finished two scripts up to $250. Depending on your experience this work will take 4-8 hours. For the second deployment script I already have one that works. We can discuss in more details. I'm hoping to have this done ASAP. Will pay you once I have working scripts tested. Keep in mind, this is just the start, there is many similar work opportunities of this type for other parts of the system nodes (DB, cache, search, etc...). Deployment Prerequisites: You'll have a WAR and Tomee in a release bucket on S3. For your own work, you can simply use Tomcat and a simple war stored on your S3. Your script will take an S3 bucket name and amazon id + secret to get needed files. When I test the script I'll test with my own Amazon account and files in S3. This way you're isolated from specifics. WAR file name will be: [login to view URL], app server file: [login to view URL] EC2 Instance Deployment: When creating a new EC2 on plain vanilla Latest Ubuntu AMI, hook cloud init script to do below: set up ROOT password create tomee user uninstall openJDK if installed install Sun JRE 1.6 (requires setting up 3rd repo sources) set up IP tables routes to forward from 80 to 8080 to tomee as we don't want root to run tomee. Assure this persists and survives reboots. See sampl in this thread [login to view URL] Disable unneeded services, the app only needs Java/Tomee and related system services to work Security: Set the instance to use an EC2 Security Group called sportivity-EC2-sec-group (group only exposes port 80 to public) Setup SSH key on instance, take public key from S3 release bucket so only authorized admins can ssh to the server. Disable Password-based Login and root login in SSH config. Allow ssh access to user tomee in SSH config. Any other security measures to take? get Tomee zip from S3, extract locally to /home/tomee set up proper file system directory permissions Call Release script below Release Deployment: Stop Tomee Remove old /home/tomee/webapps/[login to view URL] if it exists Copy latest WAR from S3 to /home/tomee/webapps/[login to view URL] Start Tomee as Tomee user In case of Server restart Tomee should be started (make tomee [login to view URL] a service) Assure Tomee started successfully