Secure web application deployment on Azure — virtual network, Docker containers, Ansible automation, and load balancing. UofT cybersecurity program (2024).
A multi-VM setup on Azure running DVWA (Damn Vulnerable Web Application) behind a load balancer, managed through a Jump Box:
- Virtual network segmented into subnets with NSG rules locking down traffic to only what's needed — SSH from my IP to the Jump Box, HTTP from the load balancer to the web VMs, and nothing else
- Jump Box as the single entry point. All VM management goes through it, so the web servers never need direct SSH exposure to the internet
- 3 web servers running DVWA in Docker containers, deployed and configured identically via Ansible playbooks from the Jump Box
- Azure Load Balancer distributing traffic across the web VMs with health probes — I tested failover by stopping containers on individual VMs and confirmed traffic rerouted within seconds
The network diagram shows the full topology — virtual network, subnets, NSG rules, Jump Box, web server pool, and load balancer configuration.
The Ansible piece was the most valuable part for me. Manually configuring 3 identical VMs would have been tedious and error-prone — writing the playbook took longer upfront but meant I could tear down and rebuild the entire environment in minutes. That's basically how I approach my homelab now, just with Docker Compose instead of Ansible.
Microsoft Azure, Ansible, Docker, DVWA, NSGs, Azure Load Balancer
Full project report with configuration details and security assessment: Azure Project Report (PDF)
Cloud security project for UofT's cybersecurity certificate program.