I've put together a project to deploy a simple application to the AWS cloud.
The application is based on the serverless model, leveraging cloud-native architecture and keeping the costs minimal.
Below is a diagram of the infrastructure, a description of the data flow, and the steps you need to take to make it work.
Feel free to check other README files in part1 and part2 folders
- Freshly pushed commit is being detected by an AWS CodePipeline (via CloudWatch Events).
- The application build process begins in the AWS CodeBuild.
- New docker image is being built and then pushed to the AWS Elastic Container Registry
- After 20 seconds AWS CodeBuilt finishes its job by updating the AWS Lambda application version.
- Python is fetching a bitcoin price from coinmarketcap.com.
- After a bit of data modification, the modified price and current date are inserted into the HTML template.
- Modified template gets saved and then uploaded to the s3 bucket.
AWS EventBridge rule is triggering a lambda function every one hour.
- Head to the
part1/locals.tffile. - Change
ACCOUNT_ID(required) and other values (optional)
- AWS account with administrative access (iam resources are being created, so power user won't do).
- Configured aws cli
terraform apply -target module.part1- Configure git
git remote add cloud (put "codecommit_url" output here)terraform output codecommit_service_user_nameterraform output codecommit_service_passwordgit push cloud- Enter credentials from previous steps
- Wait for a minute or two for codepipeline to finish building and pushing a docker image
terraform apply- We can grab
s3websiteoutput from terraform and test whether the app is working.
- Better security
- more complex IAM policies (conditions, calledvia)
- resource policies (mainly for the s3 buckets)
- CloudFront implementation
- Instead of AWS bucket website endpoint
- Better security (ssl/tls)
- Fewer GET requests on the s3 bucket
- Smaller latencies for international users
- Consider implementing terraform pipeline (in AWS)
- Store terraform state in the private s3 bucket
- Uncomment some sections from the .tf files such as:
- part1/main.tf s3-versioning
- Consider switching to cloudformation :))