This repository contains an AWS Cloudformation template and other necessary lambda functions to automate AWS infrastructure deployment to host a static website. This cloudformation stack also creates a CI/CD pipeline for automated deployment of static website and it also setups a Elasticsearch service for S3 access logs analysis and visualization .
- Static website (html/css/javascript). (I prefer Hexo static site generator.)
- A registered domain name for website.
- Should have AWS CLI installed & configured and git setup for AWS CodeCommit on the local machine.
- Good knowledge of Amazon web services.
- Route 53 - DNS service and domain registration for website
- Cloudfront - CDN, HTTPS
- S3 buckets - Website content, www redirect, access logs, CodePipeline artifacts, lambda zip files
- Lambda functions - S3 logs to cloudwatch, cloudwatch logs stream to elastisearch, certificate, delete elasticsearch indices
- Cloudwatch - Collects s3 access logs, trigger events
- Elasticsearch/Kibana - Logs analysis and visualization
- Cognito - Authentication for Kibana
- Certificate Manager - Free certificates
- IAM - Security, roles, permissions
- Cloudformation - Infrastructure Management
- Codecommit - Git repository
- Codepipeline - Orchestrates git and code build
- Codebuild - Code dependency installation
Step 1 - As the lamdba functions described in the main cloudformation template uses a S3 bucket to store the code, Create a S3 bucket first using the template "websiteLambdaHolderBucket.yaml" either from AWS console or by below AWS CLI command.
aws cloudformation create-stack --stack-name {stackname} --template-body file://{path_to_template_file}Step 2 - Upload all the lambda zip files within Lambdas folder to the bucket created in above step using following AWS CLI command.
aws s3 cp {lambdas folder path}/ s3://{bucketname}/lambdas/ --recursiveStep 3 - After that main stack can be created using the template "staticwebsite.yaml". It might take around 40 to 50 minutes to create all the resources.
aws cloudformation create-stack --stack-name {stackname} --template-body file://{path_to_template_file} --capabilities CAPABILITY_IAM --parameters ParameterKey=DomainName, ParameterValue={basedomain} ParameterKey=PreExistingHostedZoneDomain, ParameterValue={hosted zone} ParameterKey=PreExistingHostedZoneId, ParameterValue={hosted zone id} ParameterKey=ProjectName, ParameterValue={project name}Use following commands to track the stack events and output.
aws cloudformation describe-stacks --stack-name {stackname}
aws cloudformation describe-stack-events --stack-name {stackname}Step 4 - Once the stack is created, the output of stack will provide the site bucket name, Kibana url, CodeCommit url, Cognito user pool id.
- Use AWS Codecommit url to clone the repository and push the static website code.
- Create a new user profile in the user pool to access Kibana using the following command.
aws cognito-idp admin-create-user --user-pool-id {userpoolid} --username {username} --user-attributes Name=email_verified,Value=true,Name=email,Value={emailid} --region {region} --temporary-password {temp password}- Finally login into Kibana using the credentials created in the above step and configure the Kibana to use the Elasticsearch indices.
-
As soon as the code is pushed to AWS Codecommit, AWS Codepipeline is triggered by the push , then it uses AWS CodeBuild to build the code & finally AWS CodeBuild copies the files to S3 site bucket.
-
The template fully automates the provisioning of certificate including validation. It uses DNS validation method to validate the certificate. In order to use ACM Certificate with Cloudfront distribution, the certificate will be created in us-east-1 region only.
-
The template has been tested in us-east-1(North Virginia) and ap-south-1(Mumbai) regions. It should work in other regions as well.