I stumbled upon the Cloud Resume Challenge while preparing myself for the AWS Certified Solution Architect exam. I already passed the Cloud Practitioner and was looking for some hands-on labs or challenges to get my hands cloudy...
I've come up with my own challenge 100 days in Cloud during which I go through one lab a day and describe how I solved it. But I needed a bigger project that would demand some more digging and sweating to accomplish, hence the CRC.
✔️ Certification - got my AWS Certified Cloud Practitioner
✔️ HTML - check [my profile](https://myprofile.cloudofthings.link/
✔️ CSS - style.css
✔️ Static Website - AWS SAM template takes care of that
✔️ HTTPS - Amazon CloudFront takes care of that
✔️ DNS - Route 53 points to my profile page as part of cloudofthings.net
✔️ Database - DynamoDB deployed using SAM
✔️ API - similarly here
✔️ Python - Lambda functions
✔️ Tests - Integration and End-to-end tests in GitHub actions
✔️ Infrastructure as Code - AWS SAM template
✔️ CI/CD - GitHub actions
✔️ Blog post - obviously... 😏
I started with creating a sample HelloWorld application using SAM. This way I got Lambda with API Layer as a starting point for my infrastructure. Not everything went smoothly as one might have wished for so I'll focus mainly on my greatest challenges and solutions that thought me something new.
An example of an issue I got stuck on was when making the bucket accessible for the CloudFront distribution so I've decided to make my website bucket private and used CloudFront Origin Access Identity. It somehow felt more secure as well, so win-win situation even though it drove me crazy not being able to figure out what's blocking CloudFront access to the previously public bucket.
Creating the ACM Certificate and attaching it to my CloudFront. I live in Sweden and I thought it's only logical to use resources nearby and to find out if there are any services that I won't be able to use. And Certificates for CloudFront distribution happen to be an example of that. Since CloudFront uses certificates created only in the us-east-1 region I had to create one in AWS Console and use its ARN in the template. I suspect that there is a pure IaC-ish type of solution but this one works too.
The most giving lesson from the challenge was the CI/CD with GitHub Actions. What I revelation that was. Even though that I used Live Server extension for VSC - which I strongly recommend - I was struck by how easy it is to upload and deploy your code with Actions. When I set up my Workflow to use AWS SAM it builds and deploys changes in the infrastructure. Similarly for the website contents making the pushes would trigger the upload of the website content.
Working on the backend consisting of API Gateway, Lambda, DynamoDB was relatively easy since I've done it many times. Here I've learned that you can easily increment values in tables using update expression.
Another challenging part was to write a SAM template, getting the syntax right, using !Ref and Fn::Sub functions. But it was a great practice. Infrastructure as Code feels like the only way to design and deploy resources in AWS.
I got so much out of this Challenge! I needed that kind of project to get my head around all of the things I've been learning recently while preparing for the Solution Architect Associate exam and put my skills into action. I wrote two separate posts on my blog detailing the steps I took, so if you are curious have a look at the first and second one.
Check my website if you’re looking for inspiration on AWS hands-on labs.