In this project, I designed and deployed a complete serverless Student Management application using AWS services.
The system lets users add new student records and retrieve existing data, powered entirely by:
AWS Lambda
Amazon DynamoDB
API Gateway (REST API)
S3 Static Website Hosting
CloudFront CDN
IAM (Role-based permissions)
This article contains everything needed to recreate the project from scratch
1. Create DynamoDB Table
Open DynamoDB in the AWS Console
Click Create Table
Set:
Table name: studentData
Partition key: studentid (String)
Create the table.
π Ensure the partition key name matches exactly with the name used inside your Lambda functions.
2. Create IAM Role for Lambda
Go to IAM β Roles β Create Role
Select Lambda as the use case
Attach the policy: AmazonDynamoDBFullAccess
Name it: lambda-dynamodb-full-access
Create the role.
3. Create Lambda Function β Fetch Students (GET)
Go to AWS Lambda
Click Create function
Choose Python 3.12
Select Use an existing role
Pick the role: lambda-dynamodb-full-access
Paste your getstudents.py code
Deploy the function
4. Create Lambda Function β Insert Students (POST)
Repeat the same steps as the GET function:
Create a new Lambda (Python 3.12)
Choose the same IAM role
Paste insertstudentdata.py
Deploy
*5. Build REST API Using API Gateway
*
Open API Gateway
Choose REST API β Build
Set:
API name: any
Endpoint type: Edge Optimized
Create the API
Add Methods
GET Method
Resource: /
Method: GET
Integration type: Lambda
Select the GET Lambda function
POST Method
Resource: /
Method: POST
Integration: Lambda
Select the POST Lambda function
Enable CORS
Select the resource
Click Enable CORS
Deploy the API
Deploy β New Stage β prod
Copy the Invoke URL
Add it to your script.js
6. Create S3 Bucket for Hosting the Website
Go to S3 β Create bucket
Keep Block Public Access ON
Upload:
index.html
script.js
7. Enable Static Website Hosting in S3
Go to Properties
Scroll to Static Website Hosting
Enable it and set:
Index document: index.html
Error document: index.html
8. Allow CloudFront to Access S3 (Bucket Policy)
Since your bucket will remain private, CloudFront needs permission to read files.
Use this policy template:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowCloudFrontAccess",
"Effect": "Allow",
"Principal": {
"Service": "cloudfront.amazonaws.com"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::your-bucket-name/*",
"Condition": {
"StringEquals": {
"AWS:SourceArn": "arn:aws:cloudfront::YOUR-ACCOUNT-ID:distribution/YOUR-DISTRIBUTION-ID"
}
}
}
]
}
Replace:
your-bucket-name
YOUR-ACCOUNT-ID
YOUR-DISTRIBUTION-ID
9. Create CloudFront Distribution
Open CloudFront
Click Create Distribution
Set:
Origin domain: Your S3 bucket
Origin access: OAC (Origin Access Control) β Create new
Viewer protocol policy: Redirect HTTP β HTTPS
Default Root Object: index.html
Ensure:
β Your S3 bucket is private
β CloudFront accesses S3 using OAC
Create the distribution.
Copy the CloudFront URL:
dxxxxxx.cloudfront.net
This becomes your main website link.
10. Add CORS to S3 (Optional but Recommended)
[
{
"AllowedHeaders": ["*"],
"AllowedMethods": ["GET", "POST", "PUT", "DELETE", "HEAD"],
"AllowedOrigins": ["*"],
"ExposeHeaders": ["ETag"],
"MaxAgeSeconds": 3000
}
]
π Final Output
Your serverless system now supports:
β Adding student records (POST Lambda)
β Fetching student data (GET Lambda)
β API handling with API Gateway
β Fast NoSQL storage using DynamoDB
β S3 hosting for the front-end
β CloudFront as a secure CDN
β OAC-based private bucket access
β Proper CORS configuration
β 100% serverless, scalable, and cost-efficient architecture
Conclusion
This project is an excellent introduction to:
Serverless development on AWS
Working with DynamoDB
Writing Lambda functions in Python
Building APIs with API Gateway
Hosting static websites on S3
Using CloudFront for global delivery
Understanding IAM and permissions
Top comments (0)