DEV Community: Aaron Dave Siapuatco The latest articles on DEV Community by Aaron Dave Siapuatco (@ewan). https://dev.to/ewan https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1284774%2Fb48de4cc-f2e6-4cc9-aa34-d63c2d15e05f.jpg DEV Community: Aaron Dave Siapuatco https://dev.to/ewan en Setting Up AWS S3 with Django Aaron Dave Siapuatco Fri, 21 Mar 2025 13:09:07 +0000 https://dev.to/ewan/setting-up-aws-s3-with-django-3h34 https://dev.to/ewan/setting-up-aws-s3-with-django-3h34 <p>Ever tried to build a CMS fearing scalability? Me neither, but when we code, we should always do best practices! So while Django thoughtfully provides a static folder for your assets, it will definitely not scale properly. So, this is where AWS S3 buckets come in! Offering a scalable solution for storing media files.</p> <p>Despite Django's popularity and extensive documentation, setting up S3 integration can be challenging due to limited resources. After being stuck for a few days myself, I've created this tutorial to help others implement S3 buckets with Django quickly and efficiently.</p> <h2> 🪣 AWS S3 Setup </h2> <p>First, let's create your shiny new S3 bucket:</p> <ol> <li>Log into AWS</li> <li>Navigate to the S3 service (hint: just search for "S3")</li> <li>Create a bucket with these super-important characteristics: <ul> <li>A globally unique name (get creative – <code>my-awesome-project-media</code>)</li> <li>Public access settings tailored to your paranoia level</li> <li>Create a folder called <code>images/</code> </li> </ul> </li> </ol> <h3> 🔐 IAM Permissions </h3> <p>Don't be that person using admin keys for everything. Create a dedicated IAM user:</p> <ol> <li>Head to IAM service</li> <li>Create a new policy with this magical JSON: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Version"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2012-10-17"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Statement"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Effect"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Allow"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Action"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"s3:PutObject"</span><span class="p">,</span><span class="w"> </span><span class="s2">"s3:GetObject"</span><span class="p">,</span><span class="w"> </span><span class="s2">"s3:DeleteObject"</span><span class="p">,</span><span class="w"> </span><span class="s2">"s3:ListBucket"</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"arn:aws:s3:::your-bucket-name/*"</span><span class="p">,</span><span class="w"> </span><span class="s2">"arn:aws:s3:::your-bucket-name"</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ol> <li>Create a new IAM user, attach your shiny new policy</li> <li>Save those credentials like they're the secret recipe to your grandma's cookies</li> </ol> <h3> CORS Configuration </h3> <p>If your frontend will talk directly to S3:</p> <ol> <li>Find your bucket properties</li> <li>Scroll down to CORS configuration</li> <li>Add this policy (adjust to your needs): </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"AllowedHeaders"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"*"</span><span class="p">],</span><span class="w"> </span><span class="nl">"AllowedMethods"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"GET"</span><span class="p">,</span><span class="w"> </span><span class="s2">"HEAD"</span><span class="p">],</span><span class="w"> </span><span class="nl">"AllowedOrigins"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"https://your-domain.com"</span><span class="p">],</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="err">Or</span><span class="w"> </span><span class="err">just</span><span class="w"> </span><span class="err">use</span><span class="w"> </span><span class="err">*</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">not</span><span class="w"> </span><span class="err">yet</span><span class="w"> </span><span class="err">deployed</span><span class="w"> </span><span class="nl">"ExposeHeaders"</span><span class="p">:</span><span class="w"> </span><span class="p">[],</span><span class="w"> </span><span class="nl">"MaxAgeSeconds"</span><span class="p">:</span><span class="w"> </span><span class="mi">3000</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span></code></pre> </div> <h2> 🐍 Django Configuration </h2> <p>Now let's connect our Django project and S3:</p> <h3> 1. Install the necessary packages </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>pip install django-storages boto3 python-dotenv </code></pre> </div> <h3> 2. Create a <code>.env</code> file </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>AWS_ACCESS_KEY_ID=your-access-key AWS_SECRET_ACCESS_KEY=your-secret-key AWS_STORAGE_BUCKET_NAME=your-bucket-name AWS_S3_REGION_NAME=your-region </code></pre> </div> <p><strong>IMPORTANT:</strong> Add <code>.env</code> to your <code>.gitignore</code> file!</p> <h3> 3. Update <code>settings.py</code> – The Control Center </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">os</span> <span class="kn">from</span> <span class="n">dotenv</span> <span class="kn">import</span> <span class="n">load_dotenv</span> <span class="c1"># Load those secret environment variables </span><span class="nf">load_dotenv</span><span class="p">()</span> <span class="c1"># Static files configuration (the classics) </span><span class="n">STATIC_URL</span> <span class="o">=</span> <span class="sh">"</span><span class="s">/static/</span><span class="sh">"</span> <span class="n">STATIC_ROOT</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="n">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="n">BASE_DIR</span><span class="p">,</span> <span class="sh">"</span><span class="s">staticfiles</span><span class="sh">"</span><span class="p">)</span> <span class="n">STATICFILES_DIRS</span> <span class="o">=</span> <span class="p">[</span> <span class="n">os</span><span class="p">.</span><span class="n">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="n">BASE_DIR</span><span class="p">,</span> <span class="sh">"</span><span class="s">&lt;DJANGO_APP&gt;/static</span><span class="sh">"</span><span class="p">),</span> <span class="c1"># Your app's static folder </span><span class="p">]</span> <span class="c1"># AWS S3 Configuration - The VIP section </span><span class="n">AWS_ACCESS_KEY_ID</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="nf">getenv</span><span class="p">(</span><span class="sh">'</span><span class="s">AWS_ACCESS_KEY_ID</span><span class="sh">'</span><span class="p">)</span> <span class="n">AWS_SECRET_ACCESS_KEY</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="nf">getenv</span><span class="p">(</span><span class="sh">'</span><span class="s">AWS_SECRET_ACCESS_KEY</span><span class="sh">'</span><span class="p">)</span> <span class="n">AWS_STORAGE_BUCKET_NAME</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="nf">getenv</span><span class="p">(</span><span class="sh">'</span><span class="s">AWS_STORAGE_BUCKET_NAME</span><span class="sh">'</span><span class="p">)</span> <span class="n">AWS_S3_REGION_NAME</span> <span class="o">=</span> <span class="n">os</span><span class="p">.</span><span class="nf">getenv</span><span class="p">(</span><span class="sh">'</span><span class="s">AWS_S3_REGION_NAME</span><span class="sh">'</span><span class="p">)</span> <span class="c1"># Advanced S3 settings for the power users </span><span class="n">AWS_S3_FILE_OVERWRITE</span> <span class="o">=</span> <span class="bp">False</span> <span class="c1"># No file conflicts here! </span><span class="n">AWS_DEFAULT_ACL</span> <span class="o">=</span> <span class="bp">None</span> <span class="c1"># Let the bucket decide </span><span class="n">AWS_S3_CUSTOM_DOMAIN</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">'</span><span class="si">{</span><span class="n">AWS_STORAGE_BUCKET_NAME</span><span class="si">}</span><span class="s">.s3.amazonaws.com</span><span class="sh">'</span> <span class="c1"># Fancy direct URLs </span> <span class="c1"># Storage class optimization (your wallet will thank you) </span><span class="n">AWS_S3_OBJECT_PARAMETERS</span> <span class="o">=</span> <span class="p">{</span> <span class="sh">'</span><span class="s">CacheControl</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">max-age=86400</span><span class="sh">'</span><span class="p">,</span> <span class="c1"># Cache for a day </span> <span class="sh">'</span><span class="s">StorageClass</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">STANDARD</span><span class="sh">'</span> <span class="c1"># Pick your storage flavor </span><span class="p">}</span> <span class="c1"># Tell Django to use S3 for media storage </span><span class="n">DEFAULT_FILE_STORAGE</span> <span class="o">=</span> <span class="sh">'</span><span class="s">storages.backends.s3boto3.S3Boto3Storage</span><span class="sh">'</span> <span class="c1"># Media URL pointing to your S3 kingdom </span><span class="n">MEDIA_URL</span> <span class="o">=</span> <span class="sa">f</span><span class="sh">"</span><span class="s">https://</span><span class="si">{</span><span class="n">AWS_STORAGE_BUCKET_NAME</span><span class="si">}</span><span class="s">.s3.amazonaws.com/media/</span><span class="sh">"</span> </code></pre> </div> <h3> 4. Create a Model – The Simplest Part! </h3> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># models.py </span><span class="kn">from</span> <span class="n">django.db</span> <span class="kn">import</span> <span class="n">models</span> <span class="k">class</span> <span class="nc">Document</span><span class="p">(</span><span class="n">models</span><span class="p">.</span><span class="n">Model</span><span class="p">):</span> <span class="k">def</span> <span class="nf">get_s3_path</span><span class="p">(</span><span class="n">instance</span><span class="p">,</span> <span class="n">filename</span><span class="p">):</span> <span class="k">return</span> <span class="sa">f</span><span class="sh">"</span><span class="s">documents/</span><span class="si">{</span><span class="n">filename</span><span class="si">}</span><span class="sh">"</span> <span class="c1"># Your S3 bucket path </span> <span class="n">title</span> <span class="o">=</span> <span class="n">models</span><span class="p">.</span><span class="nc">CharField</span><span class="p">(</span><span class="n">max_length</span><span class="o">=</span><span class="mi">100</span><span class="p">)</span> <span class="nb">file</span> <span class="o">=</span> <span class="n">models</span><span class="p">.</span><span class="nc">FileField</span><span class="p">(</span><span class="n">upload_to</span><span class="o">=</span><span class="n">get_s3_path</span><span class="p">)</span> <span class="c1"># This is where the magic happens! </span> <span class="n">uploaded_at</span> <span class="o">=</span> <span class="n">models</span><span class="p">.</span><span class="nc">DateTimeField</span><span class="p">(</span><span class="n">auto_now_add</span><span class="o">=</span><span class="bp">True</span><span class="p">)</span> </code></pre> </div> <p>That's it! Just use <code>FileField</code> or <code>ImageField</code> with <code>upload_to</code> and Django+S3 handles the rest. Magic! ✨</p> <h2> Testing Your Integration </h2> <p>Time to see if our hard work paid off:</p> <ol> <li>Create a document in your admin interface (the easy part)</li> <li>Upload a file (fingers crossed...)</li> <li>Check your S3 bucket (where did my file go?)</li> <li>Test the URL (the moment of truth!)</li> </ol> <h2> Pro Tips: Learn From My Mistakes </h2> <ol> <li> <p><strong>Access Control</strong>:</p> <ul> <li>Use <code>AWS_DEFAULT_ACL = None</code> unless you specifically need public files</li> </ul> </li> <li> <p><strong>Credential Management</strong>:</p> <ul> <li>Keep <code>.env</code> out of version control (your future employer will thank you)</li> <li>Your IAM user should only have the permissions it needs (just S3)</li> <li>For production, consider AWS IAM roles instead of access keys</li> </ul> </li> </ol> <h2> fin. </h2> <p>Congrats! Your Django app is now ready to handle anything from a few profile pictures to millions of cat photos.</p> <p>Happy coding!</p> django aws tutorial webdev Cloud Resume Challenge Aaron Dave Siapuatco Fri, 21 Mar 2025 05:28:35 +0000 https://dev.to/ewan/cloud-resume-challenge-3e5p https://dev.to/ewan/cloud-resume-challenge-3e5p <blockquote> <p>Cover page from Tutorials Dojo</p> </blockquote> <p>Did you know that 70% of career decisions happen on a whim while binge-watching cat videos at 2 AM? That's exactly how I stumbled upon the Cloud Resume Challenge, <strong>a beginner friendly way to introduce yourself to AWS!</strong></p> <p>This is my attempt at the <strong><a href="https://cloudresumechallenge.dev/docs/the-challenge/" rel="noopener noreferrer">Cloud Resume Challenge by Forrest Brazzeal</a></strong>, which involves a simple project specification utilizing AWS.</p> <p>In this article, I will discuss what I did to complete the challenge, and also with the added complexity of using Terraform, instead of AWS Cloud Formation as specified in the challenge.</p> <p>Project Outcome:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1yt711ueqbpumrle5yt3.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1yt711ueqbpumrle5yt3.png" alt="Cloud Resume Architecture" width="800" height="282"></a></p> <h2> What is the Challenge? </h2> <p>The Cloud Resume Challenge is about following a <strong>project specification</strong> using <strong>AWS</strong>, that results in a Resume site. </p> <p>The challenge encourages the use of various AWS services, along with some CI/CD tools too, but you can personalize the project by swapping out certain tools or services. For example:</p> <ul> <li> <strong>CloudFormation</strong> -&gt; <strong>Terraform</strong> </li> <li> <strong>GitHub Actions</strong> -&gt; <strong>GitLab CI/CD</strong> </li> <li> <strong>Route 53</strong> -&gt; <strong>Cloudflare</strong> </li> </ul> <p>And if you're a student checkout the <em><a href="https://education.github.com/pack" rel="noopener noreferrer">Github Education Pack.</a></em> It has a lot of free perks like free domains.</p> <p>The goal is to make everything work together seamlessly in the end, entirely depending on <strong>your</strong> interpretation of the project specifications.</p> <h2> Tackling the Challenge </h2> <p>The challenge consists of 16 parts, but I'll simplify it into five key sections:</p> <ol> <li> <strong>Building the Frontend:</strong> Designing your resume site and setting it up with S3, CloudFront, and Route 53.</li> <li> <strong>Building the Backend:</strong> Manually provisioning backend resources, including AWS Lambda, API Gateway, and DynamoDB.</li> <li> <strong>Automating with GitHub Actions:</strong> Implementing CI/CD for the frontend.</li> <li> <strong>Infrastructure as Code (IaC):</strong> Converting your backend into IaC using Terraform.</li> <li> <strong>Deploying Unit Tests:</strong> Ensuring your code is robust before deployment.</li> </ol> <p>Finally, enjoy the results and prepare for the AWS Certified Cloud Practitioner (CCP) exam or any other certification!</p> <h2> Building the Frontend </h2> <p>You can use any framework you're comfortable with, such as plain HTML, CSS, and JavaScript. For this project, I used Next.js, ShadcnUI, TypeScript, and Tailwind CSS. However, this article will focus on the cloud setup rather than designing the website. So, feel free to go with any basic look or take time to design it.</p> <p>Once you've designed your resume website and populated it with your data, you can manually provision the necessary AWS resources to host your site.</p> <h3> Before using AWS </h3> <p>Now, most people I saw following the challenge went directly into creating AWS resources in the console. However, I think it would be better if first diagrammed and saw the bigger picture of what you are building.</p> <p>So, here is what the frontend architecture would look like: </p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fydqowqlb263d4w6rp92i.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fydqowqlb263d4w6rp92i.png" alt="Frontend Diagram" width="800" height="297"></a></p> <blockquote> <p>For those who have not yet created their AWS accounts, you can <br> follow <a href="https://medium.com/@harrietty/setting-up-%20&lt;br&gt;%0A%20%20your-aws-account-the-right-way-dfa9a6b5cfbb" rel="noopener noreferrer">this guide</a>.</p> </blockquote> <p>Once I got the bigger picture, I knew that I had to start in this order, S3 bucket -&gt; CloudFront -&gt; Route53 -&gt; ACM. And all the little steps in between.</p> <h3> Configuring S3 with Cloudfront, ACM &amp; Route53. </h3> <p><strong>S3</strong>: Storage for our static files, or the frontend assets we made.</p> <ul> <li>When naming the S3 bucket, make it <strong><em>unique</em></strong>, all S3 buckets can be accessed if the URL is matched.</li> <li>Don't forget to enable <strong><em>static web hosting</em></strong> </li> <li>Disable <strong><em>block all public access</em></strong> </li> </ul> <p><em>Goal</em>: Have a S3 endpoint to access the frontend assets.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fihdo51p84mx7jfbech8f.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fihdo51p84mx7jfbech8f.png" alt="Endpoint of S3 Bucket" width="800" height="83"></a></p> <blockquote> <p><em>Disclaimer</em><br> Don't worry if the site isn't secure yet(HTTP). It is simply the default for S3 buckets. In the later steps, we are going to use <strong>Cloudfront</strong></p> </blockquote> <p><strong>Route53:</strong> After registering the domain</p> <p><strong>Cloudfront &amp; ACM</strong>: Service that delivers your content through its edge locations or <em><strong>caching</strong></em>.</p> <ul> <li>Linkage of Cloudfront to the S3 endpoint.</li> <li>Create a TLS/SSL certificate for the domain</li> </ul> <p><strong>IMPORTANT:</strong> Always configure the right policies for each of the AWS resource you utilize, or create roles using the root account.</p> <p>Now you should have a resume site with HTTPS!</p> <h2> Building the Backend </h2> <p>With the front-end in place, it's time to set up the back-end. The backend involves creating and configuring services that will allow your resume site to handle dynamic content and store data. For this challenge, we'll manually provision the following AWS resources:</p> <ul> <li> <strong>AWS Lambda:</strong> For running serverless functions.</li> <li> <strong>API Gateway:</strong> To expose your Lambda functions as HTTP endpoints.</li> <li> <strong>DynamoDB:</strong> To store and retrieve data, such as the number of visitors to your site.</li> </ul> <p>And the backend diagram would look something like this:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Foi9ouuf75sl22fhm2oxg.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Foi9ouuf75sl22fhm2oxg.png" alt="Backend Diagram" width="800" height="549"></a></p> <p>Now, setting up the table was easy, making a Lambda interact with it was easy too, I just had to recall some python and understand the <em>boto3</em> library.</p> <p><strong>Lambda</strong>: A <em>serverless</em> service that runs the code once it receives a request to it.</p> <h3> Step 3: Write the Lambda Function Code </h3> <ol> <li>In the Lambda console, scroll down to the <strong>Function code</strong> section.</li> <li>Replace the default code with the following: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight python"><code> <span class="kn">import</span> <span class="n">json</span> <span class="kn">import</span> <span class="n">boto3</span> <span class="k">def</span> <span class="nf">lambda_handler</span><span class="p">(</span><span class="n">event</span><span class="p">,</span> <span class="n">context</span><span class="p">):</span> <span class="n">dynamodb</span> <span class="o">=</span> <span class="n">boto3</span><span class="p">.</span><span class="nf">resource</span><span class="p">(</span><span class="sh">'</span><span class="s">dynamodb</span><span class="sh">'</span><span class="p">)</span> <span class="n">table</span> <span class="o">=</span> <span class="n">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="sh">'</span><span class="s">ResumeVisitorCount</span><span class="sh">'</span><span class="p">)</span> <span class="n">response</span> <span class="o">=</span> <span class="n">table</span><span class="p">.</span><span class="nf">update_item</span><span class="p">(</span> <span class="n">Key</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">id</span><span class="sh">'</span><span class="p">:</span> <span class="sh">'</span><span class="s">visitor_count</span><span class="sh">'</span><span class="p">},</span> <span class="n">UpdateExpression</span><span class="o">=</span><span class="sh">'</span><span class="s">ADD visits :inc</span><span class="sh">'</span><span class="p">,</span> <span class="n">ExpressionAttributeValues</span><span class="o">=</span><span class="p">{</span><span class="sh">'</span><span class="s">:inc</span><span class="sh">'</span><span class="p">:</span> <span class="mi">1</span><span class="p">},</span> <span class="n">ReturnValues</span><span class="o">=</span><span class="sh">'</span><span class="s">UPDATED_NEW</span><span class="sh">'</span> <span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="sh">'</span><span class="s">statusCode</span><span class="sh">'</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="sh">'</span><span class="s">body</span><span class="sh">'</span><span class="p">:</span> <span class="n">json</span><span class="p">.</span><span class="nf">dumps</span><span class="p">(</span><span class="sh">'</span><span class="s">Visitor count updated</span><span class="sh">'</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>Now, all we have to do is setup the API gateway, I used an HTTP API, and configured it to the lambda function. Once created, we should test the endpoint of our API, with something like <em>postman</em>, in order to check if the API can talk with the real world.</p> <p>You should see something similar to:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"statusCode"</span><span class="p">:</span><span class="w"> </span><span class="mi">200</span><span class="p">,</span><span class="w"> </span><span class="nl">"body"</span><span class="p">:</span><span class="w"> </span><span class="s2">"</span><span class="se">\"</span><span class="s2">Visitor count updated</span><span class="se">\"</span><span class="s2">"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Then, once it can communicate with the outside world, let us create a hook from our frontend code to invoke our API, and update the count on the website.</p> <p>And with that, your backend setup is complete! Your site is now capable of interacting with AWS services to perform dynamic actions, such as tracking visitor counts.</p> <h3> Terraform (IaC) </h3> <p>After manually provisioning our resources to understand how they work, it's time to embrace Infrastructure as Code with Terraform. This was one of the more challenging aspects of the project, but also one of the most valuable skills to develop.</p> <p>Unlike the AWS Console where default settings often suffice, Terraform requires explicitly defining each resource characteristic. This means understanding your resources at a deeper level.</p> <h3> Key Components of the Terraform Configuration </h3> <p>My Terraform setup includes several important elements:</p> <ol> <li> <strong>Provider Configuration</strong>: Setting up the AWS provider with region and credential files </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight terraform"><code> <span class="k">terraform</span> <span class="p">{</span> <span class="nx">required_providers</span> <span class="p">{</span> <span class="nx">aws</span> <span class="p">=</span> <span class="p">{</span> <span class="nx">source</span> <span class="p">=</span> <span class="s2">"hashicorp/aws"</span> <span class="nx">version</span> <span class="p">=</span> <span class="s2">"~&gt; 5.0"</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="k">provider</span> <span class="s2">"aws"</span> <span class="p">{</span> <span class="nx">region</span> <span class="p">=</span> <span class="s2">"ap-southeast-1"</span> <span class="c1"># Credential configuration</span> <span class="p">}</span> </code></pre> </div> <ol> <li> <strong>DynamoDB Table</strong>: Creating the visitor counter table with the appropriate attributes and billing mode </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight terraform"><code> <span class="k">resource</span> <span class="s2">"aws_dynamodb_table"</span> <span class="s2">"Guests"</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"Guests"</span> <span class="nx">hash_key</span> <span class="p">=</span> <span class="s2">"SiteID"</span> <span class="nx">billing_mode</span> <span class="p">=</span> <span class="s2">"PAY_PER_REQUEST"</span> <span class="nx">attribute</span> <span class="p">{</span> <span class="nx">name</span> <span class="p">=</span> <span class="s2">"SiteID"</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"S"</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <ol> <li> <p><strong>Lambda Function</strong>: This part required special attention:</p> <ul> <li>Creating IAM roles and policy attachments for Lambda to access DynamoDB</li> <li> <strong>Packaging the Lambda code</strong>: Using <code>archive_file</code> data source to zip the Lambda code directory</li> <li>Configuring the Lambda function with environment variables to reference the DynamoDB table</li> </ul> </li> <li> <p><strong>API Gateway</strong>: Setting up the HTTP API that exposes the Lambda function</p> <ul> <li>Configuring CORS to allow frontend access</li> <li>Creating the integration between API Gateway and Lambda</li> <li>Setting up routes for HTTP methods</li> <li>Deploying the API to a stage</li> </ul> </li> </ol> <h3> Important Terraform Considerations </h3> <p>When implementing this with Terraform, I learned several important lessons:</p> <ol> <li> <strong>Lambda Packaging</strong>: Lambda code must be zipped before deployment. The <code>archive_file</code> data source automates this process: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight terraform"><code> <span class="k">data</span> <span class="s2">"archive_file"</span> <span class="s2">"lambda"</span> <span class="p">{</span> <span class="nx">type</span> <span class="p">=</span> <span class="s2">"zip"</span> <span class="nx">source_dir</span> <span class="p">=</span> <span class="s2">"</span><span class="k">${</span><span class="nx">path</span><span class="p">.</span><span class="k">module}</span><span class="s2">/lambda"</span> <span class="nx">output_path</span> <span class="p">=</span> <span class="s2">"</span><span class="k">${</span><span class="nx">path</span><span class="p">.</span><span class="k">module}</span><span class="s2">/lambda.zip"</span> <span class="p">}</span> </code></pre> </div> <ol> <li><p><strong>IAM Permissions</strong>: Correctly setting up IAM roles and policies is crucial for services to communicate with each other</p></li> <li><p><strong>Resource Dependencies</strong>: Terraform automatically handles dependencies between resources, but understanding the order of creation is important</p></li> <li><p><strong>State Management</strong>: Unlike manual deployment, Terraform maintains a state file that tracks all resources, making updates and destruction much easier</p></li> <li><p><strong>API Gateway Configuration</strong>: Setting up the correct integration between API Gateway and Lambda requires careful configuration of routes and permissions</p></li> </ol> <p>By implementing the infrastructure with Terraform, I gained the ability to recreate the entire backend stack with a single command and make consistent, version-controlled changes to the infrastructure.</p> <p>The complete Terraform code is available in my GitHub repository, but these key components illustrate the approach to automating the infrastructure deployment.</p> <h2> Automating with GitHub Actions </h2> <p>With the backend and frontend set up, the next step is to automate your deployment process using GitHub Actions. This ensures that every time you push changes to your repository, the updated code is automatically deployed.</p> <h3> Step 1: Set Up a GitHub Actions Workflow </h3> <ol> <li>In your GitHub repository, navigate to the <strong>Actions</strong> tab and click <strong>New workflow</strong>.</li> <li>Select <strong>Set up a workflow yourself</strong>.</li> <li>Replace the default YAML file with the following: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">name</span><span class="pi">:</span> <span class="s">Deploy to S3 and Invalidate CloudFront</span> <span class="na">on</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">main</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">deploy</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout code</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Configure AWS credentials</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">aws-actions/configure-aws-credentials@v1</span> <span class="na">with</span><span class="pi">:</span> <span class="na">aws-access-key-id</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_ACCESS_KEY_ID }}</span> <span class="na">aws-secret-access-key</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_SECRET_ACCESS_KEY }}</span> <span class="na">aws-region</span><span class="pi">:</span> <span class="s">us-east-1</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Sync files to S3</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">aws s3 sync ./frontend s3://your-bucket-name --delete</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Invalidate CloudFront cache</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">aws cloudfront create-invalidation --distribution-id your-distribution-id --paths "/*"</span> </code></pre> </div> <p>Tada! You have now automated deployment!</p> <h2> Conclusion </h2> <p>If you are a beginner, and are looking to use a variety of services in the cloud. I recommend this challenge as it teaches you the essence of AWS services, IaC, and web development. Plus it's also a way to have an online hardcoded resume hosted on cloud! A bit over-engineered for a resume, but at least it is something that can last.</p> aws terraform devops firstpost