DEV Community

Cover image for Behind the Scenes: Building WordPress Static Site Guardian with Kiro
László Tóth
László Tóth

Posted on

Behind the Scenes: Building WordPress Static Site Guardian with Kiro

#kirodotdev #kiro #aws #wordpress

In a recent post I explained how to secure static WordPress exports on AWS with Cognito, CloudFront, and signed cookies. This is the follow-up: a look at how the project itself came together with the help of Kiro.

Starting point

I'm comfortable working with AWS architecture, but I had little hands-on experience with CloudFormation. Writing a full stack by hand would have been slow and error-prone. For the hackathon I wanted to see how far I could get by asking Kiro to generate the stack for me.

The initial prompt described the core idea:

  • S3 bucket for the static export
  • CloudFront with signed cookies for protection
  • API Gateway + Lambda to issue cookies
  • integration points for Cognito through the Gatey plugin

The first generated template wasn't perfect, but it was good enough to get the stack running within a few hours. I only needed to fix some details and adjust resource lifecycles.

Reverse specification

Once the implementation was working, I asked Kiro to generate a "reverse spec" of the actual system. This produced requirements, design, and task lists that matched what I had already built. It might sound redundant, but it was valuable:

  • it confirmed the design was consistent,
  • it gave me a checklist of remaining tasks,
  • and it created documentation that I could share later.

Extra features and validation

Using the spec as a guide, I added missing pieces: cache policies, end-to-end tests, and deployment cleanup checks. I also asked Kiro to validate the system against the spec, which helped catch a few oversights.

What I took away

  • Kiro didn't magically solve everything, but it accelerated the boring parts - large CloudFormation scaffolds that I wasn't used to writing.
  • Having a generated spec after the fact turned out to be a useful way to organize and document the project.
  • With only limited CloudFormation background, I could still publish a complete SAR template in a short amount of time.

If you're curious about the solution itself, see my earlier post: Static WordPress authentication with Amazon Cognito and AWS SAR template.

Top comments (0)