Below is a visual representation of the architecture used for our cloud-based solution:
Key Components#
The website is written using a Hugo web framework with the Blowfish styling theme. Code is developed locally and then pushed into a GitLab Project. This project has a pipeline with jobs that build the code to get updated files and deploy code into AWS using a secure AWS IAM User. The user’s credentials are protected within GitLab.
The recently built code is then deployed into an AWS S3 Bucket with Static Site Hosting turned on. This bucket is the origin for an AWS CloudFront deployment. The site is also protected by an AWS Web Application Firewall to help prevent attacks such as Cross-Site Scripting and rate-limit attacks.
AWS Certificate Manager is used to generate custom SSL certs for the website, so HTTPS can be used with the CloudFront deployment. These SSL certs are DNS registered with AWS Route53 to generate the custom URL and make the URL resolvable worldwide.
Future Plans#
Implement visitor counter using AWS DynamoDB connection with AWS API Gateway and AWS Lambda to process the request. Integrate API and Lambda Code into GitLab CI/CD pipeline.
Use either Datadog or AWS CloudWatch to monitor API Gateway and Lambda and use AWS SNS topics for alerting. Integrate into faux Slack channel where ’team’ can get alerts if latency
When everything is stood up, integrate S3, GitLab pipeline IAM User, CloudFront, Certificate Manager, Route53, Lambda, DynamoDB, CloudWatch/Datadog, and API Gateway into CloudFormation to fully automate modular deployments
Feel free to suggest any improvements or leave your feedback below!
Reply by Email