4 projects share this repository:
The master account is responsible for the initial setup on AWS for the following components:
- Terraform S3/DynamoDB backend (state management)
- CodePipeline and CodeDeploy for Terraform management responsible for both Terraform AWS master account and
Terraform AWS SWZ News account.
- Pipeline for Terraform has the following steps:
- Pull source
- Terraform plan
- Confirm (Manual approval)
- Terraform apply
- Pipeline for Terraform has the following steps:
Terraform project used to manage SWZ News project infrastructure.
3) Backend
The backend project is a Serverless application responsible for the following endpoints:
- GET /news
- GET /news/:slug
- POST /news
4) Frontend
The frontend is a regular CRA responsible for:
- displaying a list with news
- displaying a news item
The following components have been used to build and run this application
Frontend, API, and Authorization subdomains using HTTPS
Serverless framework orchestration
- Website static files server
- React SPA 404 error handling
- Cache
- Access restricted to The Netherlands
- API Gateway Edge-optimized
Pipeline for testing, building, and deploying both frontend and serverless backend.
Identity manager providing OAuth2 client credentials grant for POST /news endpoint
Storing Terraform state and news
Roles and policies configuring the accesses to the following resources:
- KMS
- CodePipeline
- CodeBuild
Serverless deployment- Serverless Lambda functions
- S3 buckets policies
Cross account roles
Encrypting/decrypting data stored on S3, SQS and API Gateway cache
Serverless functions and SQS consumer
DNS management
- SSL Validations
- Subdomains
- Website
- API
- OAuth2 Token endpoint
Data storage for:
- Pipeline artifacts
- logs
- Serverless deployment artifacts
- Terraform state
File uploads
Simple queue for data coming from POST /news endpoint and processed by a Lambda function
By default, API Gateway allows for up to 10,000 requests per second.
Plus:
Q: How available are AWS Lambda functions?
AWS Lambda is designed to use replication and redundancy to provide high availability for both the service itself and for the Lambda functions it operates. There are no maintenance windows or scheduled downtimes for either.
Q: How do I scale an AWS Lambda function?
You do not have to scale your Lambda functions – AWS Lambda scales them automatically on your behalf.
Cloudfront speeds up distribution of your static and dynamic web content for both API backend and static frontend files.
DynamoDB scalability depends on the min/max levels of read and write capacity. Alternativaly, it's possible to configure the billing mode to on-demand pricing and AWS will take care of the scalability of the database.
For this application it not used on-demand pricing as the project has only data read through CloudFront, which provides a great cache layer for GET requests, and it has SQS for writing data to the database.
SQS doesn't improve writing speed to the database, but it provides a great application decoupling, and a CQRS approach for future developments.