Host Your Portfolio on AWS with Infrastructure as Code (IaC)
A follow-up guide for automating hosting a portfolio website on AWS with Infrastructure as Code (IaC) using Troposphere, Boto3, and CloudFormation.
Published Nov 17, 2024
Last Modified Nov 18, 2024
In my previous guide you learned how to host a portfolio website through the AWS Console using S3, CloudFront, Route 53, and Amazon Certificate Manager (ACM), combined with CodeBuild and CodePipeline for CI/CD. While it's an effective solution for one-time setups, it's also a time-consuming manual process. This process can be greatly streamlined and automated using Infrastructure as Code (IaC).
Infrastructure as Code allows cloud infrastructure to be provisioned and managed through code, ensuring consistency, reducing human error, and saving time. With this approach, deploying AWS infrastructure can be achieved in minutes, enabling a scalable and automated workflow for website hosting. The result is an efficient and replicable process for hosting a portfolio website on AWS.
Connect AWS to GitHub by installing a GitHub App and copy the
Connection ARN for later use.- Go to AWS CodePipeline in the AWS Console.
- Under Settings, select Connections, and create a new connection for GitHub.
- During the setup, you’ll be prompted to authorize the connection via GitHub’s OAuth consent screen.
- After authorization, select the specific repositories to connect or allow access to all repositories if desired.
Create a Hosted Zone and copy the
Hosted Zone ID for later use.- Option 1: Purchase and Register a New Domain Directly Through AWS
- A Hosted Zone is created automatically when purchasing a domain through AWS.
- Option 2: Use an Existing Domain from Another Provider
- You must create your own Hosted Zone and configure your domain's Nameservers.
Run
pip install troposphere boto3 python-dotenvCreate a
.env file in your project's root directory, and enter your own information.This tutorial will guide you through creating Troposphere scripts to generate CloudFormation templates. These templates will be deployed as CloudFormation stacks from a Python script utilizing Boto3, provisioning all the AWS resources required to host your portfolio website.
You can either follow along step-by-step to create the scripts or clone my GitHub repo for a quicker setup.
Don't forget to complete the prerequisites above!
This Troposphere script creates a CloudFormation template to deploy a stack that provisions an SSL certificate using AWS Certificate Manager (ACM):
- SSL Certificate Creation: Configures a certificate for the root domain and its
wwwvariant. - Domain Validation: Utilizes DNS validation via a pre-existing Hosted Zone to confirm domain ownership.
- Secure Connections: Enables HTTPS connections for CloudFront distributions using the certificate.
- Cross-Stack Referencing: Exports the certificate's Amazon Resource Name (ARN) to be referenced in other CloudFormation stacks.
Note: CloudFront requires all SSL certificates to be provisioned in theus-east-1region. Since your main stacks may be deployed in other regions, this certificate must be provisioned in a separate stack.
This Troposphere script generates a CloudFormation template to deploy a stack provisioning several key components for hosting the portfolio website:
- S3 Buckets: Creates the main root bucket for content and a secondary bucket for redirecting www-requests to the root bucket.
- S3 Bucket Policy: Defines a policy for the root bucket, granting public read access for website visitors and read access for the CloudFront distribution.
- CloudFront Distributions: Deploys CloudFront distributions for both the main domain and the www-prefixed subdomain, ensuring efficient and secure content delivery.
- Alias 'A' Records: Creates Alias records in the hosted zone, pointing to the CloudFront distributions for domain resolution.
- Cross-Stack Referencing: Exports the 'root' bucket name and the 'root' CloudFront distribution ID to be referenced in other CloudFormation stacks.
This Troposphere script generates a CloudFormation template to deploy a stack provisioning an automated CI/CD pipeline for the portfolio website. The pipeline integrates with GitHub to ensure that any code changes trigger an automatic rebuild and deployment of the website. Key components provisioned by this script include:
- AWS CodeBuild: Builds the website whenever new changes are pushed to the GitHub repository.
- AWS CodePipeline: Orchestrates the CI/CD process, fetching source code from GitHub, triggering the build process, and deploying the output to the designated S3 bucket.
- Build Artifacts S3 Bucket: Creates an S3 bucket to store intermediate build artifacts generated during the pipeline execution.
- IAM Roles: Configures IAM roles for both CodeBuild and CodePipeline, with policies granting the minimum permissions required to interact with AWS resources securely.
This Python script uses Boto3 to deploy the CloudFormation stacks generated by the Troposphere scripts.
Key Features:
- Template Deployment: Deploys the CloudFormation stacks using the templates created in previous steps.
- Region Selection: Allows for flexible deployment across different AWS regions.
- Error Handling: Includes error handling to manage deployment issues gracefully.
- Live Monitoring: Provides real-time feedback on stack creation and updates during the deployment process.
With the prerequisites completed and Troposphere scripts in place, the next step is to generate the CloudFormation templates and deploy the stacks.
Steps:
- Generate CloudFormation
.yamlTemplates
Run the following commands to create the necessary CloudFormation templates:py acm_certificate_template.pypy portfolio_website_template.pypy cicd_pipeline_template.py
- Deploy Your CloudFormation Stacks
Use the deployment script to provision the infrastructure:py deploy_stacks.py
This process builds the infrastructure and automates the deployment of your portfolio website on AWS. Once the stacks are deployed, your website will be live and updated within minutes.
Note: It may take 5-10 minutes for DNS changes to propagate before your site becomes accessible at your domain.
By adopting Infrastructure as Code (IaC) with tools like Troposphere, Boto3, and CloudFormation, you’ve transformed a complex, time-intensive manual process into a streamlined, automated workflow. Through this guide, you’ve learned how to:
- Leverage AWS Services: Set up S3, CloudFront, Route 53, and ACM to host a portfolio website.
- Automate Deployment: Use CodeBuild and CodePipeline to ensure continuous integration and delivery.
- Implement IaC Best Practices: Create modular and reusable CloudFormation templates for managing infrastructure.
This approach builds on the foundations established in the previous tutorial, further simplifying the process of deploying your portfolio while ensuring consistency, scalability, and ease of maintenance. Whether you need to make updates, migrate your infrastructure, or replicate the setup for other projects, IaC provides the flexibility and reliability you need.