Route 53 registered and configured domain
X.509 certificates for the domain. Let's Encrypt is recommended.
First there needs to be X.509 certificates placed in this project's directory. There is a provided script (
prebuild.sh) that copies Let's Encrypt certificates from the default
~/.acme.sh/ location to the default filename locations after modifying the "domain" variable within the script.
Then a zip file needs to be created with the Lambda function code. This can be done on OSX by running
zip lambda.zip lambda-function.py.
.envrc and edit the
.envrc file to include the AWS credentials.
variables.tf and edit the
variables.tf file to fit your environment. At a minimum
route53_domain need to be changed. If your certificate names are different from
ca.crt, they need to be changed here.
At this point, running
terraform init will download the AWS provider package and otherwise initialize terraform locally.
terraform apply and type 'yes' when prompted if you are sure you want to continue.
After about 120 seconds the infrastructure will be setup and you will be able to make API calls against the invoke URL. The CloudFront endpoints can take up to 40 minutes to setup. As an alternative to the CloudFront A records, you can (temporarily) setup a CNAME to hit the invoke URL domain while CloudFront sets up. An example is provided in
api-gw-dns.tf, comment out the A record portion and uncomment the CNAME record portion and run
terraform apply again.
terraform destroy and type 'yes' when prompted if you are sure you want to continue. About 60 seconds later, everything has been deleted except for any logs that may have been generated in CloudWatch.
See my blog post here.