This project is one serveless blog created in AWS using S3, API Gateway and lambdas.
Demo
Table of Contents
The project is one blog creates in AWS to prevent the server software usage. This types of server could be a problem because they often be hacked.
This blog contribute a new scheme without tomcat, flask or other type of software to prevent the hacks in the web site. Of course, this solution is one example to show how we can prevent the these types of issues in our webs the most important part of the security is in AWS and how we create de IAM credentials and the configuation permissions of the AWS.
So in this project there are:
- Hosting Static blog in S3
- The blog reads from S3 bucket the posts
- Upload images to S3 with public permissions
- Generate HTML with Lambda functions
- Save HTML files from Lambda to S3
- The creation_from.html is disabled in the demo.!! This section list the frameworks/libraries used to create this blog.
In this section I talk you about how you can import this project to your AWS account to test it.
This is an example of how to list things you need to use the software and how to install them.
- S3 configuration
You have to configure S3 with static host endpoint Hosting Static in AWS
All files in this bucket must be PUBLIC
- IAM premissions
You must create one user to give permissions to put files in S3 you can use the file PutObject.json to create these permissions. This user will used fom the Lambdea functions to generate the HTMLs. The ACCESS_KEY and SECRET_KEY have to be add in the python files in AWS Lambda.
The credentials to read S3 from the HTML you have to fill the information of credentialsS3.js. In this case we don't need a user because we use the cognito-identity directly. The permisions for this new rol can be ListObject.json
Below is the instructions to install the the application in AWS Step by step.
-
Upload all files related with the Web page in S3 bucket configured previouslly. assests, css, js, lib, posts and all html files from the root.
-
Create 1 lambda function to upload files from HTML and copy paste the UploadHTMLFile.py. Remember to add ACCESS_KEY and SECRET_KEY.
-
Create API GateWay (REST API) create a resource and create a POST linked to our lambda funciton. Tutorial. It must to be a POST with Content-Type = "multipart/form-data".
-
Repeat the step 2. and 3. with the lambda function to generate the HTML GenerateHTML.py. But, It must to be a POST with Content-Type = "application/x-www-form-urlencoded".
With the step one you will have a serverless static website and with the other steps you get the necessary functions to create new posts to this website.
This section is to explain how we will use the creation_from.html
To access to this page you have to use: http://{s3.host.url}/creation_from.html
Then, you can start to fill the fields of the form. The most tricky part is the message and the images.
To send a message you have to send HTML code the instructions are below the textarea. E.g.
You can upload one image in one click the image will save into assets/img/ directory.
The Architecture of this project is based with the CQS pattern but in this case I modify some parts of the pattern because the application is single writer - multiple readers
Distributed under the MIT License. See LICENSE.txt for more information.