Location Based Content with AWS Cloudfront Part I
In this two-part series, we will explore, in-depth, how to build a location based serverless content service with Cloudfront.
Let’s jump into part 1 — Building the S3 Bucket and Lambda function with terraform.
Purpose:
We will use Terraform and AWS to serve our static website with Infrastructure as Code (IaC). In this case we are using Terraform from HashiCorp as it is open source, cross platform compatible and also an industry standard that can handle cloud platforms as well as on premise infrastructure through an extensive set of providers.
What services will we be using?
IaC is the industry standard in all cloud environments. Repeatability, disaster recovery, and standardization are a few of the benefits here along with enforcement of a peer review process before changes are committed to the master branch. This, along with a complete historical record of any changes to the environment in the source controlled repo, ensures logical, reviewed changes and easier audits if the environment may be subject to a regulatory framework.
Cloudfront is where we are serving our Content Delivery Network. Amazon CloudFront is a web service that gives businesses and web application developers an easy and cost effective way to distribute content with low latency and high data transfer speeds. Like other AWS services, Amazon CloudFront is a self-service, pay-per-use offering, requiring no long term commitments or minimum fees. With CloudFront, your files are delivered to end-users using a global network of edge locations. [1]
We will server out static website with Cloudfront to globally in highly available and durable.
S3 is an object storage service offering industry-leading scalability, data availability, security, and performance. Storage, networking, and clustering allow for global clusters with incredibly small latency. Scale storage resources to meet fluctuating needs with 99.999999999% (11 9s) of data durability. In our case we will use S3 to storage our website content on it.
Lambda is AWS’ serverless, event-driven compute service that lets you run code for virtually any type of application or backend service without provisioning or managing servers.
Let’s build it!
Starting with our S3 storage to store our website on it.
Then we need to upload our website content to created S3 bucket.
We upload our index.html, flag.png (default image to server all users except countries has their own content we serve) and flag for countries we want to serve special banner for them (CA, ES, IT, JP, TR and US).
Then we need to deploy our lambda function to re-write url to serve countries content with want to serve.
First important point if you want to use cloudfront function you need to deploy them on us-east-1 region. If you deploy them to another region you will not be able to use them in cloudfront.
Second important point is about lambda role. Lambda Role’s Assume role policy needs to have “lambda.amazonaws.com”, “edgelambda.amazonaws.com” Service principals.
Third important point is about cloudwatch policy. When you create a lambda function with role. You specify lambda cloudwatch resources as
"arn:aws:logs:${data.aws_region.current.name}:*:*"But when you attach a lambda function to cloudfront, it will deployed to edge locations so that you will have many log groups in many AWS locations. If you specify region in role policy, log for your lambda will not generated on other locations and you will miss logs. So that, use “*” for region on log policy resource.
Generated logs will be named like
/aws/lambda/{region-name}.{function-name}Lets deep dive into our lambda function source.
If request is for primary origin we will replace requested URI and add country code as prefix. (This will point us to country folder in S3 bucket)
If request comes to failover origin we do not touch the URI.
With that, we have completed the first step — We have built our infrastructure that will hold our content and serverless functions our application.
In part two, we will be deploying Cloudfront Distribution via Terraform.
