This tutorial guides you through deploying an environment with specific resources in AWS infrastructure.
Prerequisites:
An AWS account with appropriate permissions.
Basic understanding of AWS services (S3, Cognito, DynamoDB, AppSync, RDS, Secrets Manager, CodeBuild)
Environment Naming Convention:
Replace <environment> in the resource names with your desired environment name (e.g., dev, staging, prod).
Here's the steps by Service:
S3 Bucket:
In the S3 console, create a bucket with the name format:
lend2b-files-bucket-<environment>.Add a tag with the key
STAGEand the value as<environment>.In the permissions Tab, edit the Cross-origin resource sharing (CORS) and add the next policy:
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"PUT",
"POST",
"DELETE"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": [],
"MaxAgeSeconds": 3000
}
]
Cognito:
Go to the Cognito service console and create a User Pool.
Define the required attribute
email.Define Multi-factor authentication
No MFAConfigure password policy:
Minimum length: 8 characters
Temporary password expiry: 7 days
Password requirements:
At least 1 number
At least 1 special character
At least 1 uppercase letter
At least 1 lowercase letter
Set up custom attributes:
id(Number)role(String)
Email config set
Send email with CognitoIn the "Advanced security features" section, remove the period (.) from the end of messages.
Set User pool name
<environment> Lend2B UsersSet Initial app client name
lend2b-clientAdd a tag with the key
STAGEand the value as<environment>Add ALLOW_USER_PASSWORD_AUTH to Authentication flows, in App client configurations
DynamoDB:
Notifications
Create a table with the name format:
<environment>-lend2b-notificationsAdd a tag with the key
STAGEand the value as<environment>Define the table schema with the following columns:
Partition key:
entity_id(Number)Sort key:
created_at(Number)
In Aditional Settings tab edit Read/write capacity and set
On-demand
Bitacora
Create a table with the name format:
<environment>-lend2b-bitacoraAdd a tag with the key
STAGEand the value as<environment>In Aditional Settings tab edit Read/write capacity and set
On-demand
AppSync:
In the AppSync console, create a new GraphQL API with Data Source
Start with a DynamoDB tableSpecify API details name like
<environment> Lend2B Notifications API.Select DynamoDB table name
<environment>-lend2b-notificationsDefine a schema with a model named
Lend2bNotifications.Add the Fields
Partition key:
entity_id(Timestamp)Sort key:
created_at(Int)title(String)body(String)variable(String)variable_id(String)read(Boolean)
After creation enter in Settings and set the "Default authorization mode" to "Amazon Cognito User Pool" and select
<environment> Lend2B UsersUser pool
RDS:
Only the first time in DEV environment
Go to the RDS console and create a new DB instance
Set the DB instance identifier:
lend2b-database-devChoose a VPC
lend2b-vpc-vpcSelect a security group named
DatabaseSGAdd a tag with the key
STAGEand the value as<environment>.
Secrets Manager:
Only the first time in DEV environment
In the Secrets Manager console, create two secrets:
Secret name:
<environment>/lend2b/dbSecret type: "Other type of secret"
Secret value type: "Key/value"
Define key-value pairs for username, password, engine, host, port, dbname, and dbInstanceIdentifier.
Tag with
STAGEkey and<environment>value
Parameters Store:
Create Parameter
/lend2b/bucket
/lend2b/region
/lend2b/sgdbid
/lend2b/sglaid
/lend2b/sn1id
/lend2b/sn2id
/lend2b/sn3id
CodeBuild
Create a branch in git project named
<environment>In the CodeBuild console, create a project named
lend2b-codebuild-<environment>Add a tag in Additional configuration with the key
STAGEand the value as<environment>In Source section configure the priver and the branch of the project
In Environment section, Additional configuration select the VPC
lend2b-vpc-vpc, the private subnets and the Security groupLambdaSGDefine environment variables:
ENVIRONMENT |
| PLAINTEXT |
USER_POOL_ID |
| PLAINTEXT |
USER_CLIENT_ID |
| PLAINTEXT |
USER_POOL_NAME |
| PLAINTEXT |
APP_SYNC_ENDPOINT |
| PLAINTEXT |
PREFIX_DATABASE | chile-dev | PLAINTEXT |
In the Buildspec section, select Use a buildspec file and switch to editor. copy and paste the code:
version: 0.2
run-as: root
env:
secrets-manager:
DB_USERNAME: "chile-dev/lend2b/db:username"
DB_PASSWORD: "chile-dev/lend2b/db:password"
DB_ENGINE: "chile-dev/lend2b/db:engine"
DB_HOST: "chile-dev/lend2b/db:host"
DB_PORT: "chile-dev/lend2b/db:port"
DB_NAME: "chile-dev/lend2b/db:dbClusterIdentifier"
parameter-store:
AWS_BUCKET: "/lend2b/bucket"
AWS_SG_DB_ID: "/lend2b/sgdbid"
AWS_SG_ID: "/lend2b/sglaid"
AWS_SN_ID1: "/lend2b/sn1id"
AWS_SN_ID2: "/lend2b/sn2id"
AWS_SN_ID3: "/lend2b/sn3id"
REGION: "/lend2b/region"
phases:
install:
runtime-versions:
nodejs: 20.x
commands:
- yarn install
- yarn global add serverless
pre_build:
commands:
- DATABASE_URL=$(echo "$DB_ENGINE://$DB_USERNAME:$DB_PASSWORD@$DB_HOST:$DB_PORT/$DB_NAME")
# - npx prisma migrate resolve --rolled-back "20240223190221_buyer_not_null"
# - npx prisma migrate reset --force
- npx prisma migrate deploy --schema=./prisma/$ENVIRONMENT/schema.prisma
- npx prisma generate --schema=./prisma/$ENVIRONMENT/schema.prisma
- npx prisma db seed -- --environment $ENVIRONMENT
- ./generate-templates.sh $ENVIRONMENT
build:
commands:
- yarn sls deploy --stage $ENVIRONMENT --region $REGION --config serverless.yml
#- yarn sls deploy --stage $ENVIRONMENT-abl --region $REGION --config sls-abl.yml
#- yarn sls deploy --stage $ENVIRONMENT-erp --region $REGION --config sls-erp.yml
post_build:
commands:
- yarn sls prune -n 2 --stage $ENVIRONMENT --region $REGION --config serverless.yml
#- yarn sls prune -n 2 --stage $ENVIRONMENT --region $REGION --config sls-abl.yml
#- yarn sls prune -n 2 --stage $ENVIRONMENT --region $REGION --config sls-erp.yml
cache:
paths:
- 'node_modules/**/*'
Create a build project
Start Build