Review of project

There is a lot to take on with an AWS project, but thats true of a Linux hosted traditional app as well. This is, as ever, a reminder for myself.

AWS

I looked at GCP and Azure, and kept hitting a moment when it all seemed too tricky/boring. AWS was at first glance easier and more client (techie) friendly. I’m now in my 3rd weekend of AWS so I will stick with it.

GoLang

I like typed languages, and I like Lambdas. Go is the first native cloud language and compiles to be tiny and fast. So, its going to cheaper, more climate friendly (less CPU cycles), and so far its been fun.

Reactjs

In 2018 I spiked into Angular and VUE and then Hooks came out and Reachjs with Hooks is simply a very sensible web framework.

What AWS choices?

0 Administrator

Follow best practice and set up an administrator which you are going to use.

Static web content

Follow the guide

1 Domain name

Lets start like this is a proper project, so I want a real domain name.

AWS Route 53 I’ll register foobarshop.com, create a hosted zone.

2. Static website content

CloudFront S3 bucket

In brief: create two buckets, a root one and a subdomain starting www, redirect the subdomain to the root one, then make the root one publicly readable. Finally add a bucket policy - ie click on it, then Permissions tab, Bucket Policy.

Then you go back to route53 and update the record set to route to the two S3 buckets.

User login

This needs a Cognito User Pool, and Identity, with a policy to allow access to APIGateways. Also a client app id which will match the Api gateway. This is all explained and in my previous post.

Potentially I could segment the user base within my domain, so my first set of users will all come to do foobarshop stuff. So I set up:

foobarshop-user-pool

foobarshop_identity_pool

foobarshop-client, with a domain configured.

The APIGateway

Create the lambda, then create the gateway with a path to the lambda. Configure the gateway so accept JWT from the UserPool as issuer, eg a UserPool with an ID of eu-west-1_qN5G8zDuz would create an ussuer in the JWT of: https://cognito-idp.eu-west-1.amazonaws.com/eu-west-1_qN5G8zDuz

The Audience should be the Client App id from above.

So the resources here are:

Api gateway: foobarshop_apigateway

Lambda : foobarshopCart

Api Gateway Authorizer: foobarshop-api-gateway-authorizer