Terraform - Uploading Static Content to Cloud
Sometime ago, I participated of DevOPsTerraform/AWS challenge which should deploy a static website in less than 4 hours.
Challenge
" In a few lines create a very simple API in a language of your choice that returns a secret message. The message is very sensitive so you’ll need to figure out how to best store it. We anticipate that we’ll also need to store some data in a relation database in the future, so our application will also need access to RDS though setting up the connection in your application is extra credit.
Once your API is put together, write a Terraform script to provision and upload the API to be hosted in Elastic Beanstalk along with an RDS instance. We are looking for the use of best security practices in setting up both. "
Approach
We deployed a NodeJS Express application able of retrieving a secret from AWS Secret Manager and to connect to a MySQL database.
All mentioned resources should be deployed on AWS using Terraform.
Some of them are:
- AWS Elastic Beanstalk Environment, Application and Versioning
- AWS IAM rules to allow multi-service communication
- AWS S3 Bucket to keep the application code versioning
- AWS Secret Manager to keep a application secret
- AWS VPC/Subnets/Gateway - To allow Public and Private network access of services
- AWS RDS to deploy a private MySQL database
During Terraform deployment, the application code is copied to S3 and then the new version is deployed into the EBS Environment.