The repository contains a Terraform configuration for deploying a static site to AWS S3 bucket and exposing it using AWS CloudFront. The site is protected by a basic authentication using Lambda@Edge.
The static site is located in public directory. Currently it contains an awesome CSS based visualization borrowed from CodePen: CSS Mars Landing. The authentication is achieved using Lambda@Edge Python function located in aws_lambda directory. It is a good security practice to store secrets in AWS Secrets Managers, however, this example utilizes a flat-file for credentials storage which is later bundled together with the Lambda function.
The Lambda@Edge does not allow usage of environment variables, however, this functionality could be still achieved by using python-dotenv and .env file. Additionally, this provides a good example of how to bundle the Lambda function with third party dependencies.
# create local Python virtual environment
python3 -m venv .venv
# activate virtual environment
. .venv/bin/activate
# install dependencies
pip install -r local.txt
# create credentials store and configure users
./passwd.py
Welcome to the basic password manager.
Please enter your username:
vaidas
Please enter your password:
Password:
# configure AWS CLI credentials
aws configure
# set Terraform variables using .env file
make .env
# or
cp sample.env .env
# load .env values to the current environment
export $(cat .env| xargs)
# test lambda function
make test
# deploy the site
make deploy- Adding Authentication to Static Sites with AWS Lambda
- Tutorial: Creating a simple Lambda@Edge function
- Lambda@Edge Design Best Practices
- Lambda@Edge event structure
- AWS Lambda context object in Python
- Lambda@Edge example functions
- Creating AWS Lambda environment variables from AWS Secrets Manager
- Restrictions on edge functions
- Redirect static websites on AWS with Lambda@Edge
- Uploading Multiple files in AWS S3 from terraform
- Deploy Python Lambda functions with .zip file archives
- CodePen: CSS Mars Landing
- How To Hash Passwords In Python