Boneless: AWS

Design and layout of the AWS Boneless infrastructure

AwCsAaCaPwltPpldIwoaIiom.ut.uiGddiGddnaoFcaoF.tmr.tmrdeaodeaoowinowinmantmantay.:ay.:i:ci:cnono.m.mccoommLSLSa3a3m:m:bbdSdAatad:a:mtiFiAnrcdomPnFiatinneleneAldsPISPAS3:DataFilesDynamoDB

This probably looks complicated, but don’t worry: it is. I wanted separation from the administrative side of things and the frontend, so I hid each component behind its own subdomain. This was all before I got to the point of implementing AWS Cognito for access control.

DynamoDB has a row size limit of 400 KB and I know from experience that some of the stuff posted in the past could potentially exceed that. This is where the Data Files S3 Bucket comes into play: all the metadata is stored in DynamoDB, but a copy of the metadata and the content is stored in a file on S3. If I know the ID of the item I want, it actually only goes to S3 since I also store the metadata with the content.

The two API Gateways are actually built from the same base code, except the Frontend returns text/html and only allows GET requests, while the API accepts POST requests and returns JSON. Since the CMS is based on a “Document” object instead of individual types of objects (Page, Post, etc), there are fewer endpoints to configure on the API. The frontend was a little tricky at first, but it accepts all requests on / and then forwards any path information down in the request object.

The infrastructure is based on a collection of stacks built with the Cloud Development Kit (CDK). The stacks are compiled and sent to AWS as a CloudFormation where the configurations are compared and changes deployed.

DatabaseStack

The DynamoDB table as well as an S3 bucket are in the DatabaseStack. Parting them out into their own stack allows for their configured endpoints to transfer into the other, lower stacks.

StaticStack

Static resources on the frontend are stored in the StaticStack, which is just an S3 bucket with CloudFront for public access. The API sends files directly to the S3 bucket and the API generates signed PUT URLs for the admin panel to send file data directly to the bucket.

ApiStack

The heart of the entire system is the API utilized by the admin panel. This stack needs access to the resources in DatabaseStack and StaticStack in order to operate. The resources are passed in via environment variables when the application executes in the Lambda environment. In front of the Lambda function is an API Gateway which handles the gate-keeping of endpoints leading to the Lambda function.

FrontendStack

The website frontend serves directly from another API Gateway instance. This API Gateway is configured to send every path to the same Lambda function for processing. If the path is valid, templates are compiled and HTML is returned to the user.

AdminStack

The AdminStack is very similar to the StaticStack with the S3 bucket backing CloudFront to deliver a React admin panel. The admin panel is compiled with the location of the API URL.