Skip to content
Alebat

CI / CD S3

CI / CD S3

Create S3 AND CLOUDFRONT

1. Create Bucket S3.

  • Enable static web hosting

  • Give a Bucket policy

    • Public access policy

      {
        "Sid": "AllowPublicAccess",
        "Effect": "Allow",
        "Principal": "*",
        "Action": "s3:GetObject",
        "Resource": "arn:aws:s3:::NOMBRE_DEL_BUCKET/*"
      }

    • Pipeline access policy

      {
        "Sid": "AllowPipelineAccess",
        "Effect": "Allow",
        "Principal": {
          "AWS": "arn:aws:iam::625515098890:root"
        },
        "Action": ["s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectVersionAcl"],
        "Resource": "arn:aws:s3:::NOMBRE_DEL_BUCKET/*"
      }

      NOMBRE_DEL_BUCKET: here use the bucket name.

      "AWS": "arn:aws:iam::625515098890:root": this is the reference of the account where the pipeline will be executed.

2. Create distribution of Cloud Front.

  • Origin domain
    • As origin we must take the website endpoint of the S3 bucket. NOMBRE_DEL_BUCKET.s3-website-eu-west-1.amazonaws.com
  • Behaviors
    • Default behavior Redirect HTTP to https
      Response headers policyname: Managed-SimpleCORS
      Here we can change the TTL of caching objects.
  • Alternate Domain Name
    • We ask for a certificate for the domain that the website will carry.
    • We register the alternative domain.

3. Register in Route 53 the DNS.

  • Take the Distribution domain name, and register the DNS

Create PIPELINE

1. Choose pipeline settings

  • Execution mode: Queued (Pipeline type V2 required)
  • Create new Role: NOMBRE-PROYECTO-frontend_pipeline--ENTORNO_service-role
  • Artifact store: Custom location pipeline-artifacts--ENTORNO
  • Encription key: Default AWS Managed Key

2. Add source stage

  • Source provider: Github (Version 2)
  • Connection: Alebat Github Organization
  • Repository name: Name of the repository
  • Default branch: Name of the trigger branch
  • Output artifact default: Codepipeline default

3. Add build stage

  • Build provider: AWS CodeBuild
  • Region: Europe (Ireland)
    • Create build project:
      • Project name: Name of the project
      • Provisioning model: On-demand
      • Environment image: Managed image
      • Compute: EC2
      • Operating system: Amazon Linux
      • Runtime: Standard
      • Image version: 5.0
      • Service role: New service role NOMBRE-PROYECTO-front_build--ENTORNO_service-role
      • Buildspec Insert build commands
  • Build type: Single build

4. Add deploy stage

  • Deplpoy provider: Amazon S3
  • Region: Europe (Ireland)
  • Bucket: Name of the bucket
  • Extract file before deploy: Yes