How Is This Serverless Tool Built? The PROTOS CloudAdvisor

Our serverless AWS web tool: the PROTOS Technology CloudAdvisor

With CloudAdvisor, we give you the opportunity to get an assessment of your existing cloud infrastructure in just 5 minutes and with only a few clicks. If you haven't yet taken the plunge into the cloud, CloudAdvisor will help you tap into your potential and opportunities in the cloud.

At PROTOS Technologie, we specialize in all things cloud. We designed CloudAdvisor as a tool for our partners, customers, and anyone else who is interested. Naturally, it is cloud-native, serverless, and infrastructure-as-code. Below, we present our implementation of a modern web application that allows for rapid development, simple operation, and high scalability.

Distribution

The easiest way to host a website in the AWS cloud and make it highly available worldwide is to combine an Amazon Simple Storage Service (Amazon S3) bucket with CloudFront distribution. Content is secure in an Amazon Simple Storage Service (S3) bucket because it is stored privately. CloudFront distribution makes the content available to users as part of the Amazon Content Delivery Network (CDN).

AWS offers a range of services that can be used to implement website hosting: for example, AWS Certificate Manager, which allows you to request an AWS-managed SSL/TLS certificate or import an existing one to assign it to CloudFront distribution. In addition, user access can be easily routed using AWS Route53, a highly available and scalable Domain Name System (DNS) service for the cloud.

This means that the essential delivery of content is already possible: users call up a secure URL, for example https://cloudadvisor.protos-cloudsolutions.de, on their end devices, are directed by Route53 to CloudFront distribution, and receive the contents of the S3 bucket, secured with our stored certificate.

Functionality

However, our website or web application should not only display static content, but also have its own functionality. However, without its own compute servers to execute the program code, but serverless – it only responds to on-demand request events. In the AWS Cloud, we use a combination of Amazon API Gateway, for easy creation and management of RESTful APIs, and AWS Lambda, the managed service for on-demand computing power to execute program code.

Lambda forms the core and makes it possible to easily upload program code (Python, JavaScript, Go, etc.) and execute it immediately (Functions-as-a-Service). Integration into the AWS environment is smooth, and access is granted via the standard authorization principle (IAM). This ensures secure access to S3 buckets, for example, or allows API communication via the API Gateway.

A common feature that is often needed is a contact form or some other means of communicating with the user so that you can send them your results at the end, as is the case with CloudAdvisor. To this end, Lambda naturally offers the option of integrating external APIs from, for example, CRM or marketing tools, or of using AWS's own Simple Email Service (SES). This allows the information from the contact form in the front end to be easily and securely transferred to the Lambda function for code execution via API call to your own REST API via the API Gateway. There, data can be processed and additional services can be integrated using the AWS SDK (see, for example, boto3 for Python). This is done securely, in particular, by using the AWS System Manager, which allows you to store API keys and access them securely via its parameter store. Based on the questionnaire responses, results and an email are generated for CloudAdvisor users, which is sent via SES API call.

This gives you every opportunity to integrate a wide variety of systems and connections into your web application and concentrate exclusively on functionality and content. While you focus on your core business, the cloud provider takes care of the complete management of all services and allows scalable and highly available access to your content at all times.

Development

However, the aim is not only to make finished content available in the cloud, but also to benefit from the advantages of modern development paradigms in a cloud environment. That is why both the infrastructure and the content are rolled out using AWS developer tools and their stack for continuous integration and deployment (CI/CD). CloudAdvisor was also developed using a DevOps approach and released to the satisfaction of our product owner after five sprints using agile Scrum methodology.

For the development of the web application, front-end developers have their own access (IAM role) to an AWS CodeCommit repository, AWS's git-based version control service. When they commit changes to the React codebase, an AWS CodePipeline is automatically triggered, which uses AWS CodeBuild to compile and test the changes and initially stores the artifact in an S3 bucket for subsequent deployment by AWS CodeDeploy to the hosting S3 bucket.

Infrastructure management is also carried out by the backend developers via pipeline. Using the open-source tool Terraform, all AWS services and configurations are declared as Infrastructure-as-Code (IaC) and checked into an AWS CodeCommit repository as Terraform code. Changes trigger an AWS CodePipeline, which first tests the Terraform code with AWS CodeBuild (terraform plan) and stores the generated artifact in the designated S3 bucket, before finally executing the Terraform plan (using terraform apply) to provision the changes to the infrastructure specified in the code in the AWS environment.