Giters

JuanCanham / ec2dash

SImple Ec2 Dashboard

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

EC2 Dashboard

Validation

This will deploy a simple website (html+typescript) & api (python), to view deployed ec2 instances Authentication is handled by Cognito Deployment is handled by cloudformation (for more details see make file) Integration testing is handled by behave & selenium

Deployment

Initial

  1. Deploy the cloudformation without Certificates make init DOMAIN=example.com
  2. Update DNS Nameservers for the domain to point to the created hostedzone (outputs Nameservers)
  3. Execute the change set against the stack

Manual Updates

Updates can be run with make all DOMAIN=example.com or via CI

CI/CD

CI/CD is automatically configured using OIDC, to enable it commit back the changes in the .github directory that are generated by all, init or configure-ci

The DeploymentRole role cannot deploy IAM changes by design, these must be deployed using a Pull Requests and an admin/authorized user executing the change set.

Operation

User Creation

  1. Browse to chosen domain, click login and sign-up via cognito
  2. Login to the Cognito dashboard and confirm the user
  3. Browse to chosen domain and click login

External Users

To allow login with Google & Facebook:

  1. Create a client on the provider (Google, Facebook)
  2. Run make configure-idp DOMAIN=example.com PROVIDER=(Google|Facebook) ID=1234 SECRET=Hunter1

Architecture

Website

The website is built using typescript and webpack, webpack needs 2 environment variables to be present

  • DOMAIN
  • CLIENT_ID

It's very basic and rolled by hand without a framework.

Pros: Code is simple and can audited Cons: It's probably grown to the point where it would be easier to just use react/similar

API

The api is built as a single file using python3

Very basic

Doesn't handle NextToken to avoid state/gaps/expiry in pagination results

Pros: Code is simple and can audited Cons: single file doesn't transform into testable & deployable easily on lambda

Infrastructure

The infrastructure is built using cloudformation

Integration Tests

Tests are written in behave and test both the API and frontend

Note that the tests requires:

  • A Default VPC to exist (otherwise update tests/steps/instance_cloudformation.yaml)

If running manually, the privilages required can be seen under the DeploymentRole policies

TODO

The following areas could be improved

  • Frontend - Move to framework
    • Move packaging back to webpack
    • automatically re-direct to login page when unauthed
  • API - move to proper repo structure
  • Infrastructure
    • Look into using terraform to configure IDPs

About

SImple Ec2 Dashboard

Languages

Language:Python 46.6%Language:TypeScript 29.8%Language:Makefile 12.7%Language:HTML 8.4%Language:Gherkin 2.5%