Summary:
This site has been built and running in the AWS cloud indeed. This solution is a "server-less" solution i.e. no self-managed EC2 instance or services is used. All services used in this solution are fully managed by AWS itself. Hence it automagically full-fills all the scalability, performance, and security requirements - and that too at minimal cost (Remember: Pay for what you use not for what you need)!
Architecture Diagram:
Application Components & AWS Services:
Following components and AWS services are used in this solution.
- Container:
- Amazon Elastic Container Registry:
- AWS Lambda:
- Amazon Simple Storage Service (S3):
- Amazon CloudFront:
- AWS WAF (optional):
We all know the power of Containers - build once run anywhere - portability is awesome. So we built a container using Amazon Linux and added our "own" Runtime & Scripts into the container. AWS does provide various base images that are preloaded with a language runtime and other components required to run a container image on Lambda. You just need to add your function code and dependencies to the base image and then package it as a container image. In our case, AWS doesn't provide a base container image for the programming language used so we used a custom runtime. And... most importantly, you can test the Lambda function locally on your PC in the same Docker Container - WooHoo!
Amazon Elastic Container Registry (Amazon ECR) is a fully managed container registry that makes it easy to store, manage, share, and deploy your container images and artifacts anywhere! Thanks to AWS ECR which we used to directly push the docker image we built on our local PC into AWS cloud. And guess what - AWS Lambda can directly build Functions using Container image from ECR. If you are thinking how cumbersome is to push a big Docker image everytime to the ECR, on every single minor change, then let me clarify that it only takes time on first push, and after that it only pushes the changes - so in our case if we change our code, it takes ~5 seconds to build and push our new image to ECR - yet again WooHoo!
And how can one ignore AWS Serverless Compute - no fuss - no maintainance. With AWS Lambda, you can run code for virtually any type of application or backend service - all with zero administration! We just needed to pay for the minutes it takes to build this site - so a cheapest and secure runtime with built-in logging & monitoring - eh! The Lambda function using our custom Contrainer image is run via Amazon EventBridge rule on a set schedule. Multiple Lambda functions can be run them in a desired sequence via AWS Step Functions.
This site is hosted on earth's cheapest yet reliable storage S3 (remember the 11 9s durability ). And yes, we didn't want to make our S3 bucket public adhering to the best architectural practices. So to make it safer we decided to back it via Amazon CloudFront.
As they say Amazon S3 + Amazon CloudFront: A Match Made in the Cloud. Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront offers the most advanced security capabilities, including field level encryption and HTTPS support, seamlessly integrated with AWS Shield, AWS Web Application Firewall and Amazon Route 53 to protect against multiple types of attacks including network and application layer DDoS attacks... plus we also wanted to use the CloudFront analytics - so no need of any other web analytics solution - nice!
AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources. You can get started quickly using AWS Managed rules for WAF, a pre-configured set of rules managed by AWS or if you are after more stringent rules simply use the AWS Marketplace rules from an industry leader of your choice...
Solution Cost:
Excluding free tiers, below cost is taken directly from AWS pricing calculator...- ECR:
- Lambda:
- S3:
- CloudFront:
- WAF (If used):
1 GB per month x 0.10 USD = 0.10 USD
Elastic Container Registry pricing (monthly): 0.10 USD
90 requests x 360,000 ms x 0.001 ms to sec conversion factor = 32,400.00 total compute (seconds)
1 GB x 32,400.00 seconds = 32,400.00 total compute (GB-s)
32,400.00 GB-s x 0.0000166667 USD = 0.54 USD (monthly compute charges)
90 requests x 0.0000002 USD = 0.00 USD (monthly request charges)
Lambda costs - Without Free Tier (monthly): 0.54 USD
Tiered price for: 1 GB
1 GB x 0.0250000000 USD = 0.03 USD
Total tier cost = 0.0250 USD (S3 Standard storage cost)
10,000 PUT requests for S3 Storage x 0.0000055 USD per request = 0.055 USD (S3 Standard PUT requests cost)
10,000 GET requests in a month x 0.00000044 USD per request = 0.0044 USD (S3 Standard GET requests cost)
1 GB x 0.0008 USD = 0.0008 USD (S3 select returned cost)
0.025 USD + 0.0044 USD + 0.055 USD + 0.0008 USD = 0.09 USD (Total S3 Standard Storage, data requests, S3 select cost)
S3 Standard cost (monthly): 0.09 USD
Tiered price for: 1 GB
1 GB x 0.0850000000 USD = 0.09 USD
Total tier cost = 0.09 USD (Data transfer out to internet from United States)
Data transfer out to internet cost: 0.09 USD
1 GB x 0.02 USD = 0.02 USD (Data transfer out to origin from United States)
Data transfer out to origin cost: 0.02 USD
5,000 requests x 0.000001 USD = 0.01 USD (HTTPS requests from United States)
Requests cost: 0.01 USD
0.09 USD + 0.02 USD + 0.01 USD = 0.12 USD (Total cost United States)
CloudFront price United States (monthly): 0.12 USD
CloudFront price United States (monthly): 0.12 USD
CloudFront price Europe (monthly): 0.12 USD
CloudFront price Asia Pacific (monthly): 0.19 USD
Total monthly cost: 0.43 USD
1 Web ACLs per month x 5.00 USD = 5.00 USD (WAF Web ACLs cost)
10 Rules added per Web ACL + 1 Managed Rule Groups = 11.00 Total billable Rules
11.00 Billable Rules per month x 1.00 USD = 11.00 USD (WAF Rules cost)
1 requests per month x 1000000 multiplier for million x 0.0000006 USD = 0.60 USD (WAF Requests cost)
5.00 USD + 11.00 USD + 0.60 USD = 16.60 USD
AWS WAF cost (monthly): 16.60 USD