top of page

Creating infrastructure using Terraform



What Terraform does to configure this infrastructure for this use case:


1. Create a DynamoDb table with indexes.


2. Configure Lambda that invokes an external third-party API to execute a task and after that insert a record in a DynamoDb table.


3. Secret in the AWS Secrets Manager that the lambda will use to get confidential information for invoking external third-party API.


4. Configure a new certificate in AWS Certificate Manager


5. Create a record of this new certificate created in the hosted zone of Route53 for validation.


6. Configure AWS API Gateway that integrates with the lambda

6.1. Configure Api that integrates with lambda and invokes it when traffic is received.

6.2. Configure a new Custom Domain Name that contains the base bath of Api in its API Mapping.

6.3. Configure a stage for deployment.

6.4. Configure Resource Policy to achieve IP Whitelisting so that Api can be accessed from only specific IPs.


7. Create a record of new Custom Domain Mapping created in the Hosted Zone of Route53.


8. Configure required IAM policies and roles.



How this infrastructure works:

  1. The client executes the URL with the required payload.

  2. This request reaches the API in API Gateway via the domain configured in Route53

  3. API Gateway first validates the source IP in the IP Whitelisting configured in the resource policy of API.

  4. If IP is valid, then API invokes the execution of the lambda.

  5. Lambda extracts confidential information from AWS Secrets Manager to invoke an external third-party API for the execution of some specific task.

  6. Once API is invoked successfully and the task is executed, the lambda inserts a record in a DynamoDb table for audit purposes.


Code Repo:


73 views0 comments

Comments


bottom of page