Doqutore CRM AWS Infrastructure

We are using Typescript and Python throughout the code base.

• Typescript: AWS infrastructure deployment
• Python 3: AWS Lambda

Prerequisites

• JavaScript, TypeScript (Node.js ≥ 10.12.0)
• Python (Python ≥ 3.6)
• NPM 6.12.0+

Steps

To get started with deploying the complete stack follow the steps below. The stacks is divided into threee parts:

• Infrastructure Stack: contains all infrastructure for CRM.
• Frontend Stack: contains the configurations for cloudfront, API Gateway domains and S3 buckets
• Monitoring Stack: contains active monitoring for different components.

1. You have to be in the root of the project to follow the below steps. i.e. venv should be in the root of the folder.
2. Make a new virtual environment for python.

$ python -m venv ./venv

1. Activate virtual environment.
   Windows | Linux/Mac

$ venv\Scripts\activate.bat | $ source ./venv/bin/activate

1. Change directory to infra and install requirements.

$ pip install -r requirements.txt

1. Install Node modules.

$ npm install

1. Transpile TypeScript to JavaScript.

$ npm run build

Deployment

Deployment of the stack involves deploying three seperate stacks, as the later stacks depend on some of the resources in the earlier stacks.

Before deploying the stack, a config file is needed in order to set up the environment. Copy the example below into config.json, making sure the email and githubKey are set up properly.

{
   "env": "dev",
   "prefix": "doqutor",
   "email": "admin@doqutor.com",
   "githubKey": "<github personal acces token>"
}

1. The infrastructure stack has to be deployed first.

   # in this case, the stack name is doqutor infrastructure as the prefix above is doqutor
   cdk deploy "doqutor-infrastructure"
   

2. The frontend stack comes after the intrastructure stack. The frontend depends on the API gateway in order to point it to the correct custom domain. The frontend is written in Cloudformation and therefore must be deployed with the AWS SDK. Before running these steps, make sure youe AWS access keys and secrets are set up properly. The frontend also depends on some parameters such as the route53 hosted zone id and the certificate id which must be set up manually.

   # make sure your --parameter-overrides are set up correctly
   aws cloudformation deploy --template-file lib/frontend-stack.json --stack-name doqutor-frontend \
   --parameter-overrides \
   ParamDomainName=prod.doqutor.me \
   ParamCFCertificateARN=<arn of certificate> \
   ParamZoneId=<route53 zone id for frontend> \
   --capabilities CAPABILITY_NAMED_IAM # required for the creation of the frontend deployment user
   

   _{^{If you want to skip installing front end and their infrastructure, comment out the section below the comment “Front-end IR and Infrastructure” in monitoring-stack.ts}}

3. Finally, we can deploy the monitoring stack. Again, we just use the cdk.

   cdk deploy "doqutor-monitoring"
   

4. Back to step 2, the IAM account created can then be used to set up a GitHub pipeline to redeploy the site in case of modification.

Note: Complete implementation of one of our IRs requires running a python script after deploying. See “Generate honeyrecords” in the incident-response readme.

More information on AWS CDK

Developer Guide | CDK Workshop | Getting Started | API Reference | Examples