Least Privilege Role for Your AWS Static Site

Let’s say you’ve deployed a static site on our AWS account using Cloudfront and S3, such as described in Automated Static Site Deployment in AWS Using Terraform. When it comes time to update its content or tweak some settings, using an all-powerful AWS admin account is bad security practice (not to mention overkill). The Terraform Module I wrote the terraform-static-site-deploy-role Terraform module to make it easier to set up a role that grants just the right amount of access to manage a site’s AWS resources. What it does is quite simple: ...

July 4, 2022 · 2 min · pirx

Automated Static Site Deployment in AWS Using Terraform

This is a quick and reusable way to deploy an AWS-hosted environment for static sites generated by the likes of Hugo and Jekyll. The code is written in Terraform, which allows us to set up (and tear down, if needed) all the necessary components just by running a few commands. I found several good articles and examples online. However, there was not a single source that had everything I needed. My requirements were: ...

May 2, 2022 · 8 min · pirx