Using aws ec2 with cloudfront
TypeScriptWhen you're looking to build infrastructure on AWS using Pulumi, you often have to combine various services to achieve your end goal. For example, if you want to utilize an EC2 instance and deliver content through CloudFront, you'd set up an EC2 instance to host your application or content and then use CloudFront as your content delivery network (CDN) to cache and deliver the content to users with low latency.
In this scenario, we'll first create an EC2 instance where you can deploy your application. We will use Amazon Machine Image (AMI) to bootstrap the server with an operating system, install necessary software, and configure settings. A security group will also be set up to define the rules for incoming and outgoing traffic for the EC2 instance.
Next, we would create a CloudFront distribution. This distribution will have origins—sources from which CloudFront gets the content. In this case, the origin would be the EC2 instance. CloudFront will then deliver content through a global network of edge locations. When a user requests content, CloudFront will route the request to the nearest edge location, so content is delivered with the best possible performance.
Here's how you would setup an EC2 instance and a CloudFront distribution using Pulumi and TypeScript:
import * as aws from "@pulumi/aws"; import { Output } from "@pulumi/pulumi"; // Your EC2 Instance configuration might look like this const ec2Instance = new aws.ec2.Instance("my-app-instance", { // The type of instance to start instanceType: "t2.micro", // Find the latest Amazon Linux AMI in the region ami: aws.getAmi({ owners: ["137112412989"], // This is the Amazon account ID for Amazon Linux 2 AMI mostRecent: true, filters: [{ name: "name", values: ["amzn2-ami-hvm-*-x86_64-gp2"], }], }).then(ami => ami.id), // Associate a security group vpcSecurityGroupIds: [aws.ec2.SecurityGroup.get("default", "default").then(sg => sg.id)], // Use the standard user name for Amazon Linux keyName: "my-key-pair", }); // Extract the public IP for further use const ec2PublicIp: Output<string> = ec2Instance.publicIp; // Pulumi's abstraction to create a CloudFront distribution const distribution = new aws.cloudfront.Distribution("my-cdn-distribution", { enabled: true, origins: [{ originId: ec2Instance.urn, domainName: ec2PublicIp.apply(ip => `${ip}.compute-1.amazonaws.com`), // Constructed domain name customOriginConfig: { originProtocolPolicy: "http-only", httpPort: 80, httpsPort: 80, originSslProtocols: ["TLSv1.2"], }, }], defaultCacheBehavior: { targetOriginId: ec2Instance.urn, viewerProtocolPolicy: "allow-all", allowedMethods: ["GET", "HEAD", "OPTIONS"], cachedMethods: ["GET", "HEAD"], // Define cache behavior settings... }, // Additional settings like price class, custom error responses, etc. // ... viewerCertificate: { cloudfrontDefaultCertificate: true, }, }); // Export the distribution's domain name so it can be accessed easily after deployment export const cdnUrl = distribution.domainName;
In the above program, we're defining an EC2 instance with a specific AMI and instance type. We're also associating it with the default security group for simplicity, and assuming that you have a key pair named 'my-key-pair' already created in your AWS account. You might need to change these details based on your actual setup.
For the CloudFront distribution, we've instructed it to use the public IP address of the EC2 instance (not recommended for production but keeps the example simple), and created a custom origin pointing to our server. We're only allowing HTTP traffic for brevity and using default TLS settings. Finally, we export the URL of the distribution so you can then navigate to it once everything is deployed.
Make sure to replace
'my-key-pair'
with your actual key name and modify the EC2 instance details and the CloudFront distribution settings as needed for your specific use case.After deploying this Pulumi program, you will be able to access the content on your EC2 instance through the returned
cdnUrl
which will be routed through CloudFront's diverse network of edge locations.