Deploy Static AI API Endpoints Using DigitalOcean Spaces

Question

Pulumi · Accepted Answer

If you want to deploy static AI API endpoints using DigitalOcean Spaces, you'd typically follow these steps:

1. Set up a DigitalOcean Spaces bucket to store your API files.
2. Upload the API endpoint files to your bucket.
3. Depending on your setup, configure a CDN (Content Delivery Network) and set up appropriate access and CORS (Cross-Origin Resource Sharing) policies.

Below is a Pulumi Python program that sets up a DigitalOcean Spaces bucket, uploads an example API file, and configures CORS for public access, assuming your static API endpoints are public:

```python
import pulumi
import pulumi_digitalocean as digitalocean

# Create a new DigitalOcean Spaces bucket where you'll store your static API files.
api_bucket = digitalocean.SpacesBucket("apiBucket",
    name="my-api-bucket",
    # Region should be set based on where you'd like your bucket to be located.
    region="nyc3", 
)

# Upload a static API endpoint file to the bucket.
# In a real-world scenario, you would replace `'./my-static-api-endpoint.html'`
# with the path to your actual API file.
api_endpoint_object = digitalocean.SpacesBucketObject("apiEndpointObject",
    bucket=api_bucket.name,
    key="my-static-api-endpoint.html",
    content_type="text/html",
    # The source argument specifies the file to be uploaded to the bucket.
    source=pulumi.FileAsset("./my-static-api-endpoint.html"), 
)

# Set up a CORS policy for the bucket to allow web clients to access the API endpoints.
# This simplistic configuration allows access from any origin. In a production environment,
# you should restrict this to known origins for security reasons.
cors_policy = digitalocean.SpacesBucketCors(
    "corsPolicy",
    bucket=api_bucket.name,
    cors_rules=[{
        "allowed_headers": ["*"], # Allowing all headers
        "allowed_methods": ["GET"], # Assuming your endpoints are read-only. Adjust if needed.
        "allowed_origins": ["*"], # Allowing all origins. Should be more restrictive in production.
        "max_age_seconds": 3600,
    }],
)

# Export the endpoint URL for easy access
pulumi.export("endpoint_url", pulumi.Output.concat(
    "https://", api_bucket.name, ".nyc3.digitaloceanspaces.com/", api_endpoint_object.key
))
```

### Explanation:

#### Resources:

- **SpacesBucket:** This resource is used to create a new bucket in DigitalOcean Spaces. Buckets are standalone containers where you can store and retrieve any amount of data.

- **SpacesBucketObject:** Once the bucket is created, we use this resource to upload static files to the bucket. Each file you upload will become a "bucket object."

- **SpacesBucketCors:** This resource is used to set Cross-Origin Resource Sharing (CORS) policies on your bucket. Since you're serving an API, you will need to configure CORS rules to control how your API is accessed by other sites.

#### How It Works:

1. **Bucket Creation:** The `api_bucket` is a SpacesBucket resource specifying the name and region for your Space which will hold your static API files.

2. **File Upload:** The `api_endpoint_object` represents a single API endpoint file that you're uploading to the bucket.

3. **CORS Setup:** The `cors_policy` is used to define the CORS settings for your Space, allowing clients from any domain to perform `GET` requests. This is suitable for a public API, but should be locked down in a production environment to only allow specific origins.

4. **Endpoint URL Export:** The pulumi.export line creates an output that will display in your Pulumi stack, showing the URL where your API endpoint can be accessed.

Each of these resources is managed by Pulumi, meaning Pulumi handles the creation, updates, and deletion of these resources for you as part of your infrastructure's lifecycle.

Make sure to replace `'./my-static-api-endpoint.html'` with the path to your own API endpoint files, and to adjust the CORS policy to match your security requirements.

To run this Pulumi program:

1. Install Pulumi and configure it to use DigitalOcean.
2. Copy the program into a file named `__main__.py`.
3. Run `pulumi up` in the same directory as your `__main__.py` file. Pulumi will execute the code and create the infrastructure.

As you evolve your infrastructure, Pulumi enables you to safely and predictably update the infrastructure by running `pulumi up` and shows you a preview of the changes before applying them. If you later want to remove the infrastructure, running `pulumi destroy` will tear down all the resources defined by the program.