In Part 2 we talked about deploying the Jekyll site to AWS, and how to update a Jekyll site. Now it’s time to talk about automation. The first thing I chose to automate is the need to create a cache invalidation in CloudFront so that the updated site content would propagate across the CDN.
Creating an invalidation manually in the AWS console or via the AWS CLI is a pretty simple procedure. Automating this step is a bit more involved, but really not too bad.
:exclamation: This workflow results in a Lambda invocation and an SNS Topic notification for every modified file. We will fix it in the next iteration of the workflow.
- Configure a CloudTrail to log events from the S3 bucket
- Confirm event logging in CloudWatch
- Create an SNS topic ‘S3PutObjectEvents’
- Create an EventBridge rule to foward events to ‘S3PutObjectEvents’ SNS topic
- Create a Lambda function called ‘CreateInvalidatoinFn’ with Python boto3 code
- Create an Execution Role to allow Lambbda to perform ‘createInvalidation’‘opeartion against CloudFront
- Attach an Inline Policy to allow Lambda access to certain CloudFront Operations
- Configure ‘CreateInvalidatoinFn’ to be triggered by ‘S3PutObjectEvents’ SNS topic
- Create an SNS topic ‘CreateInvalidationNotify’
- Configure ‘CreateInvalidatoinFn’ Lambda function to send its return to the ‘CreateInvalidationNotify’ SNS topic
- Subscribe to the topic to receive an e-mail notification of a successful invalidation
EventBridge Rule - Event Pattern
Lambda Boto3 Python Code
Timestamp is used to uniquely identify an invocation.