Explore full-stack cloud-native web application development with Green Boost
Ben Stickley and Amiin Samatar, Amazon Web Services
Summary
In response to the evolving needs of developers, Amazon Web Services (AWS) recognizes the critical demand for an efficient approach to developing cloud-native web applications. The AWS focus is on helping you to overcome common roadblocks associated with deploying web apps on the AWS Cloud. By harnessing the capabilities of modern technologies such as TypeScript, AWS Cloud Development Kit (AWS CDK), React, and Node.js, this pattern aims to streamline and expedite the development process.
Underpinned by the Green Boost (GB) toolkit, the pattern offers a practical guide to constructing web applications that fully use the extensive capabilities of AWS. It acts as a comprehensive roadmap, leading you through the process of deploying a fundamental CRUD (Create, Read, Update, Delete) web application integrated with Amazon Aurora PostgreSQL-Compatible Edition. This is accomplished by using the Green Boost command line interface (Green Boost CLI) and establishing a local development environment.
Following the successful deployment of the application, the pattern delves into key components of the web app, including infrastructure design, backend and frontend development, and essential tools such as cdk-dia for visualization, facilitating efficient project management.
Prerequisites and limitations
Prerequisites
- Git - installed 
- Visual Studio Code (VS Code) - installed 
- AWS Command Line Interface (AWS CLI) installed 
- AWS CDK Toolkit installed 
- Node.js 18 - installed, or Node.js 18 with pnpm - activated 
- pnpm - installed, if it isn't part of your Node.js installation 
- Basic familiarity with TypeScript, AWS CDK, Node.js, and React 
- An AWS account bootstrapped by using AWS CDK in - us-east-1. The- us-east-1AWS Region is required for support of the Amazon CloudFront Lambda@Edge functions.
- AWS security credentials, including - AWS_ACCESS_KEY_ID, correctly configured in your terminal environment
- For Windows users, a terminal in administrator mode (to accommodate the way pnpm handles node modules) 
Product versions
- AWS SDK for JavaScript version 3 
- AWS CDK version 2 
- AWS CLI version 2.2 
- Node.js version 18 
- React version 18 
Architecture
Target technology stack
- Amazon Aurora PostgreSQL-Compatible Edition 
- Amazon CloudFront 
- Amazon CloudWatch 
- Amazon Elastic Compute Cloud (Amazon EC2) 
- AWS Lambda 
- AWS Secrets Manager 
- Amazon Simple Notification Service (Amazon SNS) 
- Amazon Simple Storage Service (Amazon S3) 
- AWS WAF 
Target Architecture
The following diagram shows that user requests pass through Amazon CloudFront, AWS WAF, and AWS Lambda before interacting with an S3 bucket, an Aurora database, an EC2 instance, and ultimately reaching developers. Administrators, on the other hand, use Amazon SNS and Amazon CloudWatch for notifications and monitoring purposes.

To gain a more in-depth look at the application after deployment, you can create diagram by using cdk-dia

These diagrams showcase the web application architecture from two distinct angles. The cdk-dia diagram offers a detailed technical view of the AWS CDK infrastructure, highlighting specific AWS services such as Amazon Aurora PostgreSQL-Compatible and AWS Lambda. In contrast, the other diagram takes a broader perspective, emphasizing the logical flow of data and user interactions. The key distinction lies in the level of detail: The cdk-dia delves into technical intricacies, while the first diagram provides a more user-centric view.
Creation of the cdk-dia diagram is covered in the epic Understand the app infrastructure by using AWS CDK.
Tools
AWS services
- Amazon Aurora PostgreSQL-Compatible Edition is a fully managed, ACID-compliant relational database engine that helps you set up, operate, and scale PostgreSQL deployments. 
- AWS Cloud Development Kit (AWS CDK) is a software development framework that helps you define and provision AWS Cloud infrastructure in code. 
- AWS Command Line Interface (AWS CLI) is an open-source tool that helps you interact with AWS services through commands in your command-line shell. 
- Amazon CloudFront speeds up distribution of your web content by delivering it through a worldwide network of data centers, which lowers latency and improves performance. 
- Amazon CloudWatch helps you monitor the metrics of your AWS resources and the applications you run on AWS in real time. 
- Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the AWS Cloud. You can launch as many virtual servers as you need and quickly scale them up or down. 
- AWS Lambda is a compute service that helps you run code without needing to provision or manage servers. It runs your code only when needed and scales automatically, so you pay only for the compute time that you use. 
- AWS Secrets Manager helps you replace hardcoded credentials in your code, including passwords, with an API call to Secrets Manager to retrieve the secret programmatically. 
- AWS Systems Manager helps you manage your applications and infrastructure running in the AWS Cloud. It simplifies application and resource management, shortens the time to detect and resolve operational problems, and helps you manage your AWS resources securely at scale. This pattern uses AWS Systems Manager Session Manager. 
- Amazon Simple Storage Service (Amazon S3) is a cloud-based object storage service that helps you store, protect, and retrieve any amount of data.Amazon Simple Notification Service (Amazon SNS) helps you coordinate and manage the exchange of messages between publishers and clients, including web servers and email addresses. 
- AWS WAF is a web application firewall that helps you monitor HTTP and HTTPS requests that are forwarded to your protected web application resources 
Other tools
- Git - is an open-source, distributed version control system. 
- Green Boost - is a toolkit for building web apps on AWS. 
- Next.js - is a React framework for adding features and optimizations. 
- Node.js - is an event-driven JavaScript runtime environment designed for building scalable network applications. 
- pgAdmin - is an open-source management tool for PostgreSQL. It provides a graphical interface that helps you create, maintain, and use database objects. 
- pnpm - is a package manager for Node.js project dependencies. 
Best practices
See the Epics section for more information about the following recommendations:
- Monitor infrastructure by using Amazon CloudWatch Dashboards and alarms. 
- Enforce AWS best practices by using cdk-nag to run static infrastructure as code (IaC) analysis. 
- Establish DB port forwarding through SSH (Secure Shell) tunneling with Systems Manager Session Manager, which is more secure than having a publicly exposed IP address. 
- Manage vulnerabilities by running - pnpm audit.
- Enforce best practices by using ESLint - to perform static TypeScript code analysis, and Prettier - to standardize code formatting. 
Epics
| Task | Description | Skills required | 
|---|---|---|
| Install the Green Boost CLI. | To install Green Boost CLI, run the following command. 
 | App developer | 
| Create a GB app. | 
 | App developer | 
| Install dependencies and deploy the app. | 
 Wait for deployment to finish (approximately 20 minutes). While you’re waiting, monitor AWS CloudFormation stacks in the CloudFormation console. Notice how the constructs defined in the code map to the resource deployed. Review the CDK Construct tree view in the CloudFormation console. | App developer | 
| Access the app. | After deploying your GB app locally, you can access it using the CloudFront URL. The URL is printed in the terminal output, but it can be a bit overwhelming to find. To find it more quickly, use the following steps: 
 Alternatively, you can find the CloudFront URL by accessing the Amazon CloudFront console: 
 Copy the Domain Name that is associated with the distribution. It will look similar to  | App developer | 
| Task | Description | Skills required | 
|---|---|---|
| View the CloudWatch Dashboard. | 
 | App developer | 
| Enable alerts. | A CloudWatch Dashboard helps you to actively monitor your web app. To passively monitor your web app, you can enable alerting. 
 | App developer | 
| Task | Description | Skills required | 
|---|---|---|
| Create an architecture diagram. | Generate an architecture diagram of your web app by using cdk-dia 
 | App developer | 
| Use cdk-nag to enforce best practices. | Use cdk-nag to help you maintain secure and compliant infrastructure by enforcing best practices, reducing the risk of security vulnerabilities and misconfigurations. 
 | App developer | 
| Task | Description | Skills required | 
|---|---|---|
| Acquire environment variables. | To obtain the required environment variables, use the following steps: 
 | App developer | 
| Establish port forwarding. | To establish port forwarding, use the following steps: 
 | App developer | 
| Adjust the Systems Manager Session Manager timeout. | (Optional) If the default 20-minute session timeout is too short, you can increase it up to 60 minutes in the Systems Manager console by choosing Session Manager, Preferences, Edit, Idle session timeout. | App developer | 
| Visualize the database. | pgAdmin is a user-friendly open-source tool for managing PostgreSQL databases. It simplifies database tasks, allowing you to efficiently create, manage, and optimize databases. This section guides you through installing pgAdmin 
 | App developer | 
| Task | Description | Skills required | 
|---|---|---|
| Debug the create item use case. | To debug the create item use case, follow these steps: 
 
 | App developer | 
| Task | Description | Skills required | 
|---|---|---|
| Set up the development server. | 
 | App developer | 
| Task | Description | Skills required | 
|---|---|---|
| Set up monorepo and the pnpm package manager. | 
 | App developer | 
| Run pnpm scripts. | Run the following commands in the root of your repository: 
 Notice how these commands are run in all workspaces. The commands are defined in each workspace's  | App developer | 
| Use ESLint for static code analysis. | To test the static code analysis capability of ESLint, do the following: 
 | App developer | 
| Manage dependencies and vulnerabilities. | 
 | App developer | 
| Pre-commit hooks with Husky. | 
 These tools are mechanisms to help prevent bad code from making its way into your application. | App developer | 
| Task | Description | Skills required | 
|---|---|---|
| Remove the deployment from your account. | 
 | App developer | 
Troubleshooting
| Issue | Solution | 
|---|---|
| Unable to establish port forwarding | Ensure that your AWS credentials are properly configured and have the necessary permissions. Double-check that the bastion host ID ( If you still encounter issues, see the AWS documentation for troubleshooting SSH connections and Session Manager. | 
| Website isn't loading on  | Confirm that the terminal output indicates successful port forwarding, including the forwarding address. Ensure there are no conflicting processes using port 3000 on your local machine. Verify that the Green Boost application is properly configured and running on the expected port (3000). Check your web browser for any security extensions or settings that might block local connections. | 
| Error messages during local deployment ( | Review the error messages carefully to identify the cause of the issue. Verify that the necessary environment variables and configuration files are correctly set. | 
Related resources