Deployment
At this point, you should have your domain and AWS bucket setup.
We need to generate an AWS token that will be used for uploading your static site to S3.
Generating AWS Credentials for upload
If you log in to https://console.aws.amazon.com/ then navigate to IAM section.
Create Group
I create a group, with the following policy attached:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1500205257000",
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::example.com",
"arn:aws:s3:::example.com/*"
]
}
]
}
Cloudfront permission may be scoped to your distribution, which you can find the ARN on the cloudfront distribution details page. I'm using wildcard here.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"cloudfront:*"
],
"Effect": "Allow",
"Resource": "arn:aws:cloudfront::*"
}
]
}
Create User
Create a user and attach the group policy created in earlier step.
Then go to "Security credentials" tab and create access key. Keep copy of credentials in a safe place.
Creating GitHub action
When you do a git push, this GitHub action will build your site, upload it to S3.
You will need to customize this yaml to match your setup. Create a GitHub secret ( under "Settings") on your GitHub repo for your AWS_SECRET_ACCESS_KEY This assumes that when you build your static site, the output is in "build" directory.
name: Deploy
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
env:
AWS_ACCESS_KEY_ID: YOUR_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: 14.x
cache: npm
- name: Deploy to GitHub Pages
run: |
npm ci
npm run build
- uses: reggionick/s3-deploy@v3
with:
folder: build
bucket: example.com
bucket-region: YOUR_BUCKET_REGION
dist-id: YOUR_CLOUDFRONT_DISTRIBUTION_ID
delete-removed: true
private: true