Skip to content

Make Amazon Route53 Optional and Add Amazon CloudFront Configuration Options #122

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Make Amazon Route53 Optional and Add Amazon CloudFront Configuration Options #122

wants to merge 7 commits into from

Conversation

tierfour
Copy link

@tierfour tierfour commented May 2, 2025

Summary

This PR decouples Amazon Route53 as a hard dependency from the infrastructure stack and adds configuration options for Amazon CloudFront. These changes provide greater deployment flexibility for users with different DNS and CDN requirements.

Changes

Amazon Route53 Optionality

  • Added use_route53 boolean variable (default: false) to control Amazon Route53 resource provisioning
  • Modified conditional logic in Amazon Route53 resources across modules to respect this setting
  • Updated DNS record creation to only occur when Amazon Route53 is enabled
  • Ensured hosted zone lookups only happen when Amazon Route53 is enabled

Amazon CloudFront Enhancements

  • Added use_cloudfront boolean variable (default: true) to make Amazon CloudFront optional
  • Added cloudfront_price_class variable to allow price class selection
  • Implemented conditional Amazon CloudFront distribution creation based on the use_cloudfront flag
  • Added dynamic configuration for viewer certificates:
    • Uses custom Amazon Certificate Manager (ACM) certificate when Amazon Route53 is enabled and certificate provided
    • Falls back to Amazon CloudFront default certificate otherwise
  • Updated DNS records to intelligently point to either Amazon CloudFront or Amazon Application Load Balancer (ALB) based on configuration

Integration Improvements

  • Ensured seamless integration between the optional components:
    • When both Amazon Route53 and Amazon CloudFront are enabled, everything works as before
    • When only Amazon CloudFront is enabled (no Amazon Route53), uses Amazon CloudFront's default domain
    • When only Amazon Route53 is enabled (no Amazon CloudFront), points directly to ALB
    • When neither is enabled, relies on direct ALB DNS name

Impact

  • Greater Flexibility: Users can now deploy without Amazon Route53 if they manage DNS elsewhere
  • Cost Optimization: Option to disable Amazon CloudFront for scenarios where it's unnecessary
  • Simpler Deployments: Reduces prerequisites for basic deployments
  • Backward Compatibility: Default Amazon CloudFront setting maintains existing behavior for current users

Testing

  • Verified deployment with Amazon Route53 disabled
  • Verified deployment with Amazon CloudFront disabled
  • Confirmed all combinations work as expected: both enabled, both disabled, and mixed configurations

Documentation

  • Updated documentation to reflect the new configuration options
  • Added examples for different deployment scenarios

dlupescu and others added 7 commits March 26, 2025 19:56
@dlupescu
Minor README.md and code compliance fixes
68b7030 
README.md changes:
- add Cloud9 editor availability info
- add instructions for updating config file with no stack deploy
- add instructions for using the mock load testing server
- replace AWS account IDs with generic references
- remove extra whitespace

litellm-private-load-balancer-ec2 stack:
- disable EC2 instance IMDSv1

gitleaks
- ignore false positives related to sample keys in README and code

semgrep
- ignore false positive in app.py

media
- redact AWS account info in screenshots
Merge branch 'compliance-fixes' into 'main'
71ce3c2 
Minor README.md and code compliance fixes

See merge request stt-tech-core-solutions/guidance-for-running-generative-ai-gateway-on-aws!2
@dlupescu
Add SolutionID and update architecture diagram
6e37f1a
Merge branch 'readme-update' into 'main'
ab9e84b 
Add SolutionID and update architecture diagram

See merge request stt-tech-core-solutions/guidance-for-running-generative-ai-gateway-on-aws!3
fix readme conflicts
ca1b667
fixed CloudFront to ALB connection to use HTTP and not self-signed ce…
67b83c3 
…rt but requiring a secret header value
update AD diagram
b161b09
@tierfour tierfour requested review from dlupescu and mirodrr2 May 2, 2025 13:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dlupescu dlupescu Awaiting requested review from dlupescu

@mirodrr2 mirodrr2 Awaiting requested review from mirodrr2

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tierfour @dlupescu