Tutorial Launch Saleable Streamlit dashboards @ AWS — part 4

Deploy a professional streamlit/python solution launched at Amazon AWS with S3, Fargate, Cognito

In part 4 we want to connect the created web service to your domain. I will use the work done of part 1+2+3.

Overview of the tutorial parts:
- introduction of this tutorial (part 0)
- using a file in streamlit saved in AWS and upload a new one (part 1)
- make a docker container and uploading to AWS ECS (part 2)
- launching this container as a fargate service (part 3)
- connecting the service to your Route53 hosted zone (part 4)
- integrating authentication with Cognito (part 5)
- bonus session: using the streamlit upload button for saving files at AWS S3 — after 100 claps
- bonus session: integrate prophet in streamlit and host it — after 200 claps

What we want to do here?

We want to connect the running service and task of your cluster to our domain. In this part we make the web service useable for everyone without authentication — this will be part 5.

Rework the security group of part 3

In part 3 we defined a security group of the service with an inbound rule that the service is direct accessible in the internet via IP. This we have to rework now because we want to be sure that the input traffic comes from the load balancer. Especially later when we integrate the authentication we want to be sure that there is no way around it. So open the EC2 and click on the left menu the “security groups” and take the security group of your service.

Click on “Edit inbound rules” to get to the relevant screen. Here click “Add Rule” and add a next row. Instead of public access (0.0.0) we define the security group of the load balancer.

After this we delete the first row. The final rule should look like this

After saving the rule the web service shouldn’t be reachable with the IP-adress. So now we want to connect the web service to a domain.

Connecting the web service to a domain

For this step we change to “Route 53” panel.

Here we see our domains and hosted zones. For the next steps you need a registered domain at AWS — I have two already and therefore AWS created automatically a “Hosted zone”.

So click on a domain name and you see the records as subdomains etc. In the next step click on “Create record”

Here we define a simple routing for the connection to the web service.

In the “Record name” we define the name of our subdomain. As “Record type” we select “A…” and choose to route the traffic to your load balancer. After this click on “Define simple record” — and everything is done.

Now you see the defined record in your hosted zone. Give AWS some hours to enable the routing

What we have done here?

We connected a domain with the web service that every customer can use it.

What’s next?

Last step is enabling a user authentication that the web service is only visitable for our customers.

Overview of the tutorial parts:
- introduction of this tutorial (part 0)
- using a file in streamlit saved in AWS and upload a new one (part 1)
- make a docker container and uploading to AWS ECS (part 2)
- launching this container as a fargate service (part 3)
- connecting the service to your Route53 hosted zone (part 4)
- integrating authentication with Cognito (part 5)
- bonus session: using the streamlit upload button for saving files at AWS S3 — after 100 claps
- bonus session: integrate prophet in streamlit and host it — after 200 claps