How to build a website from scratch under the AWS free tier (Part II : BackEnd)


What are we going to build ?

The concept of my website is really simple: you pay 5€ for nothing and I send you a bill in which I include an electronic signature.

The setup (if it’s not already done)

  • Login into Amazon’s console and head on to IAM (Identity Access Manager).
  • Click on Users and Add User
  • Name it something like serverless-admin and tick Programmatic Access
  • Then click on Attach existing policies directly and tick AdministratorAccess
  • Click on Next to add Tags if you need them, and Create User to review and create your keys. Store your Access key ID and your Secret key in a safe place as we’re going to use them next.
  • Next open your terminal and type:
serverless config credentials --provider aws --key <Your Access Key> --secret <Your Secret Key>
  • You’re all done !

Building the service

As a reminder, remember that when a user buys nothing, I send them a bill in which I include an lambda generated electronic signature.

  • Get the signature from the website user
  • Check if the signature is authentic
  • Send the answer to the website

The meat

I used this encoding and decoding method explained in this StackOverflow thread. This is not by any means something ultra solid but it does the job for our use case.

The lambda

A lambda is function which takes event and context as arguments. (You can see the test AWS proxy values for both right here)

"body": "eyJ0ZXN0IjoiYm9keSJ9",
"resource": "/{proxy+}",
"path": "/path/to/resource",
"httpMethod": "POST",
"isBase64Encoded": true,
"queryStringParameters": {
"foo": "bar"
"multiValueQueryStringParameters": {
"foo": [
"pathParameters": {
"proxy": "/path/to/resource"
"stageVariables": {
"baz": "qux"

The serverless.yml file

It’s an option file that has to be at the root of your work directory that contains all of the information needed to deploy your lambda.

Deploying and testing our new API

At this point, my local folder contains three files:

| serverless.yml
serverless deploy
Body of the request answer
Status of the request

Lambda Logs

Head on to the lambda dashboard and click on your function. Then click on the Monitoring tab and click on View logs in CloudWatch.

Congrats you have your backend !

You’re all done and it’s all it took, all you have to do next is edit your frontend to include your brand new api.


Through these two articles learnt a few things, namely:

  • How to host a website on S3
  • Distribute it securely with Cloudfront
  • Create a serverless backend with Lambdas
  • Securing your API routes with keys and usage plans
  • Giving a custom domain to your API gateway endpoints
  • Anything else I have not mentioned or detailed



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store