スタートアップランディングページのデプロイ

# Startup Landing Page Deployment
Deploy a production-ready startup landing page with contact form and Stripe payment integration using AWS serverless architecture.
## Requirements
Create a startup landing page that includes:
1. **Modern Landing Page**
   - Responsive design with hero section
   - Pricing plans display ($29/month basic plan)
   - Professional styling and layout
2. **Contact Form Integration**
   - Working contact form with name, email, message fields
   - Backend API processing with validation
   - Data storage in DynamoDB
   - Success/error feedback to users
3. **Stripe Payment Integration**
   - Subscription button for $29/month basic plan
   - Stripe checkout session creation
   - Success and cancel pages for payment flow
   - Proper error handling and user feedback
4. **AWS Infrastructure**
   - S3 bucket for static website hosting (private with CloudFront OAC)
   - CloudFront distribution for global CDN
   - API Gateway REST API with proper CORS configuration
   - Lambda functions for backend processing (Python 3.11)
   - DynamoDB table for data storage
   - IAM roles with least privilege access
## Critical Implementation Requirements
### CORS Configuration
- **MUST** implement OPTIONS method for both `/contact` and `/subscribe` endpoints
- **MUST** include proper CORS headers for browser compatibility:
  - `Access-Control-Allow-Origin: *`
  - `Access-Control-Allow-Methods: POST,OPTIONS`
  - `Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token`
- **MUST** use mock integration for OPTIONS methods with 200 response
### API Gateway Best Practices
- Use separate `aws_api_gateway_stage` resource instead of deprecated `stage_name` attribute
- Include all methods and integrations in deployment dependencies
- Use `create_before_destroy` lifecycle for deployments
### Security Requirements
- Private S3 bucket with CloudFront Origin Access Control (OAC)
- No public S3 bucket access
- HTTPS-only access through CloudFront
- Sensitive variables marked as `sensitive = true`
- IAM roles with minimal required permissions
### Stripe Integration
- Environment variable for Stripe secret key
- Success/cancel pages automatically created and uploaded
- Proper error handling for missing API keys
- Test mode configuration support
## Expected Deliverables
1. **Terraform Infrastructure**
   - Complete IaC with all AWS resources
   - Proper variable configuration
   - Output values for testing
2. **Frontend Code**
   - HTML/CSS/JS for landing page
   - JavaScript integration with APIs
   - Success/cancel pages for Stripe flow
3. **Backend Code**
   - Python Lambda functions
   - Contact form processing
   - Stripe checkout session creation
4. **Testing Documentation**
   - API testing commands
   - Browser testing instructions
   - Stripe setup guide
## Common Issues to Avoid
1. **CORS Errors**: Always implement OPTIONS methods for browser compatibility
2. **API Gateway Deployment**: Use modern stage resource pattern, not deprecated attributes
3. **S3 Security**: Use CloudFront OAC instead of public bucket access
4. **Environment Variables**: Ensure all Lambda functions have required environment variables
5. **Dependencies**: Include all API Gateway resources in deployment dependencies
## Success Criteria
- Contact form works from browser (no CORS errors)
- Stripe integration ready (needs API key configuration)
- All infrastructure deployed via Terraform
- Production-ready security implementation
- Browser-tested functionality
- Clear documentation and testing instructions