2. |In brief|
1. #Serverless – Introduction, Evolution & Advantages
2. AWS Serverless – Example Solution Architecture
DynamoDB – Setup tables/attributes/items
IAM - Required roles
Lambda - Make functions
API Gateway - Appropriate triggers
S3 - Host the static web files
ACM - Generate appropriate certificate
CloudFront - Create a global distribution
Route 53 - DNS redirection
3. AWS Full-Stack Serverless
AWS Amplify – Introduction and Capabilities
3. Career
Principal SDE, SONICWALL, 17+ yrs. industry experience
primarily in systems, cloud (private/public), security, networking
10x multi-cloud certified (GCP, AWS, Azure, CNCF)
Patent (India) in cloud security around distributed data storage
Interested in serverless, containers and cloud native offerings.
Firm believer of a multi-hybrid cloud future
Community
Organizer of GDG Cloud, AWS user Group and Cloud Native
meetup groups in Bangalore
Regular speaker at domestic and international cloud, tech &
security conferences
Multiple hackathon wins in cloud/security topics.
Recognized by Google as a community influencer
[~]$ whoami
runcyoommen
https://runcy.me
4. What does “Serverless” mean?
Reference:
https://en.wikipedia.org/wiki/Serverless_computing
“Serverless computing is a cloud
computing execution model in which the
cloud provider runs the server, and
dynamically manages the allocation of
machine resources.”
12. Pre-requisites to begin
• AWS free-tier account
• Get the source code
https://github.com/roommen/runcystees
• Basic knowledge of Python, HTML, JS, CSS
• A good IDE like Visual Studio Code
• Assumption: You have a registered domain
13. 1. Setting up the DB
• Select ‘DynamoDB’ from the services list
(under Database section)
• Click ‘Create table’ to get started
14. • Provide table name, primary key
• Leave the rest as default settings
15. • Start adding the items by clicking
on ‘Create item’
• Really simple DB schema consisting of
id (Primary key) and desc of the tees
16. 2. Relevant IAM roles
• Select ‘IAM’ from the services list
(under Security, Identity & Compliance)
• Create a new role
• Select Lambda as the service that will use this role
• Click Next to attach the permissions
17. • Attach the below given pre-defined policies
• Add appropriate tags (optional but good practice)
19. 3. Let’s make some ‘FaaS’
• Select ‘Lambda’ from the services list
(under Compute)
• Provide name, runtime and choose the role
20. In this web app example, we have:
Show Tee Description – handled by ShowTeeDesc.py
For Python with Lambda, zip all source code and
dependencies (if any)
21. • Boto3 is the only dependency; it need not be
packaged as it’s part of Python runtime in Lambda
• You should now have
showTeeDesc.zip created
• Verify contents of the zip file - Ensure it looks
identical to screenshot
22. • Now in the Lambda screen, upload the zip file created earlier and
change the Handler info to showTeeDesc.lambda_handler
• The format of Handler should be <python_filename>.lambda_handler
23. • Provide appropriate description
and keep the memory and
timeout as is
• Click on ‘Save’ to create the Lambda function
• Created function will be displayed as below
24. 4. Integration with API Gateway
• Select ‘API Gateway’ from the services
list (under Networking & Content Delivery)
• Click ‘Create API’
• Choose the protocol, name and other details
25. • Choose ‘Create Resource’ from the Actions menu.
• Make sure to ‘Enable API Gateway CORS’
26. Resource created - showteedesc
• Select the resource
and now click ‘Create
Method’
• Choose ‘POST’ method
27. Configure POST method - showteedesc
• Select appropriate region and the function that
we had created earlier for integration
28. • Select a method and click
“Enable CORS”
• On the next screen, leave everything as is and click
“Enable CORS and replace existing headers”
29. • Select “Deploy API” from ‘Actions’
Choose [New Stage] and provide
appropriate values
30. • After deployment, the APIs would be available under stage
• Click on POST method created for /showteedesc and see
the API endpoint
31. • Enable the APIs – Edit the JS function
• Integrate the APIs with the relevant functions
defined in runcystees.js to have it invoked
32. Bringing it all together…
index.html runcystees.js
showTeeDesc.py
SERVERLESS
TRINITY
33. 5. Host web files on S3
• Select ‘S3’ from the services list
(under Storage)
• Click ‘Create bucket’
• Provide appropriate ‘Bucket
name’ and ‘Region’
• Click ‘Create’
34. • Select the bucket that you created earlier
• From the “Properties” tab, select ‘Static
website hosting’
35. • Provide appropriate
‘Index doc’ and hit
Save
• You will now see an
‘Endpoint’ available
which will serve you
the website content
36. • Click on the
‘Permissions’ tab
• Select ‘Bucket Policy’
• Entering the policy makes it world readable
Policy: https://docs.aws.amazon.com/AmazonS3/latest/user-guide/static-website-hosting.html#add-bucket-policy-public-access
37. 6. Generate certificate
• Select ‘Certificate Manager’ from the
services (under Security, Identity & Compliance)
• Click ‘Request a certificate’
• Select ‘Request a public certificate’
• Choose region as N. Virginia
39. • Choose ‘Create record in Route 53’ to make
the appropriate DNS entry for certificates
• An entry would be created under Route 53
• Certificate status would be shown as Issued (~15 mins)
40. 7. Make CloudFront distribution
• Select ‘CloudFront’ from the services
(under Networking & Content Delivery)
• Click ‘Create Distribution’
• Select ‘Web’ as the delivery
method for content
41. • Provide ‘Origin Domain Name’ as the S3 bucket
• Set protocol policy as
‘Redirect HTTP to
HTTPS’
43. • Click on ‘Create Distribution’
• Wait for the distribution to be created (~30 mins)
• Set the default root object as the first html page
44. • Select ‘Route 53’ from the services list
(under Networking & Content Delivery)
8. DNS redirection
• Select the Hosted Zone displayed for
your domain
• Click on the ‘Create Record Set’ button
45. • Create a CNAME record set
• Provide CloudFront domain name as the value
46. • The website is ** NOW LIVE **
https://tees.runcy.me
47. What is AWS Amplify?
Easy to use JavaScript
library and toolchain for
building cloud-powered
mobile and web apps
• Creates and deploys sophisticated
serverless backends – FAST!
48. • CLI provides support for
authentication, analytics,
functions, RESTGraphQL
APIs…
• Toolchain uses AWS
CloudFormation and
enables you to add, modify
and share configurations
49. Hosting for static assets and websites
• Distributes content to end users with low
latency and high data transfer speeds
• Perform local testing of AWS
Lambda functions and deploy
• Provides a secure, durable and
scalable object storage infra
50. Easily create APIs and generate client code
• Define APIs using the
GraphQL Schema
Definition Language (SDL)
• Toolchain expands and transforms a full
CloudFormation template that implements
your data model