Getting Started With AWS Lambda Part I

Serverless architecture is growing in popularity and the biggest player in this space is Amazon Web Services' (AWS) Lambda service. In this post, I will walk through the steps of setting up lambda functions to access a DynamoDB table.

What Is "Serverless" Architecture?

The first time I heard the term "Serverless" I was confused. How can an app run without a server? The term "Serverless" is a misnomer and in fact I personally don't really care for it; however, naming things is one of the hardest problems in computer science.1 Serverless simply refers to the fact that you as the developer don't have to manage or concern yourself with any underlying server infrastructure. All you have to do is worry about your code.

In addition to the obvious benefit of not having to manage a server, Serverless has many additional benefits. For example, unlike running your own virtual server where you would pay for idle time, with Serverless you only have to pay for when your functions execute, which can be a huge cost savings. Also, with Serverless you do not have to worry at all about scalability as in the case of AWS Lambda your functions are infinitely scalable out of the box. Therefore, you don't have to worry about load balancing or adding additional server instances to accommodate spikes in web traffic.

The Application

The application we're building here is a simple CRUD back-end for an app to manage food recipes. In part I we'll setup the DynamoDB table and Lambda functions. In part II we'll connect our Lambda functions to the AWS API Gateway so that a JavaScript app can consume the recipe data over HTTP.

Creating a DynamoDB Table

DynamoDB is AWS's NoSQL service, so if you're familiar with MongoDB or CoucheDB, the overall concept is the same. To setup a new table, login to your AWS console and navigate to the DynamoDB service. From there create a new table named "recipes" with a primary key of "id".

steps to create a DynamoDB Table

IAM Policies and Roles

In AWS user authentication and authorization is managed via the Identity Access Management (IAM) service. IAM can be overwhelming as it is extremely granular in how it allows identities (users) and resources (AWS services) access to the various AWS services. That being said, I'm only going to give a brief explanation about Policies and Roles; however, I highly recommend learning more about IAM in the IAM documentation.

The key concept to keep in mind when you're working with AWS services is that each service is stand alone, so when you need service A to interact with service B, you must give service A permission to do so, and this is where Policies and Roles come into play.

Creating an IAM Policy

So we need to give our Lambda function a Role that will allow it to interact with the DynamoDB table we just created.

First let's create an IAM Policy. An IAM policy is essentially a json list that defines permissions for an Identity or Resource. In other words, a Policy defines what an Identity or Resource can or can't do. For example, our Lambda functions are Resources that need permission to read/write to a DynamoDB table so we must create a Policy that allows this.

To create our policy, navigate to IAM, select policies, and click "Create Policy". From there you must do the following:

  1. Choose service - Select DynamoDB
  2. Action - Check All DynamoDB actions (dynamodb:*)
  3. Resource - Choose "Specific" then in the table section and enter the ARN of the recipes table
  4. Click "Review Policy"
  5. Give it a name (recipe_lambda_policy) and save
steps to create an IAM policy

Creating an IAM Role

Now that we have a policy granting access to our recipes table, we need to create an IAM Role and attach our newly created policy to it.

steps to create an AWS IAM role

Creating Our Lambda Functions

Now let's create our first Lambda function. This function, which we'll call "newRecipe", will be responsible for saving a new recipe to our recipes table. Navigate to the AWS Lambda service and create a new function, select the runtime you'd like to use, for this demo we'll use Node 8.10, and finally choose the IAM Role you created earlier.

steps to create a Lambda function

Each Lambda function gives you an IDE to edit the code of the function from within your browser. Copy the code below into the the IDE and click "save". For the sake of simplicity, you'll notice the values are hard-coded. In the next post I'll show you how to pass outside arguments to the function using the API Gateway.


const AWS = require("aws-sdk"); const docClient = new AWS.DynamoDB.DocumentClient({region: 'eu-central-1'}); const table = "recipes"; exports.handler = function (event, context, callback) { var title = "Spaghetti Bolognese"; var params = { TableName:table, Item:{ id : '50a52de6-60f6-11e8-9c2d-fa7ae01bbebc', title : title }, ReturnValues: 'ALL_OLD' }; docClient.put(params, function(err, data) { if (err) { console.log(err); callback(null, "an error occurred"); } else { console.log(data); callback(null, "success"); } }); };

Testing Our Function

Once you've entered the code and saved it, it's now time to test the function. Lambda offers a test button in the interface to trigger the function manually. For the first test you'll have to setup a new test event. For this demo, you can just select the Hello World test event template, name it "test" and click save. Then click the orange test button. If you go to the recipes table you should see a new item saved.

steps to test a Lambda function

References

  1. https://martinfowler.com/bliki/TwoHardThings.html

Tags: AWS, APIs, Serverless, Lambda