How AWS Lambda isolates my code

In this module, you use AWS Lambda and Amazon DynamoDB to create a backend process to handle requests for your web application. The browser application that you deployed in the first module allows users to request that a unicorn be sent to a location of their choice. In order for these requirements to be met, the JavaScript running in the browser must call a service running in the cloud.

They implement a lambda function that is called every time a user requests a unicorn. The function selects a unicorn from the fleet, records the request in a DynamoDB table, and then sends a response to the front-end application with details about the unicorn provided.

The function is called in the browser using the Amazon API Gateway. You implement this connection in the next module. In this module you test your function in isolation.

Estimated time for the module: 30 minutes

Services used: AWS Lambda, Amazon DynamoDB

Follow the step-by-step guide below to create your serverless backend process. Click on the number of each step to expand the area.

  • Step 1. Create an Amazon DynamoDB table

    Use the Amazon DynamoDB console to create a new DynamoDB table. Name the table and give it a partition key named with type string. The name of the table and the partition key are case-sensitive. Make sure you use the exact IDs as indicated. Use the default values ​​for the other settings.

    After creating the table, write down the ARN you will need in the next step.

    1. In the AWS Management Console, select Services and then under Databases, choose DynamoDB out.

    2. Choose Create table.

    3. Enter as Table names.Please note that the letters are case-sensitive.

    4. Enter as Partition key and choose String as the key type. Please note that it is case-sensitive.

    5. Uncheck the box Use default settings and choose Create.

    6. Scroll down in the overview area of ​​your new table and make a note of the ARN. You will need this in the next section.

  • Step 2. Create an IAM role for your Lambda function

    An IAM role is assigned to each Lambda function. The role defines which other AWS services the function can interact with. For this workshop, you need to create an IAM role that gives your Lambda function permissions to write logs to Amazon CloudWatch Logs and access to write items to your DynamoDB table.

    Create a new role using the IAM console. Enter as Name and select AWS Lambda as Role Type. You need to attach policies that give your functions permissions to write to Amazon CloudWatch logs and to insert items into your DynamoDB table.

    Attach the managed policy to this role to grant the necessary permissions for CloudWatch Logs. Also, create an inline custom policy for your role that allows the action on the table you created in the previous section.

    1. In the AWS Management Console, click Services then select in the Identity & Compliance section I AM.

    2. Select in the left navigation area Roles and then Create New Role.

    3. Choose Lambda for the role type from the group AWS service and then click Next: Permissions.

      Note: Selecting a role automatically creates a trust policy for your role that allows AWS Services to assume that role on your behalf. If you created this role using the CLI, AWS CloudFormation, or some other mechanism, you provide a trust policy directly.

    4. Enter in the text box filter and check the box next to that role.

    5. click on Next Step.

    6. Enter as Role names a.

    7. Choose Create Role.

    8. Enter in the filter field on the Roles page and select the role you just created.

    9. On the Permissions tab, choose the link Add inline policy in the lower right corner to create a new inline policy.

    10. Choose Choose a service.

    11. Enter in the search box Find a service and choose DynamoDB as soon as it is displayed.

    12. Choose Select actions.

    13. Enter in the search box Filter actions and check the box next to PutItemas soon as it appears.

    14. Select the section Resources out.

    15. If the option Specific is selected, select the "Add ARN" link in the section table (table).

    16. Paste the ARN of the table you created in the previous section into the box Specify ARN for table and choose Add.

    17. Choose Review policy.

    18. Enter a name for the policy and select Create policy.

  • Step 3. Create a Lambda Function to Process Requests

    AWS Lambda runs your code in response to events such as an HTTP request. In this step, you create the core function that handles API requests from the web application to deploy a unicorn. In the next module, you will use Amazon API Gateway to create a RESTful API that provides an HTTP endpoint that can be accessed through your users' browsers. Then you connect the Lambda function created in this step to the API to create a fully functional backend for your web application.

    Use the AWS Lambda console to create a new Lambda function named that will process the API requests. Use the provided example implementation requestUnicorn.js for your function code. Just copy and paste them from the file in the AWS Lambda console editor.

    Make sure to configure your role to use the IAM role you created in the previous section.

    1. Choose Services and then under the Compute section, select Lambda.

    2. click on Create function.

    3. Keep the selection of the standard card Author from scratch at.

    4. Enter in the field Surname a.

    5. Choose Node.js 6.10 For Runtime out.

    6. Make sure that in the drop down menu Role is selected.

    7. Choose from the drop down menu Existing Role out.

    8. click on Create function.

    9. Scroll down to the section Function code and replace the expiring code in the code editor index.js through the content of requestUnicorn.js.

    10. Click in the upper right corner of the page Save.

  • Step 4. Testing the implementation

    In this module, you test the function that you created using the AWS Lambda console. In the next module you add a REST API with API Gateway so that you can call your function through the browser-based application that you provided in the first module.

    1. In the function's main edit screen, select Configure test event from the drop-down list Select a test event ... out.

    2. Keep the selection of Create new test event at.

    3. Enter in the field Event name a.

    4. Copy and paste the following test event into the editor:

    {"path": "/ ride", "httpMethod": "POST", "headers": {"Accept": "* / *", "Authorization": "eyJraWQiOiJLTzRVMWZs", "content-type": "application / json; charset = UTF-8 "}," queryStringParameters ": null," pathParameters ": null," requestContext ": {" authorizer ": {" claims ": {" cognito: username ":" the_username "}}}, "body": "{\" PickupLocation \ ": {\" Latitude \ ": 47.6174755835663, \" Longitude \ ": - 122.28837066650185}}"}
    1. click on Create.

    2. In the main function editing screen, click Test (testing) and make sure that is selected in the drop-down list.

    3. Scroll to the top of the page and expand the section Details of the section Execution results.

    4. Verify that the execution was successful and that the function results look like this:

    {"statusCode": 201, "body": "{\" RideId \ ": \" SvLnijIAtg6inAFUBRT + Fg == \ ", \" Unicorn \ ": {\" Name \ ": \" Rocinante \ ", \" Color \ ": \" Yellow \ ", \" Gender \ ": \" Female \ "}, \" Eta \ ": \" 30 seconds \ "}", "headers": {"Access-Control-Allow- Origin ":" * "}}