Unlock Serverless with AWS Lambda and IAM

As I mentioned earlier, we can find the code for our two Lambda functions, create-user and get-user, in their respective folders.

import json
import boto3
Import operating system

client = boto3.client(‘dynamodb’)

table name = os.getenv(“TABLE_NAME”)

def handler(event, _):
body = json.loads(event[‘body’])

data = client.put_item (
tablename=tablename,
article={
‘I would’: {
‘S’: body[‘id’]
},
‘Surname’: {
‘S’: body[‘name’]
}
}
)
answer = {
‘statusCode’: 200,
‘body’: json.dumps({“id”: body[‘id’]”name”: body[‘name’]}),
‘Headlines’: {
‘content-type’: ‘application/json’,
‘Access-Control-Allow-Origin’: ‘*’
},
}
reply

import json
import boto3
Import operating system

client = boto3.client(‘dynamodb’)
table name = os.getenv(‘TABLE_NAME’)
def handler(event, _):

data = client.get_item (
tablename=tablename,
key={
‘I would’: {
‘S’: event[‘pathParameters’][‘id’]
}
}
)

answer = {
‘status code’: 200,
“body”: json.dumps (data[‘Item’]),
‘Headlines’: {
‘content-type’: ‘application/json’,
‘Access-Control-Allow-Origin’: ‘*’
},
}
reply

But the real heart of a serverless project is the template file. This is where all the resources and configuration of your serverless architecture are defined.

AWSTemplateFormatVersion: “2010-09-09”
Transform: AWS::Serverless-2016-10-31
Description: >
User Sam App

An example user API

Global:
Function:
Runtime: python3.9
Time out: 3
Handler: app.handler
Architectures:
– x86_64
Surroundings:
Variables:
TABLE_NAME: !Ref user table

Resources:
CreateUserFunction:
Enter the following: AWS::Serverless::Function
Characteristics:
CodeUri: create_user/
Events:
AccountsAPI:
Type: API
Characteristics:
Path: /Users
Method: mail
Guidelines:
– DynamoDBWritePolicy:
Table name: !Ref user table

GetUserFunction:
Enter the following: AWS::Serverless::Function
Characteristics:
CodeUri: get_user/
Events:
AccountsAPI:
Type: API
Characteristics:
Path: /users/{id}
Method: received
Guidelines:
– DynamoDBReadPolicy:
Table name: !Ref user table

User table:
Enter the following: AWS::DynamoDB::Table
Characteristics:
Table name: user table
Billing mode: PAY_PER_REQUEST
Attribute definitions:
– Attribute name: id
Attribute Type: S
Key scheme:
– Attribute name: id
Key type: HASH

Outputs:
UserAPI:
Description: “API Gateway Endpoint URL for Prod Phase”
Value: !Sub “https://${ServerlessRestApi}.execute-api.${AWS::Region}.amazonaws.com/Prod/users/”

CreateUserFunction:
Description: “Create User Lambda Function ARN”
Value: !GetAtt CreateUserFunction.Arn

CreateUserFunctionIamRole:
Description: “Created implicit IAM role for Create User feature”
Value: !GetAtt CreateUserFunctionRole.Arn

GetUserFunction:
Description: “Get User Lambda Function ARN”
Value: !GetAtt GetUserFunction.Arn

GetUserFunctionIamRole:
Description: “Created implicit IAM role for Get User feature”
Value: !GetAtt GetUserFunctionRole.Arn

User table:
Value: !Ref UserTable
Description: DynamoDb table for storing users

It can definitely look intimidating at first, but let’s walk through each property to understand what each does for us.

Global:
Function:
Runtime: python3.9
Time out: 3
Handler: app.handler
Architectures:
– x86_64
Surroundings:
Variables:
TABLE_NAME: !Ref user table

Under Globals we can define properties for multiple resources at the same time. In this case, all properties under Function apply to all Lambda functions defined in this file. Of note is the handler that specifies the entry point for our functions and the TABLE_NAME environment variable available to our functions to determine exactly which DynamboDB table to read and write from.

Under Resources you can define almost any AWS resource! Feel free to experiment!

Here we have created our two Lambda functions with type AWS::Serverless::Function and our DynamoDB table with type AWS::DynamoDB::Table.

Next, let’s scale up our Lambda function to create users.

CreateUserFunction:
Enter the following: AWS::Serverless::Function
Characteristics:
CodeUri: create_user/
Events:
AccountsAPI:
Type: API
Characteristics:
Path: /Users
Method: mail
Guidelines:
– DynamoDBWritePolicy:
Table name: !Ref user table

Starting from the top, the AWS::Serverless::Function type is actually a unique resource type provided by SAM that implicitly creates resources to help us quickly achieve the Lambda configuration we saw earlier.

Comments are closed.