Serverless architecture on AWS provides a highly scalable, cost-efficient way to build applications without worrying about the underlying infrastructure. In this blog, we’ll guide you through creating a secure and scalable serverless application on AWS using AWS CLI commands.
etting Up the AWS CLI
To interact with AWS services, you’ll need the AWS CLI installed and configured on your system.
- Install AWS CLI:
pip install awscliConfigure AWS CLI:
aws configure
You’ll be prompted to enter your AWS Access Key, Secret Key, region, and output format.
3. Designing and Deploying a Serverless Application
Architecture Overview
We’ll build a simple serverless web application using AWS Lambda, API Gateway, DynamoDB, and S3.
Creating an S3 Bucket
Store static content like HTML, CSS, and JavaScript files in S3.
aws s3 mb s3://my-serverless-app-bucket
Upload files:
aws s3 cp index.html s3://my-serverless-app-bucket
Creating a DynamoDB Table
Store application data in DynamoDB.
aws dynamodb create-table \
--table-name Users \
--attribute-definitions AttributeName=UserID,AttributeType=S \
--key-schema AttributeName=UserID,KeyType=HASH \
--provisioned-throughput ReadCapacityUnits=5,WriteCapacityUnits=5
Deploying a Lambda Function
Create a Lambda function that handles backend logic.
- Create a deployment package (ZIP) with your code.
zip function.zip index.jsCreate the Lambda function:
aws lambda create-function \
--function-name MyServerlessFunction \
--runtime nodejs14.x \
--role arn:aws:iam::123456789012:role/lambda-ex \
--handler index.handler \
--zip-file fileb://function.zip
Setting Up API Gateway
Create an API to expose the Lambda function.
aws apigateway create-rest-api \
--name 'MyServerlessAPI' \
--description 'API for my serverless app'Deploying the Application
Now, deploy the API using AWS CLI.
- Create a deployment stage:
aws apigateway create-deployment \
--rest-api-id 1234567890 \
--stage-name prod
- Test your API by invoking the endpoint.
curl https://{api-id}.execute-api.{region}.amazonaws.com/prod
Securing the Serverless Application
IAM Roles and Policies
Ensure your Lambda function has the appropriate permissions by attaching a policy to its role.
aws iam attach-role-policy \
--role-name lambda-ex \
--policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRoleEncrypting DynamoDB Data
Enable server-side encryption for your DynamoDB table.
aws dynamodb update-table \
--table-name Users \
--sse-specification Enabled=true
Monitoring and Logging
Use AWS CloudWatch for monitoring your Lambda function.
Setting Up CloudWatch Logs
Ensure your Lambda function is logging correctly.
aws logs describe-log-streams --log-group-name /aws/lambda/MyServerlessFunction
Setting Up CloudWatch Alarms
Create an alarm to monitor the invocation errors.
aws cloudwatch put-metric-alarm \
--alarm-name LambdaErrorAlarm \
--metric-name Errors \
--namespace AWS/Lambda \
--statistic Sum \
--period 300 \
--threshold 1 \
--comparison-operator GreaterThanOrEqualToThreshold \
--dimensions Name=FunctionName,Value=MyServerlessFunction \
--evaluation-periods 1 \
--alarm-actions arn:aws:sns:us-east-1:123456789012:NotifyMe
Regards
osama
Technology Geek 