Design a site like this with WordPress.com
Get started

[7] [ProjectX] – Automating Deployment using AWS CLI

Source code: https://git.io/fjl9A

In our last two blog posts, we did the following things manually using AWS Console

  1. Created/Deployed Lambda function and
  2. Created/Deployed API Gateway

But such kind of deployments requires human intervention, which reduces speed as well as introduces errors. Also, there is no accountability and tracking of what was exactly done. So what is the alternative?

Infrastructure-as-code (IAC)

Modern enterprise use automation for deployment, so that they can do it repeatedly and frequently and keep a track what is being done. This is done by codifying all activity related to deployment and storing them in version control systems. This is known as Infrastructure-as-code (IAC)

Amazon, in year 2016, did 60 million deployments. That comes to about 1 deployment per second. This can only be done by following principles of IAC. One of the ways of automating deployment is by using AWS CLI (command-line interface).

So, in this blogpost, lets look at how we can deploy API and Lambda using AWS CLI.

Make sure to delete whatever was done before so we can start on a clean slate.

Configure Lambda Security using AWS CLI

As you may remember from our previous discussion, Lambda function can only do activities that they are permitted to do. This is configured using Roles, Policies and Permissions. So let’s create the required configuration

STEP-1:

Create a folder structure as shown below

STEP-2:

Create a file that contains permissions to work with CloudWatch.

Create a file cloudwatch_permissions.txt under scripts folder and add the following contents to it.

STEP-3:

Using the permissions file, create a Policy.

Right-click on scripts folder, Open Terminal Here and execute the following command

STEP-4:

Create a file in scripts folder named lambda_role_trust.txt and put following contents in it.

This file is used by Lambda to assume the role we are going to create.

STEP-5:

Create Role

Result:

STEP-6:

Now we will attach the policy to role.

For this we need to get Policy ARN. So, grab policy ARN from above screen or go to AWS IAM >> Policies and search for the policy we created, open it and make note of the ARN.

arn:aws:iam::<YOUR_ACCOUNT_ID>:policy/test_lambda_iam_policy

Execute the following script

Result:

This completes security configuration required.

Create Lambda function using AWS CLI

STEP-1:

Create an index.js file under Blog7 folder

Copy the following contents in index.js

exports.handler = (event, context, callback) => {

    var result = “Your Full Name is ” + event.firstName + ” ” + event.lastName;

    callback(null, result);

};

STEP-2:

Now go to your terminal window and execute the following command

zip function.zip index.js

Result:

STEP-3:

Now grab ARN of Role from above or AWS IAM console

arn:aws:iam::<YOUR_ACCOUNT_ID>:role/test_lambda_iam_role

Execute the following command to create Lambda function

Result:

This completes creation of Lambda function. You can verify by going to Console.

Step-4:

Lets try testing the Lambda function individually. This can be done by invoking it at command-line using the following script

Execute the following command

Result:

You can check the result by the outputfile.txt file generated in the same folder

Create API using AWS CLI

Please follow the below steps one by one to setup the API

STEP-1:

Command:

Result:

STEP-2

Make note of id in above step (9dykwxbb88) and use that value below

Command:

Result:

STEP-3:

Again, make note of id (f3h77aa5u2) and use it in below command

Command:

Result:

STEP-4:

Same as above, take id (hutcsi) and use it below

Command:

Result:

STEP-5:

Now just keep executing all below commands as it is.

Command:

Result:

STEP-6:

Command:

Result:

STEP-7:

Command:

Result:

STEP-8:

Command:

Result:

This completes creation of our API as shown below

Now take Invoke URL by clicking Stages on left-side menu and then clicking on test

Final Testing

Open postman and test using the following settings

Method: GET

Url: <Your Invoke url> (append /fulllname at the end of your url)

Body >> raw >> JSON (application/json)

Body data: {“firstName”: “Jason”,”lastName”: “Bourne”}

And you should see response as “Your Full Name is Jason Bourne”. This completes deployment of Lambda and API using automated scripts.

Clean up

We will Delete all the resources created using scripts. Execute the following scripts to complete cleanup

Conclusion

As you can see, there is a lot of work involved in writing the scripts. However if you want to do automation using AWS CLI, you have to learn this. But the good news is, there are better alternatives available for easier deployment and we will look at them in future. For now this is it.

The final Cloud9 IDE folder structure looks like this

Happy Clouding!

Advertisement

3 thoughts on “[7] [ProjectX] – Automating Deployment using AWS CLI

  1. […] our last blog post, we saw how to automate deployment using AWS CLI. In this one, we will explore one more method of […]

    Liked by 1 person

  2. […] are already familiar with other ways provided by AWS for resource creation like AWS Console, AWS CLI, AWS SAM, AWS CloudFormation etc. Now we have one more option […]

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: