Source code: https://git.io/fjl9A
In our last two blog posts, we did the following things manually using AWS Console
But such kind of deployments requires human intervention, which reduces speed as well as introduces errors. Also, there is no accountability and tracking of what was exactly done. So what is the alternative?
Infrastructure-as-code (IAC)
Modern enterprise use automation for deployment, so that they can do it repeatedly and frequently and keep a track what is being done. This is done by codifying all activity related to deployment and storing them in version control systems. This is known as Infrastructure-as-code (IAC)
Amazon, in year 2016, did 60 million deployments. That comes to about 1 deployment per second. This can only be done by following principles of IAC. One of the ways of automating deployment is by using AWS CLI (command-line interface).
So, in this blogpost, lets look at how we can deploy API and Lambda using AWS CLI.
Make sure to delete whatever was done before so we can start on a clean slate.
Configure Lambda Security using AWS CLI
As you may remember from our previous discussion, Lambda function can only do activities that they are permitted to do. This is configured using Roles, Policies and Permissions. So let’s create the required configuration
STEP-1:
Create a folder structure as shown below
STEP-2:
Create a file that contains permissions to work with CloudWatch.
Create a file cloudwatch_permissions.txt under scripts folder and add the following contents to it.
STEP-3:
Using the permissions file, create a Policy.
Right-click on scripts folder, Open Terminal Here and execute the following command
STEP-4:
Create a file in scripts folder named lambda_role_trust.txt and put following contents in it.
This file is used by Lambda to assume the role we are going to create.
STEP-5:
Create Role
Result:
STEP-6:
Now we will attach the policy to role.
For this we need to get Policy ARN. So, grab policy ARN from above screen or go to AWS IAM >> Policies and search for the policy we created, open it and make note of the ARN.
arn:aws:iam::<YOUR_ACCOUNT_ID>:policy/test_lambda_iam_policy
Execute the following script
Result:
This completes security configuration required.
Create Lambda function using AWS CLI
STEP-1:
Create an index.js file under Blog7 folder
Copy the following contents in index.js
exports.handler = (event, context, callback) => {
var result = “Your Full Name is ” + event.firstName + ” ” + event.lastName;
callback(null, result);
};
STEP-2:
Now go to your terminal window and execute the following command
zip function.zip index.js
Result:
STEP-3:
Now grab ARN of Role from above or AWS IAM console
arn:aws:iam::<YOUR_ACCOUNT_ID>:role/test_lambda_iam_role
Execute the following command to create Lambda function
Result:
This completes creation of Lambda function. You can verify by going to Console.
Step-4:
Lets try testing the Lambda function individually. This can be done by invoking it at command-line using the following script
Execute the following command
Result:
You can check the result by the outputfile.txt file generated in the same folder
Create API using AWS CLI
Please follow the below steps one by one to setup the API
STEP-1:
Command:
Result:
STEP-2
Make note of id in above step (9dykwxbb88) and use that value below
Command:
Result:
STEP-3:
Again, make note of id (f3h77aa5u2) and use it in below command
Command:
Result:
STEP-4:
Same as above, take id (hutcsi) and use it below
Command:
Result:
STEP-5:
Now just keep executing all below commands as it is.
Command:
Result:
STEP-6:
Command:
Result:
STEP-7:
Command:
Result:
STEP-8:
Command:
Result:
This completes creation of our API as shown below
Now take Invoke URL by clicking Stages on left-side menu and then clicking on test
Final Testing
Open postman and test using the following settings
Method: GET
Url: <Your Invoke url> (append /fulllname at the end of your url)
Body >> raw >> JSON (application/json)
Body data: {“firstName”: “Jason”,”lastName”: “Bourne”}
And you should see response as “Your Full Name is Jason Bourne”. This completes deployment of Lambda and API using automated scripts.
Clean up
We will Delete all the resources created using scripts. Execute the following scripts to complete cleanup
Conclusion
As you can see, there is a lot of work involved in writing the scripts. However if you want to do automation using AWS CLI, you have to learn this. But the good news is, there are better alternatives available for easier deployment and we will look at them in future. For now this is it.
The final Cloud9 IDE folder structure looks like this
Happy Clouding!
Adventures In Cloud 
[…] our last blog post, we saw how to automate deployment using AWS CLI. In this one, we will explore one more method of […]
LikeLiked by 1 person
[…] Using AWS CLI […]
LikeLiked by 1 person
[…] are already familiar with other ways provided by AWS for resource creation like AWS Console, AWS CLI, AWS SAM, AWS CloudFormation etc. Now we have one more option […]
LikeLiked by 1 person