This is a Node based lambda microservice package created by AWS-Architect.
Visit the changelog.
- Install NodeJS (nodejs8.10 this is what lambda uses) & npm
curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash - sudo apt-get install -y nodejs
- Your user will need access to the following resources (or the continuously deployment user):
- Development time resources (identical for deployment CI), example security policy
- Service runtime resources (for testing only, not required, execute lambda, api gateway access, etc...)
Development is templated using the make.js file. All the needed actions are present there. For ease, the AWS Architect to managed as a npm package. So all functionality is available directly from native nodejs, no having to write shell scripts just do some simple development.
- Website is created from the content directory.
- Lambda functions are created from the
src/index.js
source. npm install
: Install necessary dependencies.npm run build
ornode make.js build
: Builds and run unit tests.sudo npm start
: Runs the microservice locally, it inhabits the api and lambda functions using nodejs express.npm run deploy
: Deploys the package to AWS.
npm install
npm run build
AWS Architect uses OpenAPI Factory to convert the src/index.js
into a node server API used by node-express
. This can be loaded, and the server can be started by running
npm install
npm run start
* Using the built in make.js file
npm install
npm run deploy
* Configure awsArchitect
let packageMetadataFile = path.join(__dirname, 'package.json');
let packageMetadata = require(packageMetadataFile);
let apiOptions = {
sourceDirectory: path.join(__dirname, 'src'),
description: 'This is the description of the lambda function',
regions: ['us-east-1']
};
let contentOptions = {
bucket: 'WEBSITE_BUCKET_NAME',
contentDirectory: path.join(__dirname, 'content')
};
let awsArchitect = new AwsArchitect(packageMetadata, apiOptions, contentOptions);
- Create a project in Google: https://console.developers.google.com/project
- Enable and Manage API's
- Credentials: OAuth 2.0 and Client IDs: Create a new client id, and use this in the later steps. You will have to set up the redirects to actually work on login successes
- Create a new Identity pool to associate with the application (save the IdentityPoolId)
- Add in the google client to the IdentityPool
- [Optional: used for non-REST Lambdas] Create a UserRole, set it to have access to API Gateway and Cognito Sync using the IdentityPoolId
- Set the Trust Policy to be (based on Amazon Docs):
- Set the permission policy to be example user role permissions
- Create a Service Role, to have access to the back end AWS needed resources: example service user permissions and example trust relationship.
content/index.html
:- Update google usercontent token (
google-signin-client_id
) in the index.html with client id. - Update
IDENTITY_POOL_ID
with the identityPoolId
- Update google usercontent token (
TL;DL
- Static content =>
content/index.html
- Lambda function =>
src/index.js
- From CloudWatch Rules:
{
"SourceAccount": { "Ref": "AWS::AccountId" },
"SourceArn": {
"Fn::Join": [
"",
[
"arn:aws:events:",
{ "Ref": "AWS::Region" },
":",
{ "Ref": "AWS::AccountId" },
":rule",
"/",
{ "Ref": "serviceName" },
"-*"
]
]
}
}
- From CloudWatch Logs:
{
"SourceAccount": { "Ref": "AWS::AccountId" },
"SourceArn": {
"Fn::Join": [
":",
[
"arn:aws:logs",
{ "Ref": "AWS::Region" },
{ "Ref": "AWS::AccountId" },
"log-group",
"*",
"*"
]
]
}
}
- From SES:
{
"SourceAccount": { "Ref": "AWS::AccountId" }
}
- From API Gateway:
{
"SourceAccount": { "Ref": "AWS::AccountId" },
"SourceArn": {
"Fn::Join": [
"",
[
"arn:aws:execute-api:",
{ "Ref": "AWS::Region" },
":",
{ "Ref": "AWS::AccountId" },
":",
{ "Ref": "ApiGateway" },
"/*"
]
]
}
}