Luis  Rodrigues

Luis Rodrigues

1626200700

AWS Lambda & DynamoDB | AWS Serverless tutorial - Part I

In this tutorial as we use AWS Lambda, AWS API Gateway and DynamoDB to create a serverless backend for your application.

Create a Serverless App - Part I
In part I of this AWS Serverless tutorial we create 4 Lambda functions in NodeJS to implement CRUD operations in our DynamoDB database.

Starter code for ‘Create a Serverlesss App’ tutorial:

https://github.com/jspruance/hexal-se…

Completed code for ‘Create a Serverlesss App’ tutorial:

https://github.com/jspruance/hexal-se…

Hexal laambda functions:

https://github.com/jspruance/hexal-la…

Subscribe: https://www.youtube.com/c/CloudPath/featured

#aws #lambda #dynamodb

What is GEEK

Buddha Community

AWS Lambda & DynamoDB | AWS Serverless tutorial - Part I
Christa  Stehr

Christa Stehr

1598408880

How To Unite AWS KMS with Serverless Application Model (SAM)

The Basics

AWS KMS is a Key Management Service that let you create Cryptographic keys that you can use to encrypt and decrypt data and also other keys. You can read more about it here.

Important points about Keys

Please note that the customer master keys(CMK) generated can only be used to encrypt small amount of data like passwords, RSA key. You can use AWS KMS CMKs to generate, encrypt, and decrypt data keys. However, AWS KMS does not store, manage, or track your data keys, or perform cryptographic operations with data keys.

You must use and manage data keys outside of AWS KMS. KMS API uses AWS KMS CMK in the encryption operations and they cannot accept more than 4 KB (4096 bytes) of data. To encrypt application data, use the server-side encryption features of an AWS service, or a client-side encryption library, such as the AWS Encryption SDK or the Amazon S3 encryption client.

Scenario

We want to create signup and login forms for a website.

Passwords should be encrypted and stored in DynamoDB database.

What do we need?

  1. KMS key to encrypt and decrypt data
  2. DynamoDB table to store password.
  3. Lambda functions & APIs to process Login and Sign up forms.
  4. Sign up/ Login forms in HTML.

Lets Implement it as Serverless Application Model (SAM)!

Lets first create the Key that we will use to encrypt and decrypt password.

KmsKey:
    Type: AWS::KMS::Key
    Properties: 
      Description: CMK for encrypting and decrypting
      KeyPolicy:
        Version: '2012-10-17'
        Id: key-default-1
        Statement:
        - Sid: Enable IAM User Permissions
          Effect: Allow
          Principal:
            AWS: !Sub arn:aws:iam::${AWS::AccountId}:root
          Action: kms:*
          Resource: '*'
        - Sid: Allow administration of the key
          Effect: Allow
          Principal:
            AWS: !Sub arn:aws:iam::${AWS::AccountId}:user/${KeyAdmin}
          Action:
          - kms:Create*
          - kms:Describe*
          - kms:Enable*
          - kms:List*
          - kms:Put*
          - kms:Update*
          - kms:Revoke*
          - kms:Disable*
          - kms:Get*
          - kms:Delete*
          - kms:ScheduleKeyDeletion
          - kms:CancelKeyDeletion
          Resource: '*'
        - Sid: Allow use of the key
          Effect: Allow
          Principal:
            AWS: !Sub arn:aws:iam::${AWS::AccountId}:user/${KeyUser}
          Action:
          - kms:DescribeKey
          - kms:Encrypt
          - kms:Decrypt
          - kms:ReEncrypt*
          - kms:GenerateDataKey
          - kms:GenerateDataKeyWithoutPlaintext
          Resource: '*'

The important thing in above snippet is the KeyPolicy. KMS requires a Key Administrator and Key User. As a best practice your Key Administrator and Key User should be 2 separate user in your Organisation. We are allowing all permissions to the root users.

So if your key Administrator leaves the organisation, the root user will be able to delete this key. As you can see **KeyAdmin **can manage the key but not use it and KeyUser can only use the key. ${KeyAdmin} and **${KeyUser} **are parameters in the SAM template.

You would be asked to provide values for these parameters during SAM Deploy.

#aws #serverless #aws-sam #aws-key-management-service #aws-certification #aws-api-gateway #tutorial-for-beginners #aws-blogs

Royce  Reinger

Royce Reinger

1619684055

Triggering AWS Lambda Events with DynamoDB Integration

This is a basic introduction to Lambda triggers that uses DynamoDB as an event source example.

We talk a lot about the more advanced level of Lambda triggers in our popular two-part series: Complete Guide to Lambda Triggers.

We’re going back to the basics this time because skipping some steps when learning something new might get you confused. It tends to get annoying, or it can even make you frustrated. Why?

To understand how something works appropriately and later on to know how to apply your knowledge practically without stress, you must master the particular subject in a particular order.

Let me put it this way: you can’t calculate how fast is a subatomic particle moving in space if it’s 300 lightyears away from the closest planet if you don’t know the basic math, like 3.14 times 42, right?

So, back to our topic here, what are AWS Lambda triggers?

Lambda Triggers Explained with DynamoDB Integration

DynamoDB is an AWS product just like Lambda, and therefore you’re able to create triggers with ease. Triggers are pieces of code that will automatically respond to any events in DynamoDB Streams.

Triggers allow you to build applications that will then react to any data modification made in DynamoDB tables. By enabling DynamoDB Streams on a table, you will be able to associate an ARN with your Lambda function. Instantly after an item in the table is modified, a new record will appear in the table’s stream. When AWS Lambda detects a new stream record, it will invoke your Lambda function synchronously.

Lambda functions can perform any actions you specify, like sending notifications or a workflow initiation.

An example: suppose you have a mobile gaming app that’s writing on a GameScores table. Each time the TopScore attribute of the GameScores table is updated, a corresponding stream record will be written to the table’s stream. You can then set a Lambda function to post a message on social media sites once the event is triggered.

#aws-lambda #aws #aws-services #dynamodb #serverless

Luis  Rodrigues

Luis Rodrigues

1626200700

AWS Lambda & DynamoDB | AWS Serverless tutorial - Part I

In this tutorial as we use AWS Lambda, AWS API Gateway and DynamoDB to create a serverless backend for your application.

Create a Serverless App - Part I
In part I of this AWS Serverless tutorial we create 4 Lambda functions in NodeJS to implement CRUD operations in our DynamoDB database.

Starter code for ‘Create a Serverlesss App’ tutorial:

https://github.com/jspruance/hexal-se…

Completed code for ‘Create a Serverlesss App’ tutorial:

https://github.com/jspruance/hexal-se…

Hexal laambda functions:

https://github.com/jspruance/hexal-la…

Subscribe: https://www.youtube.com/c/CloudPath/featured

#aws #lambda #dynamodb

Salman Ahmad

1613324663

AWS Secrets Manager: How to Manage Credentials in Python

Even though AWS enables fine-grained access control via IAM roles, sometimes in our scripts we need to use credentials to external resources, not related to AWS, such as API keys, database credentials, or passwords of any kind.

There are a myriad of ways of handling such sensitive data. In this article, I’ll show you an incredibly simple and effective way to manage that using AWS and Python.

#aws #aws-lambda #aws-services #pyt #python-tutorials #python-programming #serverless #tutorial

Lindsey  Koepp

Lindsey Koepp

1603594260

Quick Guide to AWS CDK and Serverless with REST API and Data Lake Analytical Querying

This is a hands-on course on how to deploy a fully Serverless web app using the AWS CDK. You will learn how to:

  • Structure **CDK Stacks **to deploy an application from end-to-end
  • Deploy a REST API integrated with AWS Lambda for dynamic requests processing Store data in a fast and cost-effective way with DynamoDB
  • Use DynamoDB streams as a source for Lambda in an event-driven architecture
  • Ingest and manipulate loads of data streams with Kinesis Firehose
  • Deploy and query a Data Lake with AthenaS3 and GlueMonitor your entire application health in a single place using Dashbird

You can use the resources declared in this demo application as a starting point to mix and adapt to your own architectures later, which should save you quite some time.

The App and Architecture

The demo app is a public blog where anyone can read, publish and like posts. It’s available on this link. Go ahead and publish something in the top-left corner (yellow button) and also “like” articles already published. Check out the codebase on this repo.

Frontend

Backend

#serverless #aws-cdk #rest-api #data-lakes #cloud-computing #dynamodb #aws-lambda #tutorial