Tutorial to document the steps to create an AWS Lambda function using the Serverless Framework for NodeJS using the basic “hello world” project.
Background
This is a very basic tutorial on how to use the Serverless Framework to create and deploy AWS Lambda functionality. The patterns used in this tutorial are not to say this is the best practice, but rather, to explore ways in which you can quickly and easily create NodeJS functionality and deploy to AWS Lambda with minimal effort and reasonable defaults.
Note that all instructions within are assumed for an Ubuntu-16.04 installation. While the commands may also work on various other operating systems of the Unix type, your mileage may vary.
In addition, you will need an AWS account to deploy the functionality into - you can, however, perform all of the steps up to the “AWS Deploy” section to get a feel for the framework and run the functionality locally prior to setting up the AWS components if you wish.
NodeJS Setup
To make life easier, we will use nvm for NodeJS versions. First, install the capability (replace the version in the path with whatever version you wish to use/are specified in the installation documentation):
Now that we have nvm installed, we need to install a NodeJS version:
Project Setup
Now that we have our environment configured for NodeJS, we can create our base project structure:
At this point you should have a few default files in the directory:
.gitignore
: Tells git which files to ignore during commitshandler.js
: Main entry point of the Lambda functionserverless.yml
: Configuration for creating the service in AWSpackage.json
: Standard npm dependency and project file
For convenience in project setup, create a new file named .nvmrc
in the root directory with a
single line that reads v6.10.3
. This will ensure that any person wishing to use this project can
rely on NVM to manage the NodeJS version appropriate for the example application.
Then, you can instruct NVM to utilize the correct version moving forward, and install any initial dependencies:
Testing Default Installation
Without any further changes, you can invoke the functionality locally to mimic what the AWS Lambda functionality will invoke. While a disclaimer about this is necessary (given that the environment may differ and it is likely best to do pre-production testing against an actual AWS Lambda setup), it allows for rapid local development and testing.
To test, simply run the following command:
If all went successfully, you should receive an output to the console similar to the following:
You now have a fully functioning Serverless environment that can be run/used locally!
AWS Deploy
Now that you can run things locally, it’s time to deploy your application to AWS. The serverless.yml
file
manages the configurations for how the application is deployed in conjunction with the AWS environment variables
present in your environment for the AWS account you are deploying to.
This tutorial utilizes static AWS credentials through the AWS IAM service. It is desirable to instead utilize the Security Token Service (STS) capability to generate short-lived tokens over persistent/long-living tokens, which may be discussed in future tutorials, but we will defer to persistent IAM security credentials for now.
First, log into your AWS account and navigate to the IAM service and create a security credential for yourself.
Then, for simplicity, we will use the aws
command to configure your profile on the local VM.
In most cases, the AWS_PROFILE
environment variable must be set in order for libraries to automatically detect
the default profile credentials you wish to use (in the case where there are more than one). For consistency, we
will set this variable explicitly to demonstrate how you can change the profile in the case where you have
different secret credentials for different functionalities:
In addition, you will need to ensure that the user you generated credentials for has the respective permissions to be able to deploy AWS Lambda functionality. Obviously fine-grained permissions are desirable, but again, for simplicity, grant the user (through the AWS IAM interface) the Policy “AWSLambdaFullAccess” in order to test this functionality. Later, you will want to restrict the capabilities further to only the fine-grained access the user requires.
The environment should now be set up for deploying the functionality - let’s deploy the Lambda functionality to your AWS account:
After several minutes following multiple verbose output lines, you should see that your Lambda functionality has been successfully created/deployed and ready for test!
Execute the following to test the function:
You should again receive output similar to the following:
If something goes wrong/you do not get the output you expect, you can stream the logs for the function to inspect what might be going on. Open a new tab/window and invoke the following from the project directory:
Finally, if you wish to remove the resources created by the Serverless framework for your project, simply run the following command and all AWS resources allocated will be destroyed:
Next Steps
If you’re interested in continuing to explore, check out this next post that details how to secure data in an AWS Lambda project using the AWS Key Management System.
Credit
The above tutorial was pieced together with some information from the following sites/resources: