Le traduzioni sono generate tramite traduzione automatica. In caso di conflitto tra il contenuto di una traduzione e la versione originale in Inglese, quest'ultima prevarrà.
Procedura dettagliata - Parte 2
AWS Solutions Constructs è supportato sulle versioni CDK ≥ 1.46.0.
Questo tutorial illustra come modificare l'app «Hello Constructs» creata inPART 1: . La nostra modifica aggiungerà un contatore di visite del sito utilizzando il modello AWS Lambda a DynamoDB da AWS Solutions Constructs. La modifica dell'app Hello Constructs si tradurrà nella seguente soluzione:
Codice Lambda del contatore di colpo
Iniziamo scrivendo il codice per la funzione Hit Counter AWS Lambda. Questa funzione:
-
incrementare un contatore correlato al percorso API in una tabella Amazon DynamoDB,
-
richiamare la funzione Hello AWS Lambda a valle,
-
e restituire la risposta all'utente finale.
- TypeScript
-
Aggiungere un file denominatolambda/hitcounter.jscon i seguenti contenuti:
const { DynamoDB, Lambda } = require('aws-sdk');
exports.handler = async function(event) {
console.log("request:", JSON.stringify(event, undefined, 2));
// create AWS SDK clients
const dynamo = new DynamoDB();
const lambda = new Lambda();
// update dynamo entry for "path" with hits++
await dynamo.updateItem({
TableName: process.env.DDB_TABLE_NAME,
Key: { path: { S: event.path } },
UpdateExpression: 'ADD hits :incr',
ExpressionAttributeValues: { ':incr': { N: '1' } }
}).promise();
// call downstream function and capture response
const resp = await lambda.invoke({
FunctionName: process.env.DOWNSTREAM_FUNCTION_NAME,
Payload: JSON.stringify(event)
}).promise();
console.log('downstream response:', JSON.stringify(resp, undefined, 2));
// return response back to upstream caller
return JSON.parse(resp.Payload);
};
- Python
-
Aggiungere un file denominatolambda/hitcounter.pycon i seguenti contenuti:
import json
import os
import boto3
ddb = boto3.resource('dynamodb')
table = ddb.Table(os.environ['DDB_TABLE_NAME'])
_lambda = boto3.client('lambda')
def handler(event, context):
print('request: {}'.format(json.dumps(event)))
table.update_item(
Key={'path': event['path']},
UpdateExpression='ADD hits :incr',
ExpressionAttributeValues={':incr': 1}
)
resp = _lambda.invoke(
FunctionName=os.environ['DOWNSTREAM_FUNCTION_NAME'],
Payload=json.dumps(event),
)
body = resp['Payload'].read()
print('downstream response: {}'.format(body))
return json.loads(body)
Installare le nuove dipendenze
Ricordarsi di sostituire la versione corretta e corrispondente da utilizzare sia per AWS Solutions Constructs che per AWS CDK nelVERSION_NUMBERcampi segnaposto per ogni comando. Questo dovrebbe essere identico al numero di versione utilizzato per le dipendenze nella prima parte di questa procedura dettagliata. La mancata corrispondenza delle versioni tra i pacchetti può causare errori.
Come al solito, dobbiamo prima installare le dipendenze di cui abbiamo bisogno per l'aggiornamento della nostra soluzione. Innanzitutto, dobbiamo installare la libreria di costrutto DynamoDB:
- TypeScript
-
npm install -s @aws-cdk/aws-dynamodb@VERSION_NUMBER
- Python
-
pip install aws_cdk.aws_dynamodb==VERSION_NUMBER
Infine, installa i costrutti di soluzioni AWSaws-lambda-dynamodbe tutte le sue dipendenze nel nostro progetto:
- TypeScript
-
npm install -s @aws-solutions-constructs/aws-lambda-dynamodb@VERSION_NUMBER
- Python
-
pip install aws_solutions_constructs.aws_lambda_dynamodb==VERSION_NUMBER
Definisci le risorse
Ora, aggiorniamo il nostro codice di stack per accogliere la nostra nuova architettura.
Innanzitutto, importeremo le nostre nuove dipendenze e sposteremo la funzione «Ciao» al di fuori delaws-apigateway-lambdaabbiamo creato nella parte 1.
- TypeScript
-
Modificare il filelib/hello-constructs.tscon gli elementi seguenti:
import * as cdk from '@aws-cdk/core';
import * as lambda from '@aws-cdk/aws-lambda';
import * as api from '@aws-cdk/aws-apigateway';
import * as dynamodb from '@aws-cdk/aws-dynamodb';
import { ApiGatewayToLambda, ApiGatewayToLambdaProps } from '@aws-solutions-constructs/aws-apigateway-lambda';
import { LambdaToDynamoDB, LambdaToDynamoDBProps } from '@aws-solutions-constructs/aws-lambda-dynamodb';
export class HelloConstructsStack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// The code that defines your stack goes here
const helloFunc = new lambda.Function(this, 'HelloHandler', {
runtime: lambda.Runtime.NODEJS_12_X,
code: lambda.Code.fromAsset('lambda'),
handler: 'hello.handler'
});
const api_lambda_props: ApiGatewayToLambdaProps = {
lambdaFunctionProps: {
code: lambda.Code.fromAsset('lambda'),
runtime: lambda.Runtime.NODEJS_12_X,
handler: 'hello.handler'
},
apiGatewayProps: {
defaultMethodOptions: {
authorizationType: api.AuthorizationType.NONE
}
}
};
new ApiGatewayToLambda(this, 'ApiGatewayToLambda', api_lambda_props);
}
}
- Python
-
Modificare il filehello_constructs/hello_constructs_stack.pycon gli elementi seguenti:
from aws_cdk import (
aws_lambda as _lambda,
aws_apigateway as apigw,
aws_dynamodb as ddb,
core,
)
from aws_solutions_constructs import (
aws_apigateway_lambda as apigw_lambda,
aws_lambda_dynamodb as lambda_ddb
)
class HelloConstructsStack(core.Stack):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# The code that defines your stack goes here
self._handler = _lambda.Function(
self, 'HelloHandler',
runtime=_lambda.Runtime.PYTHON_3_7,
handler='hello.handler',
code=_lambda.Code.asset('lambda'),
)
apigw_lambda.ApiGatewayToLambda(
self, 'ApiGatewayToLambda',
lambda_function_props=_lambda.FunctionProps(
runtime=_lambda.Runtime.PYTHON_3_7,
code=_lambda.Code.asset('lambda'),
handler='hello.handler',
),
api_gateway_props=apigw.RestApiProps(
default_method_options=apigw.MethodOptions(
authorization_type=apigw.AuthorizationType.NONE
)
)
)
Successivamente, aggiungeremo ilaws-lambda-dynamodbper costruire il servizio di contatore degli accessi per la nostra architettura aggiornata.
Il prossimo aggiornamento di seguito definisce le proprietà per ilaws-lambda-dynamodbdefinendo la funzione AWS Lambda con il gestore Hit Counter. Inoltre, la tabella Amazon DynamoDB è definita con il nomeHitse una chiave di partizione dipath: .
- TypeScript
-
Modificare il filelib/hello-constructs.tscon gli elementi seguenti:
import * as cdk from '@aws-cdk/core';
import * as lambda from '@aws-cdk/aws-lambda';
import * as api from '@aws-cdk/aws-apigateway';
import * as dynamodb from '@aws-cdk/aws-dynamodb';
import { ApiGatewayToLambda, ApiGatewayToLambdaProps } from '@aws-solutions-constructs/aws-apigateway-lambda';
import { LambdaToDynamoDB, LambdaToDynamoDBProps } from '@aws-solutions-constructs/aws-lambda-dynamodb';
export class HelloConstructsStack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// The code that defines your stack goes here
const helloFunc = new lambda.Function(this, 'HelloHandler', {
runtime: lambda.Runtime.NODEJS_12_X,
code: lambda.Code.fromAsset('lambda'),
handler: 'hello.handler'
});
// hit counter, aws-lambda-dynamodb pattern
const lambda_ddb_props: LambdaToDynamoDBProps = {
lambdaFunctionProps: {
code: lambda.Code.asset(`lambda`),
runtime: lambda.Runtime.NODEJS_12_X,
handler: 'hitcounter.handler',
environment: {
DOWNSTREAM_FUNCTION_NAME: helloFunc.functionName
}
},
dynamoTableProps: {
tableName: 'Hits',
partitionKey: { name: 'path', type: dynamodb.AttributeType.STRING }
}
};
const hitcounter = new LambdaToDynamoDB(this, 'LambdaToDynamoDB', lambda_ddb_props);
const api_lambda_props: ApiGatewayToLambdaProps = {
lambdaFunctionProps: {
code: lambda.Code.fromAsset('lambda'),
runtime: lambda.Runtime.NODEJS_12_X,
handler: 'hello.handler'
},
apiGatewayProps: {
defaultMethodOptions: {
authorizationType: api.AuthorizationType.NONE
}
}
};
new ApiGatewayToLambda(this, 'ApiGatewayToLambda', api_lambda_props);
}
}
- Python
-
Modificare il filehello_constructs/hello_constructs_stack.pycon gli elementi seguenti:
from aws_cdk import (
aws_lambda as _lambda,
aws_apigateway as apigw,
aws_dynamodb as ddb,
core,
)
from aws_solutions_constructs import (
aws_apigateway_lambda as apigw_lambda,
aws_lambda_dynamodb as lambda_ddb
)
class HelloConstructsStack(core.Stack):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# The code that defines your stack goes here
self.hello_func = _lambda.Function(
self, 'HelloHandler',
runtime=_lambda.Runtime.PYTHON_3_7,
handler='hello.handler',
code=_lambda.Code.asset('lambda'),
)
# hit counter, aws-lambda-dynamodb pattern
self.hit_counter = lambda_ddb.LambdaToDynamoDB(
self, 'LambdaToDynamoDB',
lambda_function_props=_lambda.FunctionProps(
runtime=_lambda.Runtime.PYTHON_3_7,
code=_lambda.Code.asset('lambda'),
handler='hitcounter.handler',
environment={
'DOWNSTREAM_FUNCTION_NAME': self.hello_func.function_name
}
),
dynamo_table_props=ddb.TableProps(
table_name='Hits',
partition_key={
'name': 'path',
'type': ddb.AttributeType.STRING
}
)
)
apigw_lambda.ApiGatewayToLambda(
self, 'ApiGatewayToLambda',
lambda_function_props=_lambda.FunctionProps(
runtime=_lambda.Runtime.PYTHON_3_7,
code=_lambda.Code.asset('lambda'),
handler='hello.handler',
),
api_gateway_props=apigw.RestApiProps(
default_method_options=apigw.MethodOptions(
authorization_type=apigw.AuthorizationType.NONE
)
)
)
Successivamente, dobbiamo concedere la funzione Hit Counter creata dallaaws-lambda-dynamodbaggiunto sopra il permesso di richiamare la nostra funzione Hello.
- TypeScript
-
Modificare il filelib/hello-constructs.tscon gli elementi seguenti:
import * as cdk from '@aws-cdk/core';
import * as lambda from '@aws-cdk/aws-lambda';
import * as api from '@aws-cdk/aws-apigateway';
import * as dynamodb from '@aws-cdk/aws-dynamodb';
import { ApiGatewayToLambda, ApiGatewayToLambdaProps } from '@aws-solutions-constructs/aws-apigateway-lambda';
import { LambdaToDynamoDB, LambdaToDynamoDBProps } from '@aws-solutions-constructs/aws-lambda-dynamodb';
export class HelloConstructsStack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// The code that defines your stack goes here
// hello function responding to http requests
const helloFunc = new lambda.Function(this, 'HelloHandler', {
runtime: lambda.Runtime.NODEJS_12_X,
code: lambda.Code.fromAsset('lambda'),
handler: 'hello.handler'
});
// hit counter, aws-lambda-dynamodb pattern
const lambda_ddb_props: LambdaToDynamoDBProps = {
lambdaFunctionProps: {
code: lambda.Code.asset(`lambda`),
runtime: lambda.Runtime.NODEJS_12_X,
handler: 'hitcounter.handler',
environment: {
DOWNSTREAM_FUNCTION_NAME: helloFunc.functionName
}
},
dynamoTableProps: {
tableName: 'Hits',
partitionKey: { name: 'path', type: dynamodb.AttributeType.STRING }
}
};
const hitcounter = new LambdaToDynamoDB(this, 'LambdaToDynamoDB', lambda_ddb_props);
// grant the hitcounter lambda role invoke permissions to the hello function
helloFunc.grantInvoke(hitcounter.lambdaFunction);
const api_lambda_props: ApiGatewayToLambdaProps = {
lambdaFunctionProps: {
code: lambda.Code.fromAsset('lambda'),
runtime: lambda.Runtime.NODEJS_12_X,
handler: 'hello.handler'
},
apiGatewayProps: {
defaultMethodOptions: {
authorizationType: api.AuthorizationType.NONE
}
}
};
new ApiGatewayToLambda(this, 'ApiGatewayToLambda', api_lambda_props);
}
}
- Python
-
Modificare il filehello_constructs/hello_constructs_stack.pycon gli elementi seguenti:
from aws_cdk import (
aws_lambda as _lambda,
aws_apigateway as apigw,
aws_dynamodb as ddb,
core,
)
from aws_solutions_constructs import (
aws_apigateway_lambda as apigw_lambda,
aws_lambda_dynamodb as lambda_ddb
)
class HelloConstructsStack(core.Stack):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# The code that defines your stack goes here
self.hello_func = _lambda.Function(
self, 'HelloHandler',
runtime=_lambda.Runtime.PYTHON_3_7,
handler='hello.handler',
code=_lambda.Code.asset('lambda'),
)
# hit counter, aws-lambda-dynamodb pattern
self.hit_counter = lambda_ddb.LambdaToDynamoDB(
self, 'LambdaToDynamoDB',
lambda_function_props=_lambda.FunctionProps(
runtime=_lambda.Runtime.PYTHON_3_7,
code=_lambda.Code.asset('lambda'),
handler='hitcounter.handler',
environment={
'DOWNSTREAM_FUNCTION_NAME': self.hello_func.function_name
}
),
dynamo_table_props=ddb.TableProps(
table_name='Hits',
partition_key={
'name': 'path',
'type': ddb.AttributeType.STRING
}
)
)
# grant the hitcounter lambda role invoke permissions to the hello function
self.hello_func.grant_invoke(self.hit_counter.lambda_function)
apigw_lambda.ApiGatewayToLambda(
self, 'ApiGatewayToLambda',
lambda_function_props=_lambda.FunctionProps(
runtime=_lambda.Runtime.PYTHON_3_7,
code=_lambda.Code.asset('lambda'),
handler='hello.handler',
),
api_gateway_props=apigw.RestApiProps(
default_method_options=apigw.MethodOptions(
authorization_type=apigw.AuthorizationType.NONE
)
)
)
Infine, abbiamo bisogno di aggiornare il nostroaws-apigateway-lambdaper utilizzare la nostra nuova funzione Hit Counter che è stata fornita conaws-lambda-dynamodbModello di cui sopra.
- TypeScript
-
Modificare il filelib/hello-constructs.tscon gli elementi seguenti:
import * as cdk from '@aws-cdk/core';
import * as lambda from '@aws-cdk/aws-lambda';
import * as api from '@aws-cdk/aws-apigateway';
import * as dynamodb from '@aws-cdk/aws-dynamodb';
import { ApiGatewayToLambda, ApiGatewayToLambdaProps } from '@aws-solutions-constructs/aws-apigateway-lambda';
import { LambdaToDynamoDB, LambdaToDynamoDBProps } from '@aws-solutions-constructs/aws-lambda-dynamodb';
export class HelloConstructsStack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// The code that defines your stack goes here
// hello function responding to http requests
const helloFunc = new lambda.Function(this, 'HelloHandler', {
runtime: lambda.Runtime.NODEJS_12_X,
code: lambda.Code.fromAsset('lambda'),
handler: 'hello.handler'
});
// hit counter, aws-lambda-dynamodb pattern
const lambda_ddb_props: LambdaToDynamoDBProps = {
lambdaFunctionProps: {
code: lambda.Code.asset(`lambda`),
runtime: lambda.Runtime.NODEJS_12_X,
handler: 'hitcounter.handler',
environment: {
DOWNSTREAM_FUNCTION_NAME: helloFunc.functionName
}
},
dynamoTableProps: {
tableName: 'Hits',
partitionKey: { name: 'path', type: dynamodb.AttributeType.STRING }
}
};
const hitcounter = new LambdaToDynamoDB(this, 'LambdaToDynamoDB', lambda_ddb_props);
// grant the hitcounter lambda role invoke permissions to the hello function
helloFunc.grantInvoke(hitcounter.lambdaFunction);
const api_lambda_props: ApiGatewayToLambdaProps = {
existingLambdaObj: hitcounter.lambdaFunction,
apiGatewayProps: {
defaultMethodOptions: {
authorizationType: api.AuthorizationType.NONE
}
}
};
new ApiGatewayToLambda(this, 'ApiGatewayToLambda', api_lambda_props);
}
}
- Python
-
Modificare il filehello_constructs/hello_constructs_stack.pycon gli elementi seguenti:
from aws_cdk import (
aws_lambda as _lambda,
aws_apigateway as apigw,
aws_dynamodb as ddb,
core,
)
from aws_solutions_constructs import (
aws_apigateway_lambda as apigw_lambda,
aws_lambda_dynamodb as lambda_ddb
)
class HelloConstructsStack(core.Stack):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# The code that defines your stack goes here
self.hello_func = _lambda.Function(
self, 'HelloHandler',
runtime=_lambda.Runtime.PYTHON_3_7,
handler='hello.handler',
code=_lambda.Code.asset('lambda'),
)
# hit counter, aws-lambda-dynamodb pattern
self.hit_counter = lambda_ddb.LambdaToDynamoDB(
self, 'LambdaToDynamoDB',
lambda_function_props=_lambda.FunctionProps(
runtime=_lambda.Runtime.PYTHON_3_7,
code=_lambda.Code.asset('lambda'),
handler='hitcounter.handler',
environment={
'DOWNSTREAM_FUNCTION_NAME': self.hello_func.function_name
}
),
dynamo_table_props=ddb.TableProps(
table_name='Hits',
partition_key={
'name': 'path',
'type': ddb.AttributeType.STRING
}
)
)
# grant the hitcounter lambda role invoke permissions to the hello function
self.hello_func.grant_invoke(self.hit_counter.lambda_function)
apigw_lambda.ApiGatewayToLambda(
self, 'ApiGatewayToLambda',
existing_lambda_obj=self.hit_counter.lambda_function,
api_gateway_props=apigw.RestApiProps(
default_method_options=apigw.MethodOptions(
authorization_type=apigw.AuthorizationType.NONE
)
)
)
Review Changes
Costruiamo il nostro progetto ed esaminiamo le modifiche alle nostre risorse che avverranno quando implementeremo questo:
npm run build
cdk diff
Il nostro output dovrebbe essere simile al seguente:
Stack HelloConstructsStack
IAM Statement Changes
┌───┬───────────────────────────────────┬────────┬───────────────────────────────────┬────────────────────────────────────┬───────────┐
│ │ Resource │ Effect │ Action │ Principal │ Condition │
├───┼───────────────────────────────────┼────────┼───────────────────────────────────┼────────────────────────────────────┼───────────┤
│ + │ ${HelloHandler.Arn} │ Allow │ lambda:InvokeFunction │ AWS:${LambdaFunctionServiceRole} │ │
├───┼───────────────────────────────────┼────────┼───────────────────────────────────┼────────────────────────────────────┼───────────┤
│ + │ ${HelloHandler/ServiceRole.Arn} │ Allow │ sts:AssumeRole │ Service:lambda.amazonaws.com │ │
├───┼───────────────────────────────────┼────────┼───────────────────────────────────┼────────────────────────────────────┼───────────┤
│ + │ ${LambdaToDynamoDB/DynamoTable.Ar │ Allow │ dynamodb:BatchGetItem │ AWS:${LambdaFunctionServiceRole} │ │
│ │ n} │ │ dynamodb:BatchWriteItem │ │ │
│ │ │ │ dynamodb:DeleteItem │ │ │
│ │ │ │ dynamodb:GetItem │ │ │
│ │ │ │ dynamodb:GetRecords │ │ │
│ │ │ │ dynamodb:GetShardIterator │ │ │
│ │ │ │ dynamodb:PutItem │ │ │
│ │ │ │ dynamodb:Query │ │ │
│ │ │ │ dynamodb:Scan │ │ │
│ │ │ │ dynamodb:UpdateItem │ │ │
└───┴───────────────────────────────────┴────────┴───────────────────────────────────┴────────────────────────────────────┴───────────┘
IAM Policy Changes
┌───┬─────────────────────────────┬────────────────────────────────────────────────────────────────────────────────┐
│ │ Resource │ Managed Policy ARN │
├───┼─────────────────────────────┼────────────────────────────────────────────────────────────────────────────────┤
│ + │ ${HelloHandler/ServiceRole} │ arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole │
└───┴─────────────────────────────┴────────────────────────────────────────────────────────────────────────────────┘
(NOTE: There may be security-related changes not in this list. See https://github.com/aws/aws-cdk/issues/1299)
Resources
[+] AWS::IAM::Role HelloHandler/ServiceRole HelloHandlerServiceRole11EF7C63
[+] AWS::Lambda::Function HelloHandler HelloHandler2E4FBA4D
[+] AWS::DynamoDB::Table LambdaToDynamoDB/DynamoTable LambdaToDynamoDBDynamoTable53C1442D
[+] AWS::IAM::Policy LambdaFunctionServiceRole/DefaultPolicy LambdaFunctionServiceRoleDefaultPolicy126C8897
[~] AWS::Lambda::Function LambdaFunction LambdaFunctionBF21E41F
├─ [+] Environment
│ └─ {"Variables":{"DOWNSTREAM_FUNCTION_NAME":{"Ref":"HelloHandler2E4FBA4D"},"DDB_TABLE_NAME":{"Ref":"LambdaToDynamoDBDynamoTable53C1442D"}}}
├─ [~] Handler
│ ├─ [-] hello.handler
│ └─ [+] hitcounter.handler
└─ [~] DependsOn
└─ @@ -1,3 +1,4 @@
[ ] [
[+] "LambdaFunctionServiceRoleDefaultPolicy126C8897",
[ ] "LambdaFunctionServiceRole0C4CDE0B"
[ ] ]
Distribuzione cdk
Ok, pronto per la distribuzione?
cdk deploy
Output dello stack
Al termine della distribuzione, noterai questa riga:
Outputs:
HelloConstructsStack.RestApiEndpoint0551178A = https://xxxxxxxxxx.execute-api.us-east-1.amazonaws.com/prod/
Esecuzione del test dell'app
Proviamo a colpire questo endpoint con arricciatura. Copia l'URL ed esegui (il tuo prefisso e la tua regione saranno probabilmente diversi).
curl https://xxxxxxxxxx.execute-api.us-east-1.amazonaws.com/prod/
L'output dovrebbe essere simile al seguente:
Hello, AWS Solutions Constructs! You've hit /
Ora, rivedere gli elementiHitsTabella Amazon DynamoDB.
-
Passa alla console DynamoDB.
-
Assicurarsi di essere nella regione in cui è stata creata la tabella.
-
SelezionaTabellenel riquadro di navigazione e selezionare la casella di controlloHits (occorrenze)INTO table
-
Apri la tabella e seleziona «Elementi».
-
Dovresti vedere quanti colpi hai ottenuto per ogni percorso.
-
Prova a colpire un nuovo percorso e aggiorna la vista Elementi. Viene visualizzato un nuovo elemento con unhitsConteggio di uno.
Se questo è l'output che hai ricevuto, la tua app funziona!
