Dear Friends of the Cloud 👋🏽

We've received a lot of questions about building hands-on on AWS. This is what this issue is all about.

Mastering the fundamentals is crucial. But this newsletter is about using AWS in the Real World. So, let's tackle a real-world problem and build something in a more hands-on fashion.

You don't have any hands-on experience yet? Perfect! This is the time to get out there to see how easy it is to get things up and running! 🏗

That's why this issue will be a rather long one by guiding you through a developer journey to deliver a tiny application. 🏗 From beginning to end.

As we think cloud-native is the future, it's clear that we'll focus on a Lambda-powered example! ƛ 💛

And it will be a prominent one: a simple REST API via Node.js and Express with DynamoDB as its data storage.

Our infrastructure will be defined via the Serverless Framework and then managed by CloudFormation.

Even though it's a small and rather easy example, it already contains different services that work together closely and will help you to wrap your head around on how things get build on AWS.

Let's visit the table of contents:

1. Setting up Your Own AWS Account​
   • signing up for & securing our new account
   • creating an IAM user with an access key
2. Planting our Development Environment​
   • installing our set of tools
   • configuring & testing the AWS CLI
3. Deploying our Infrastructure​
   • creating our project skeleton
   • deploying to AWS
4. Extending our Code
   ​• adding new routes to our API
   • deploying changes
5. Conclusion​
   • recap of what we learned

Let's jump into the action.

Setting up your own AWS account

💡 If you already have your account & AWS access and secret key, feel free to skip this part! ⚡️

Let's jump the AWS console's registration form. We'll need an email address and a credit card. It could be that Amazon will deduced a small amount, which won't be collected but only used for verification purposes.

You'll receive a message with your new accounts unique 12-digit number. You're also able to immediately log in via your email address.

After logging into the console, we should make sure that we don't have to use our root user (see it as the owner of the account that has permissions to manage, modify or delete all resources or even the account itself) for any development purposes. For that, we should head over to the AWS Identity and Access Management.

We want to create a dedicated user. We can use this user later also to log into the AWS console or to communicate with the AWS API to manage our infrastructure.

For managing our permissions easily when new developers join, we'll create a group. As with users, we can attach permissions to groups. A user that is assigned to a group will gain all their permissions.

Let's start with adding the AdministratorAccess policy. This will allow us to create and manage resources for every service.

In a real-world project development setup, it's often common to restrict permissions for users to the minimum level that is required to fulfil their tasks.

After finishing the group's creation, we'll jump to the users tab. Let's add our user and make sure console access is enabled. Besides console access, the group should also be assigned.

After the creation is finished, the user will appear in the users list. Let's head over to the user's security credentials setting by clicking on it so we can create a pair of access key and secret access key. Those are needed to talk to the AWS API.

We'll select the Command Line Interface (CLI). The AWS console may note that it's recommended to make use of the IAM Identity Center to access the AWS CLI, but we'll ignore this for now.

💡 When creating users in the Identity Center of the management account of an AWS Organization, you can easily manage permissions to multiple accounts within that organization. The users benefit too, as they can use a single sign on mechanism to securely access all accounts they have been granted access to!

Make sure to save your Secret Access Key, as you can't display it again.

Planting our Development Environment

Our account is ready to go. We'll now install the AWS CLI. When using macOS, you can use homebrew via brew install awscli to get the latest version. For Linux and Windows there's a similar process.

Next, we need to run aws configure which will prompt us for our previously created Access Key and Secret Access Key. It will also ask for a default region, e.g. us-east-1, and the default output format, e.g. json.

If you've set up everything properly, you should be able to get a few details of your account and user by running aws sts get-caller-identity.

If you didn't install Node.js yet, this will be the next step. As with the AWS CLI, is quick and easy to use a package manager like homebrew and install node via brew install node.

We're almost ready to start building our application. We just need to install the Serverless Framework via npm i -g sls and we're good to go.

Deploying our Infrastructure

We don't need to create all of our files from scratch but can just go ahead and use the starter templates from Serverless by typing sls.

We'll select Express API with DynamoDB to get everything we need:

• a Node.js Lambda function with Express
• a DynamoDB table
• an HTTP API Gateway to expose our function

Let's jump into the projects directory and run sls deploy. This will translate our serverless.yml file into a CloudFormation template and create our stack on AWS.

Serverless will also list us the final execute-api gateway URL to invoke our API. 🎉

The starter template contains two paths and methods:

• POST /users - for creating a new user in DynamoDB
• GET /users/:userId - for retrieving existing users

Let's try that out via Postman.

Clicking on send will submit the request to the API.

User has been created! Now we should be able to retrieve it via our ID.

There we go! 🙏

Extending our Code

Let's add a new route to list all users.

Instead of querying a user by its ID, we'll retrieve all entries in our table via scan. Afterward, we simply return everything as a JSON.

Now we need to deploy the change. We can either

• do a stack update via CloudFormation which will detect the changes that need to be done via sls deploy or
• simply only deploy our function code

The second option is lightning fast! Our function name is api so we can just run sls deploy function -f api to upload the updated function code.

It will only take a few seconds and our update is live.

Let's test that out after creating another user beforehand.

Works like a charm! 🎉

Conclusion

We've deployed a small REST application within minutes, including its infrastructure. And everything is managed via code. With Serverless and CloudFormation, we can deploy the same application to any other region or just remove every resource via sls remove.

That's all for today. We hope you've seen how easy it is to get your first tiny project running on AWS. 🏗

Have a great start into the week!

Tobi & Sandro 💛

​

PS: We've finished our light-themed infographics! 🌟 If you've bought the infographics before, you'll receive another email with the details on how to download them.

​

---

Want to read more? Check out our blog! 📚
We're publishing a new article every Tuesday and Thursday! 💛