Last active
August 31, 2021 05:06
-
-
Save vikasbajaj/83e7d20491971b566c28c6e8fc909bdb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0. Create an IAM Role and attach the following managed policies with it. | |
| - IAMFullAccess | |
| - AmazonDynamoDBFullAccess | |
| - AmazonSNSFullAccess | |
| - AWSLambda_FullAccess | |
| 1. Create cloud 9 environment and attach IAM role that was created in the previous step with the Cloud9 EC2 instance. Open Cloud 9 environment | |
| 2. Switch of AWS managed temporary credentials in cloud 9 and assign role created by the Cloudformation stack | |
| - Set a default region to ap-southeast-2 | |
| aws configure | |
| 3. Create DynamoDB table | |
| aws dynamodb create-table \ | |
| --table-name BarkTable \ | |
| --attribute-definitions AttributeName=Username,AttributeType=S AttributeName=Timestamp,AttributeType=S \ | |
| --key-schema AttributeName=Username,KeyType=HASH AttributeName=Timestamp,KeyType=RANGE \ | |
| --provisioned-throughput ReadCapacityUnits=5,WriteCapacityUnits=5 \ | |
| --stream-specification StreamEnabled=true,StreamViewType=NEW_AND_OLD_IMAGES | |
| 4. Create a Lambda Execution role | |
| - Create a file named trust-relationship.json with the following contents. | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Principal": { | |
| "Service": "lambda.amazonaws.com" | |
| }, | |
| "Action": "sts:AssumeRole" | |
| } | |
| ] | |
| } | |
| 5. Create WooferLambdaRole role | |
| aws iam create-role --role-name WooferLambdaRole \ | |
| --path "/service-role/" \ | |
| --assume-role-policy-document file://trust-relationship.json | |
| 6. Create a file named role-policy.json with the following contents. | |
| (Replace region and accountID with your AWS Region and account ID) | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": "lambda:InvokeFunction", | |
| "Resource": "arn:aws:lambda:region:accountID:function:publishNewBark*" | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "logs:CreateLogGroup", | |
| "logs:CreateLogStream", | |
| "logs:PutLogEvents" | |
| ], | |
| "Resource": "arn:aws:logs:region:accountID:*" | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "dynamodb:DescribeStream", | |
| "dynamodb:GetRecords", | |
| "dynamodb:GetShardIterator", | |
| "dynamodb:ListStreams" | |
| ], | |
| "Resource": "arn:aws:dynamodb:region:accountID:table/BarkTable/stream/*" | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "sns:Publish" | |
| ], | |
| "Resource": [ | |
| "*" | |
| ] | |
| } | |
| ] | |
| } | |
| 7. Enter the following command to attach the policy to WooferLambdaRole. | |
| aws iam put-role-policy --role-name WooferLambdaRole \ | |
| --policy-name WooferLambdaRolePolicy \ | |
| --policy-document file://role-policy.json | |
| 8. Enter the following command to create a new Amazon SNS topic. | |
| aws sns create-topic --name wooferTopic | |
| 9. Enter the following command to subscribe an email address to wooferTopic. | |
| (Replace region and accountID with your AWS Region and account ID, and replace example@example.com with a valid email address.) | |
| aws sns subscribe \ | |
| --topic-arn arn:aws:sns:region:accountID:wooferTopic \ | |
| --protocol email \ | |
| --notification-endpoint example@example.com | |
| 10. Open your email and accept subscription | |
| 11. Create and Test Lambda Function | |
| - Create a file publishNewBark.js with the following code | |
| (replace region with ap-southeast-2 and accountID with your lab AWS Account Id)' | |
| 'use strict'; | |
| var AWS = require("aws-sdk"); | |
| var sns = new AWS.SNS(); | |
| exports.handler = (event, context, callback) => { | |
| event.Records.forEach((record) => { | |
| console.log('Stream record: ', JSON.stringify(record, null, 2)); | |
| if (record.eventName == 'INSERT') { | |
| var who = JSON.stringify(record.dynamodb.NewImage.Username.S); | |
| var when = JSON.stringify(record.dynamodb.NewImage.Timestamp.S); | |
| var what = JSON.stringify(record.dynamodb.NewImage.Message.S); | |
| var params = { | |
| Subject: 'A new bark from ' + who, | |
| Message: 'Woofer user ' + who + ' barked the following at ' + when + ':\n\n ' + what, | |
| TopicArn: 'arn:aws:sns:region:accountID:wooferTopic' | |
| }; | |
| sns.publish(params, function(err, data) { | |
| if (err) { | |
| console.error("Unable to send message. Error JSON:", JSON.stringify(err, null, 2)); | |
| } else { | |
| console.log("Results from sending message: ", JSON.stringify(data, null, 2)); | |
| } | |
| }); | |
| } | |
| }); | |
| callback(null, `Successfully processed ${event.Records.length} records.`); | |
| }; | |
| 12. Create a zip file to contain publishNewBark.js | |
| zip publishNewBark.zip publishNewBark.js | |
| 13. Get IAM Role ARN (for the WooferLambdaRole role that you created earlier in this lab ) | |
| aws iam get-role --role-name WooferLambdaRole | |
| 14. Enter the following command to create the Lambda function | |
| (Replace roleARN with the ARN of WooferLambdaRole role) | |
| aws lambda create-function \ | |
| --region region \ | |
| --function-name publishNewBark \ | |
| --zip-file fileb://publishNewBark.zip \ | |
| --role roleARN \ | |
| --handler publishNewBark.handler \ | |
| --timeout 5 \ | |
| --runtime nodejs10.x | |
| 15. Create a test event, create a file payload.json with the following content | |
| (replace region ap-southeast-2) | |
| { | |
| "Records": [ | |
| { | |
| "eventID": "7de3041dd709b024af6f29e4fa13d34c", | |
| "eventName": "INSERT", | |
| "eventVersion": "1.1", | |
| "eventSource": "aws:dynamodb", | |
| "awsRegion": "region", | |
| "dynamodb": { | |
| "ApproximateCreationDateTime": 1479499740, | |
| "Keys": { | |
| "Timestamp": { | |
| "S": "2016-11-18:12:09:36" | |
| }, | |
| "Username": { | |
| "S": "John Doe" | |
| } | |
| }, | |
| "NewImage": { | |
| "Timestamp": { | |
| "S": "2016-11-18:12:09:36" | |
| }, | |
| "Message": { | |
| "S": "This is a bark from the Woofer social network" | |
| }, | |
| "Username": { | |
| "S": "John Doe" | |
| } | |
| }, | |
| "SequenceNumber": "13021600000000001596893679", | |
| "SizeBytes": 112, | |
| "StreamViewType": "NEW_IMAGE" | |
| }, | |
| "eventSourceARN": "arn:aws:dynamodb:region:123456789012:table/BarkTable/stream/2016-11-16T20:42:48.104" | |
| } | |
| ] | |
| } | |
| 16. Test the Lambda function publishNewBark | |
| aws lambda invoke --function-name publishNewBark --payload file://payload.json output.txt | |
| 17. Check output.txt file for response | |
| 18. Create a DynamoDB Trigger | |
| - Find the StreamARN by running the following command | |
| aws dynamodb describe-table --table-name BarkTable | |
| - Run the following command to create a trigger. Replace streamARN with BarkTable StreamARN | |
| aws lambda create-event-source-mapping \ | |
| --region region \ | |
| --function-name publishNewBark \ | |
| --event-source streamARN \ | |
| --batch-size 1 \ | |
| --starting-position TRIM_HORIZON | |
| 19. Test the trigger. Enter the following command to add an item to BarkTable. | |
| aws dynamodb put-item \ | |
| --table-name BarkTable \ | |
| --item Username={S="Jane Doe"},Timestamp={S="2016-11-18:14:32:17"},Message={S="Testing...1...2...3"} | |
| 20. You should receive a new email message within a few minutes. | |
| 21. Create a script to insert multiple ddb items | |
| - touch bark-again.sh | |
| - vim bark-again.sh | |
| (copy below content into bark-again.sh and save) | |
| #!/bin/sh | |
| while : | |
| do | |
| echo "who is barking? (^C to quit)" | |
| read INPUT_STRING | |
| echo "You typed: $INPUT_STRING" | |
| aws dynamodb put-item --table-name BarkTable --item Username={S="$INPUT_STRING"},Timestamp={S="2016-11-18:14:32:17"},Message={S="message from $INPUT_STRING"} | |
| done | |
| 22. chmod +x bark-again.sh | |
| 23. ./bark-again.sh |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment