Procedura dettagliata - Parte 2 - Costrutti delle soluzioni AWS

Le traduzioni sono generate tramite traduzione automatica. In caso di conflitto tra il contenuto di una traduzione e la versione originale in Inglese, quest'ultima prevarrà.

Procedura dettagliata - Parte 2

Nota

AWS Solutions Constructs è supportato sulle versioni CDK ≥ 1.46.0.

Questo tutorial illustra come modificare l'app «Hello Constructs» creata inPART 1: . La nostra modifica aggiungerà un contatore di visite del sito utilizzando il modello AWS Lambda a DynamoDB da AWS Solutions Constructs. La modifica dell'app Hello Constructs si tradurrà nella seguente soluzione:

Codice Lambda del contatore di colpo

Iniziamo scrivendo il codice per la funzione Hit Counter AWS Lambda. Questa funzione:

  • incrementare un contatore correlato al percorso API in una tabella Amazon DynamoDB,

  • richiamare la funzione Hello AWS Lambda a valle,

  • e restituire la risposta all'utente finale.

TypeScript

Aggiungere un file denominatolambda/hitcounter.jscon i seguenti contenuti:

const { DynamoDB, Lambda } = require('aws-sdk'); exports.handler = async function(event) { console.log("request:", JSON.stringify(event, undefined, 2)); // create AWS SDK clients const dynamo = new DynamoDB(); const lambda = new Lambda(); // update dynamo entry for "path" with hits++ await dynamo.updateItem({ TableName: process.env.DDB_TABLE_NAME, Key: { path: { S: event.path } }, UpdateExpression: 'ADD hits :incr', ExpressionAttributeValues: { ':incr': { N: '1' } } }).promise(); // call downstream function and capture response const resp = await lambda.invoke({ FunctionName: process.env.DOWNSTREAM_FUNCTION_NAME, Payload: JSON.stringify(event) }).promise(); console.log('downstream response:', JSON.stringify(resp, undefined, 2)); // return response back to upstream caller return JSON.parse(resp.Payload); };
Python

Aggiungere un file denominatolambda/hitcounter.pycon i seguenti contenuti:

import json import os import boto3 ddb = boto3.resource('dynamodb') table = ddb.Table(os.environ['DDB_TABLE_NAME']) _lambda = boto3.client('lambda') def handler(event, context): print('request: {}'.format(json.dumps(event))) table.update_item( Key={'path': event['path']}, UpdateExpression='ADD hits :incr', ExpressionAttributeValues={':incr': 1} ) resp = _lambda.invoke( FunctionName=os.environ['DOWNSTREAM_FUNCTION_NAME'], Payload=json.dumps(event), ) body = resp['Payload'].read() print('downstream response: {}'.format(body)) return json.loads(body)

Installare le nuove dipendenze

Nota

Ricordarsi di sostituire la versione corretta e corrispondente da utilizzare sia per AWS Solutions Constructs che per AWS CDK nelVERSION_NUMBERcampi segnaposto per ogni comando. Questo dovrebbe essere identico al numero di versione utilizzato per le dipendenze nella prima parte di questa procedura dettagliata. La mancata corrispondenza delle versioni tra i pacchetti può causare errori.

Come al solito, dobbiamo prima installare le dipendenze di cui abbiamo bisogno per l'aggiornamento della nostra soluzione. Innanzitutto, dobbiamo installare la libreria di costrutto DynamoDB:

TypeScript
npm install -s @aws-cdk/aws-dynamodb@VERSION_NUMBER
Python
pip install aws_cdk.aws_dynamodb==VERSION_NUMBER

Infine, installa i costrutti di soluzioni AWSaws-lambda-dynamodbe tutte le sue dipendenze nel nostro progetto:

TypeScript
npm install -s @aws-solutions-constructs/aws-lambda-dynamodb@VERSION_NUMBER
Python
pip install aws_solutions_constructs.aws_lambda_dynamodb==VERSION_NUMBER

Definisci le risorse

Ora, aggiorniamo il nostro codice di stack per accogliere la nostra nuova architettura.

Innanzitutto, importeremo le nostre nuove dipendenze e sposteremo la funzione «Ciao» al di fuori delaws-apigateway-lambdaabbiamo creato nella parte 1.

TypeScript

Modificare il filelib/hello-constructs.tscon gli elementi seguenti:

import * as cdk from '@aws-cdk/core'; import * as lambda from '@aws-cdk/aws-lambda'; import * as api from '@aws-cdk/aws-apigateway'; import * as dynamodb from '@aws-cdk/aws-dynamodb'; import { ApiGatewayToLambda, ApiGatewayToLambdaProps } from '@aws-solutions-constructs/aws-apigateway-lambda'; import { LambdaToDynamoDB, LambdaToDynamoDBProps } from '@aws-solutions-constructs/aws-lambda-dynamodb'; export class HelloConstructsStack extends cdk.Stack { constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { super(scope, id, props); // The code that defines your stack goes here const helloFunc = new lambda.Function(this, 'HelloHandler', { runtime: lambda.Runtime.NODEJS_12_X, code: lambda.Code.fromAsset('lambda'), handler: 'hello.handler' }); const api_lambda_props: ApiGatewayToLambdaProps = { lambdaFunctionProps: { code: lambda.Code.fromAsset('lambda'), runtime: lambda.Runtime.NODEJS_12_X, handler: 'hello.handler' }, apiGatewayProps: { defaultMethodOptions: { authorizationType: api.AuthorizationType.NONE } } }; new ApiGatewayToLambda(this, 'ApiGatewayToLambda', api_lambda_props); } }
Python

Modificare il filehello_constructs/hello_constructs_stack.pycon gli elementi seguenti:

from aws_cdk import ( aws_lambda as _lambda, aws_apigateway as apigw, aws_dynamodb as ddb, core, ) from aws_solutions_constructs import ( aws_apigateway_lambda as apigw_lambda, aws_lambda_dynamodb as lambda_ddb ) class HelloConstructsStack(core.Stack): def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here self._handler = _lambda.Function( self, 'HelloHandler', runtime=_lambda.Runtime.PYTHON_3_7, handler='hello.handler', code=_lambda.Code.asset('lambda'), ) apigw_lambda.ApiGatewayToLambda( self, 'ApiGatewayToLambda', lambda_function_props=_lambda.FunctionProps( runtime=_lambda.Runtime.PYTHON_3_7, code=_lambda.Code.asset('lambda'), handler='hello.handler', ), api_gateway_props=apigw.RestApiProps( default_method_options=apigw.MethodOptions( authorization_type=apigw.AuthorizationType.NONE ) ) )

Successivamente, aggiungeremo ilaws-lambda-dynamodbper costruire il servizio di contatore degli accessi per la nostra architettura aggiornata.

Il prossimo aggiornamento di seguito definisce le proprietà per ilaws-lambda-dynamodbdefinendo la funzione AWS Lambda con il gestore Hit Counter. Inoltre, la tabella Amazon DynamoDB è definita con il nomeHitse una chiave di partizione dipath: .

TypeScript

Modificare il filelib/hello-constructs.tscon gli elementi seguenti:

import * as cdk from '@aws-cdk/core'; import * as lambda from '@aws-cdk/aws-lambda'; import * as api from '@aws-cdk/aws-apigateway'; import * as dynamodb from '@aws-cdk/aws-dynamodb'; import { ApiGatewayToLambda, ApiGatewayToLambdaProps } from '@aws-solutions-constructs/aws-apigateway-lambda'; import { LambdaToDynamoDB, LambdaToDynamoDBProps } from '@aws-solutions-constructs/aws-lambda-dynamodb'; export class HelloConstructsStack extends cdk.Stack { constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { super(scope, id, props); // The code that defines your stack goes here const helloFunc = new lambda.Function(this, 'HelloHandler', { runtime: lambda.Runtime.NODEJS_12_X, code: lambda.Code.fromAsset('lambda'), handler: 'hello.handler' }); // hit counter, aws-lambda-dynamodb pattern const lambda_ddb_props: LambdaToDynamoDBProps = { lambdaFunctionProps: { code: lambda.Code.asset(`lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'hitcounter.handler', environment: { DOWNSTREAM_FUNCTION_NAME: helloFunc.functionName } }, dynamoTableProps: { tableName: 'Hits', partitionKey: { name: 'path', type: dynamodb.AttributeType.STRING } } }; const hitcounter = new LambdaToDynamoDB(this, 'LambdaToDynamoDB', lambda_ddb_props); const api_lambda_props: ApiGatewayToLambdaProps = { lambdaFunctionProps: { code: lambda.Code.fromAsset('lambda'), runtime: lambda.Runtime.NODEJS_12_X, handler: 'hello.handler' }, apiGatewayProps: { defaultMethodOptions: { authorizationType: api.AuthorizationType.NONE } } }; new ApiGatewayToLambda(this, 'ApiGatewayToLambda', api_lambda_props); } }
Python

Modificare il filehello_constructs/hello_constructs_stack.pycon gli elementi seguenti:

from aws_cdk import ( aws_lambda as _lambda, aws_apigateway as apigw, aws_dynamodb as ddb, core, ) from aws_solutions_constructs import ( aws_apigateway_lambda as apigw_lambda, aws_lambda_dynamodb as lambda_ddb ) class HelloConstructsStack(core.Stack): def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here self.hello_func = _lambda.Function( self, 'HelloHandler', runtime=_lambda.Runtime.PYTHON_3_7, handler='hello.handler', code=_lambda.Code.asset('lambda'), ) # hit counter, aws-lambda-dynamodb pattern self.hit_counter = lambda_ddb.LambdaToDynamoDB( self, 'LambdaToDynamoDB', lambda_function_props=_lambda.FunctionProps( runtime=_lambda.Runtime.PYTHON_3_7, code=_lambda.Code.asset('lambda'), handler='hitcounter.handler', environment={ 'DOWNSTREAM_FUNCTION_NAME': self.hello_func.function_name } ), dynamo_table_props=ddb.TableProps( table_name='Hits', partition_key={ 'name': 'path', 'type': ddb.AttributeType.STRING } ) ) apigw_lambda.ApiGatewayToLambda( self, 'ApiGatewayToLambda', lambda_function_props=_lambda.FunctionProps( runtime=_lambda.Runtime.PYTHON_3_7, code=_lambda.Code.asset('lambda'), handler='hello.handler', ), api_gateway_props=apigw.RestApiProps( default_method_options=apigw.MethodOptions( authorization_type=apigw.AuthorizationType.NONE ) ) )

Successivamente, dobbiamo concedere la funzione Hit Counter creata dallaaws-lambda-dynamodbaggiunto sopra il permesso di richiamare la nostra funzione Hello.

TypeScript

Modificare il filelib/hello-constructs.tscon gli elementi seguenti:

import * as cdk from '@aws-cdk/core'; import * as lambda from '@aws-cdk/aws-lambda'; import * as api from '@aws-cdk/aws-apigateway'; import * as dynamodb from '@aws-cdk/aws-dynamodb'; import { ApiGatewayToLambda, ApiGatewayToLambdaProps } from '@aws-solutions-constructs/aws-apigateway-lambda'; import { LambdaToDynamoDB, LambdaToDynamoDBProps } from '@aws-solutions-constructs/aws-lambda-dynamodb'; export class HelloConstructsStack extends cdk.Stack { constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { super(scope, id, props); // The code that defines your stack goes here // hello function responding to http requests const helloFunc = new lambda.Function(this, 'HelloHandler', { runtime: lambda.Runtime.NODEJS_12_X, code: lambda.Code.fromAsset('lambda'), handler: 'hello.handler' }); // hit counter, aws-lambda-dynamodb pattern const lambda_ddb_props: LambdaToDynamoDBProps = { lambdaFunctionProps: { code: lambda.Code.asset(`lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'hitcounter.handler', environment: { DOWNSTREAM_FUNCTION_NAME: helloFunc.functionName } }, dynamoTableProps: { tableName: 'Hits', partitionKey: { name: 'path', type: dynamodb.AttributeType.STRING } } }; const hitcounter = new LambdaToDynamoDB(this, 'LambdaToDynamoDB', lambda_ddb_props); // grant the hitcounter lambda role invoke permissions to the hello function helloFunc.grantInvoke(hitcounter.lambdaFunction); const api_lambda_props: ApiGatewayToLambdaProps = { lambdaFunctionProps: { code: lambda.Code.fromAsset('lambda'), runtime: lambda.Runtime.NODEJS_12_X, handler: 'hello.handler' }, apiGatewayProps: { defaultMethodOptions: { authorizationType: api.AuthorizationType.NONE } } }; new ApiGatewayToLambda(this, 'ApiGatewayToLambda', api_lambda_props); } }
Python

Modificare il filehello_constructs/hello_constructs_stack.pycon gli elementi seguenti:

from aws_cdk import ( aws_lambda as _lambda, aws_apigateway as apigw, aws_dynamodb as ddb, core, ) from aws_solutions_constructs import ( aws_apigateway_lambda as apigw_lambda, aws_lambda_dynamodb as lambda_ddb ) class HelloConstructsStack(core.Stack): def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here self.hello_func = _lambda.Function( self, 'HelloHandler', runtime=_lambda.Runtime.PYTHON_3_7, handler='hello.handler', code=_lambda.Code.asset('lambda'), ) # hit counter, aws-lambda-dynamodb pattern self.hit_counter = lambda_ddb.LambdaToDynamoDB( self, 'LambdaToDynamoDB', lambda_function_props=_lambda.FunctionProps( runtime=_lambda.Runtime.PYTHON_3_7, code=_lambda.Code.asset('lambda'), handler='hitcounter.handler', environment={ 'DOWNSTREAM_FUNCTION_NAME': self.hello_func.function_name } ), dynamo_table_props=ddb.TableProps( table_name='Hits', partition_key={ 'name': 'path', 'type': ddb.AttributeType.STRING } ) ) # grant the hitcounter lambda role invoke permissions to the hello function self.hello_func.grant_invoke(self.hit_counter.lambda_function) apigw_lambda.ApiGatewayToLambda( self, 'ApiGatewayToLambda', lambda_function_props=_lambda.FunctionProps( runtime=_lambda.Runtime.PYTHON_3_7, code=_lambda.Code.asset('lambda'), handler='hello.handler', ), api_gateway_props=apigw.RestApiProps( default_method_options=apigw.MethodOptions( authorization_type=apigw.AuthorizationType.NONE ) ) )

Infine, abbiamo bisogno di aggiornare il nostroaws-apigateway-lambdaper utilizzare la nostra nuova funzione Hit Counter che è stata fornita conaws-lambda-dynamodbModello di cui sopra.

TypeScript

Modificare il filelib/hello-constructs.tscon gli elementi seguenti:

import * as cdk from '@aws-cdk/core'; import * as lambda from '@aws-cdk/aws-lambda'; import * as api from '@aws-cdk/aws-apigateway'; import * as dynamodb from '@aws-cdk/aws-dynamodb'; import { ApiGatewayToLambda, ApiGatewayToLambdaProps } from '@aws-solutions-constructs/aws-apigateway-lambda'; import { LambdaToDynamoDB, LambdaToDynamoDBProps } from '@aws-solutions-constructs/aws-lambda-dynamodb'; export class HelloConstructsStack extends cdk.Stack { constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { super(scope, id, props); // The code that defines your stack goes here // hello function responding to http requests const helloFunc = new lambda.Function(this, 'HelloHandler', { runtime: lambda.Runtime.NODEJS_12_X, code: lambda.Code.fromAsset('lambda'), handler: 'hello.handler' }); // hit counter, aws-lambda-dynamodb pattern const lambda_ddb_props: LambdaToDynamoDBProps = { lambdaFunctionProps: { code: lambda.Code.asset(`lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'hitcounter.handler', environment: { DOWNSTREAM_FUNCTION_NAME: helloFunc.functionName } }, dynamoTableProps: { tableName: 'Hits', partitionKey: { name: 'path', type: dynamodb.AttributeType.STRING } } }; const hitcounter = new LambdaToDynamoDB(this, 'LambdaToDynamoDB', lambda_ddb_props); // grant the hitcounter lambda role invoke permissions to the hello function helloFunc.grantInvoke(hitcounter.lambdaFunction); const api_lambda_props: ApiGatewayToLambdaProps = { existingLambdaObj: hitcounter.lambdaFunction, apiGatewayProps: { defaultMethodOptions: { authorizationType: api.AuthorizationType.NONE } } }; new ApiGatewayToLambda(this, 'ApiGatewayToLambda', api_lambda_props); } }
Python

Modificare il filehello_constructs/hello_constructs_stack.pycon gli elementi seguenti:

from aws_cdk import ( aws_lambda as _lambda, aws_apigateway as apigw, aws_dynamodb as ddb, core, ) from aws_solutions_constructs import ( aws_apigateway_lambda as apigw_lambda, aws_lambda_dynamodb as lambda_ddb ) class HelloConstructsStack(core.Stack): def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here self.hello_func = _lambda.Function( self, 'HelloHandler', runtime=_lambda.Runtime.PYTHON_3_7, handler='hello.handler', code=_lambda.Code.asset('lambda'), ) # hit counter, aws-lambda-dynamodb pattern self.hit_counter = lambda_ddb.LambdaToDynamoDB( self, 'LambdaToDynamoDB', lambda_function_props=_lambda.FunctionProps( runtime=_lambda.Runtime.PYTHON_3_7, code=_lambda.Code.asset('lambda'), handler='hitcounter.handler', environment={ 'DOWNSTREAM_FUNCTION_NAME': self.hello_func.function_name } ), dynamo_table_props=ddb.TableProps( table_name='Hits', partition_key={ 'name': 'path', 'type': ddb.AttributeType.STRING } ) ) # grant the hitcounter lambda role invoke permissions to the hello function self.hello_func.grant_invoke(self.hit_counter.lambda_function) apigw_lambda.ApiGatewayToLambda( self, 'ApiGatewayToLambda', existing_lambda_obj=self.hit_counter.lambda_function, api_gateway_props=apigw.RestApiProps( default_method_options=apigw.MethodOptions( authorization_type=apigw.AuthorizationType.NONE ) ) )

Review Changes

Costruiamo il nostro progetto ed esaminiamo le modifiche alle nostre risorse che avverranno quando implementeremo questo:

npm run build cdk diff

Il nostro output dovrebbe essere simile al seguente:

Stack HelloConstructsStack
IAM Statement Changes
┌───┬───────────────────────────────────┬────────┬───────────────────────────────────┬────────────────────────────────────┬───────────┐
│   │ Resource                          │ Effect │ Action                            │ Principal                          │ Condition │
├───┼───────────────────────────────────┼────────┼───────────────────────────────────┼────────────────────────────────────┼───────────┤
│ + │ ${HelloHandler.Arn}               │ Allow  │ lambda:InvokeFunction             │ AWS:${LambdaFunctionServiceRole}   │           │
├───┼───────────────────────────────────┼────────┼───────────────────────────────────┼────────────────────────────────────┼───────────┤
│ + │ ${HelloHandler/ServiceRole.Arn}   │ Allow  │ sts:AssumeRole                    │ Service:lambda.amazonaws.com       │           │
├───┼───────────────────────────────────┼────────┼───────────────────────────────────┼────────────────────────────────────┼───────────┤
│ + │ ${LambdaToDynamoDB/DynamoTable.Ar │ Allow  │ dynamodb:BatchGetItem             │ AWS:${LambdaFunctionServiceRole}   │           │
│   │ n}                                │        │ dynamodb:BatchWriteItem           │                                    │           │
│   │                                   │        │ dynamodb:DeleteItem               │                                    │           │
│   │                                   │        │ dynamodb:GetItem                  │                                    │           │
│   │                                   │        │ dynamodb:GetRecords               │                                    │           │
│   │                                   │        │ dynamodb:GetShardIterator         │                                    │           │
│   │                                   │        │ dynamodb:PutItem                  │                                    │           │
│   │                                   │        │ dynamodb:Query                    │                                    │           │
│   │                                   │        │ dynamodb:Scan                     │                                    │           │
│   │                                   │        │ dynamodb:UpdateItem               │                                    │           │
└───┴───────────────────────────────────┴────────┴───────────────────────────────────┴────────────────────────────────────┴───────────┘
IAM Policy Changes
┌───┬─────────────────────────────┬────────────────────────────────────────────────────────────────────────────────┐
│   │ Resource                    │ Managed Policy ARN                                                             │
├───┼─────────────────────────────┼────────────────────────────────────────────────────────────────────────────────┤
│ + │ ${HelloHandler/ServiceRole} │ arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole │
└───┴─────────────────────────────┴────────────────────────────────────────────────────────────────────────────────┘
(NOTE: There may be security-related changes not in this list. See https://github.com/aws/aws-cdk/issues/1299)

Resources
[+] AWS::IAM::Role HelloHandler/ServiceRole HelloHandlerServiceRole11EF7C63 
[+] AWS::Lambda::Function HelloHandler HelloHandler2E4FBA4D 
[+] AWS::DynamoDB::Table LambdaToDynamoDB/DynamoTable LambdaToDynamoDBDynamoTable53C1442D 
[+] AWS::IAM::Policy LambdaFunctionServiceRole/DefaultPolicy LambdaFunctionServiceRoleDefaultPolicy126C8897 
[~] AWS::Lambda::Function LambdaFunction LambdaFunctionBF21E41F 
 ├─ [+] Environment
 │   └─ {"Variables":{"DOWNSTREAM_FUNCTION_NAME":{"Ref":"HelloHandler2E4FBA4D"},"DDB_TABLE_NAME":{"Ref":"LambdaToDynamoDBDynamoTable53C1442D"}}}
 ├─ [~] Handler
 │   ├─ [-] hello.handler
 │   └─ [+] hitcounter.handler
 └─ [~] DependsOn
     └─ @@ -1,3 +1,4 @@
        [ ] [
        [+]   "LambdaFunctionServiceRoleDefaultPolicy126C8897",
        [ ]   "LambdaFunctionServiceRole0C4CDE0B"
        [ ] ]

Distribuzione cdk

Ok, pronto per la distribuzione?

cdk deploy

Output dello stack

Al termine della distribuzione, noterai questa riga:

Outputs:
HelloConstructsStack.RestApiEndpoint0551178A = https://xxxxxxxxxx.execute-api.us-east-1.amazonaws.com/prod/

Esecuzione del test dell'app

Proviamo a colpire questo endpoint con arricciatura. Copia l'URL ed esegui (il tuo prefisso e la tua regione saranno probabilmente diversi).

curl https://xxxxxxxxxx.execute-api.us-east-1.amazonaws.com/prod/

L'output dovrebbe essere simile al seguente:

Hello, AWS Solutions Constructs! You've hit /

Ora, rivedere gli elementiHitsTabella Amazon DynamoDB.

  1. Passa alla console DynamoDB.

  2. Assicurarsi di essere nella regione in cui è stata creata la tabella.

  3. SelezionaTabellenel riquadro di navigazione e selezionare la casella di controlloHits (occorrenze)INTO table

  4. Apri la tabella e seleziona «Elementi».

  5. Dovresti vedere quanti colpi hai ottenuto per ogni percorso.

  6. Prova a colpire un nuovo percorso e aggiorna la vista Elementi. Viene visualizzato un nuovo elemento con unhitsConteggio di uno.

Se questo è l'output che hai ricevuto, la tua app funziona!