Selective Checkpointing Example (Express Workflows) - AWS Step Functions

Selective Checkpointing Example (Express Workflows)

This sample project demonstrates how to combine Standard and Express Workflows by running a mock e-commerce workflow that does selective checkpointing. Deploying this sample project creates a Standard workflows state machine, a nested Express Workflows state machine, an AWS Lambda function, an Amazon Simple Queue Service (Amazon SQS) queue, and an Amazon Simple Notification Service (Amazon SNS) topic.

For more information about Express Workflows, nested workflows, and Step Functions service integrations, see the following:

Step 1: Create the State Machine and Provision Resources

  1. Open the Step Functions console and choose Create state machine.

  2. Type Selective checkpointing example in the search box, and then choose Selective checkpointing example from the search results that are returned.

  3. Choose Next to continue.

  4. Step Functions lists the AWS services used in the sample project you selected. It also shows a workflow graph for the sample project. Deploy this project to your AWS account or use it as a starting point for building your own projects. Based on how you want to proceed, choose Run a demo or Build on it.

    This sample project deploys the following resources:

    • An AWS Lambda function

    • An Amazon SQS queue

    • An Amazon SNS topic

    • An AWS Step Functions state machine of type Standard

    • A Step Functions state machine of type Express

    • Related AWS Identity and Access Management (IAM) roles

    The following image shows the workflow graph for the Selective checkpointing example sample project:

    
                        Workflow graph of the Selective checkpointing example sample project.
  5. Choose Use template to continue with your selection.

  6. Do one of the following:

    • If you selected Build on it, Step Functions creates the workflow prototype for the sample project you selected. Step Functions doesn't deploy the resources listed in the workflow definition.

      In Workflow Studio's Design mode, drag and drop states from the States browser to continue building your workflow protoype. Or switch to the Code mode that provides an integrated code editor similar to VS Code for updating the Amazon States Language (ASL) definition of your state machine within the Step Functions console. For more information about using Workflow Studio to build your state machines, see Using Workflow Studio.

      Important

      Remember to update the placeholder Amazon Resource Name (ARN) for the resources used in the sample project before you run your workflow.

    • If you selected Run a demo, Step Functions creates a read-only sample project which uses an AWS CloudFormation template to deploy the AWS resources listed in that template to your AWS account.

      Tip

      To view the state machine definition of the sample project, choose Code.

      When you're ready, choose Deploy and run to deploy the sample project and create the resources.

      It can take up to 10 minutes for these resources and related IAM permissions to be created. While your resources are being deployed, you can open the CloudFormation Stack ID link to see which resources are being provisioned.

      After all the resources in the sample project are created, you can see the new sample project listed on the State machines page.

      Important

      Standard charges may apply for each service used in the CloudFormation template.

After the resources of the sample project are deployed do the following.

Step 2: Run the state machine

  1. On the State machines page, choose your sample project.

  2. On the sample project page, choose Start execution.

  3. In the Start execution dialog box, do the following:

    1. (Optional) To identify your execution, you can specify a name for it in the Name box. By default, Step Functions generates a unique execution name automatically.

      Note

      Step Functions allows you to create names for state machines, executions, and activities, and labels that contain non-ASCII characters. These non-ASCII names don't work with Amazon CloudWatch. To ensure that you can track CloudWatch metrics, choose a name that uses only ASCII characters.

    2. (Optional) In the Input box, enter input values in JSON format to run your workflow.

      If you chose to Run a demo, you need not provide any execution input.

      Note

      If the demo project you deployed contains prepopulated execution input data, use that input to run the state machine.

    3. Choose Start execution.

    4. The Step Functions console directs you to a page that's titled with your execution ID. This page is known as the Execution Details page. On this page, you can review the execution results as the execution progresses or after it's complete.

      To review the execution results, choose individual states on the Graph view, and then choose the individual tabs on the Step details pane to view each state's details including input, output, and definition respectively. For details about the execution information you can view on the Execution Details page, see Execution Details page – Interface overview.

  4. Go to your CloudWatch Logs log group and inspect the logs. The name of the log group will look like example-ExpressLogGroup-wJalrXUtnFEMI.

Example State Machine Code for the Parent (Standard Workflows)

The state machine in this sample project integrates with Amazon SQS , Amazon SNS, and Step Functions Express Workflows.

Browse through this example state machine to see how Step Functions processes input from Amazon SQS and Amazon SNS, and then uses a nested Express Workflows state machine to update backend systems.

For more information about how AWS Step Functions can control other AWS services, see Using AWS Step Functions with other services.

{ "Comment": "An example of combining standard and express workflows to run a mock e-commerce workflow that does selective checkpointing.", "StartAt": "Approve Order Request", "States": { "Approve Order Request": { "Type": "Task", "Resource": "arn:<PARTITION>:states:::sqs:sendMessage.waitForTaskToken", "Parameters": { "QueueUrl": "<SQS_QUEUE_URL>", "MessageBody": { "MessageTitle": "Order Request received. Pausing workflow to wait for manual approval. ", "TaskToken.$": "$$.Task.Token" } }, "Next": "Notify Order Success", "Catch": [ { "ErrorEquals": [ "States.ALL" ], "Next": "Notify Order Failure" } ] }, "Notify Order Success": { "Type": "Task", "Resource": "arn:<PARTITION>:states:::sns:publish", "Parameters": { "Message": "Order has been approved. Resuming workflow.", "TopicArn": "<SNS_ARN>" }, "Next": "Process Payment" }, "Notify Order Failure": { "Type": "Task", "Resource": "arn:<PARTITION>:states:::sns:publish", "Parameters": { "Message": "Order not approved. Order failed.", "TopicArn": "<SNS_ARN>" }, "End": true }, "Process Payment": { "Type": "Task", "Resource": "arn:<PARTITION>:states:::sqs:sendMessage.waitForTaskToken", "Parameters": { "QueueUrl": "<SQS_QUEUE_URL>", "MessageBody": { "MessageTitle": "Payment sent to third-party for processing. Pausing workflow to wait for response.", "TaskToken.$": "$$.Task.Token" } }, "Next": "Notify Payment Success", "Catch": [ { "ErrorEquals": [ "States.ALL" ], "Next": "Notify Payment Failure" } ] }, "Notify Payment Success": { "Type": "Task", "Resource": "arn:<PARTITION>:states:::sns:publish", "Parameters": { "Message": "Payment processing succeeded. Resuming workflow.", "TopicArn": "<SNS_ARN>" }, "Next": "Workflow to Update Backend Systems" }, "Notify Payment Failure": { "Type": "Task", "Resource": "arn:<PARTITION>:states:::sns:publish", "Parameters": { "Message": "Payment processing failed.", "TopicArn": "<SNS_ARN>" }, "End": true }, "Workflow to Update Backend Systems": { "Comment": "Starting an execution of an Express workflow to handle backend updates. Express workflows are fast and cost-effective for steps where checkpointing isn't required.", "Type": "Task", "Resource": "arn:<PARTITION>:states:::states:startExecution.sync", "Parameters": { "StateMachineArn": "<UPDATE_DATABASE_EXPRESS_STATE_MACHINE_ARN>", "Input": { "AWS_STEP_FUNCTIONS_STARTED_BY_EXECUTION_ID.$": "$$.Execution.Id" } }, "Next": "Ship the Package" }, "Ship the Package": { "Type": "Task", "Resource": "arn:<PARTITION>:states:::sns:publish", "Parameters": { "Message": "Order and payment received, database is updated and the package is ready to ship.", "TopicArn": "<SNS_ARN>" }, "End": true } } }

Example IAM Role for the Parent State Machine

These example AWS Identity and Access Management (IAM) policies generated by the sample project include the least privilege necessary to execute the state machine and related resources. We recommend that you include only those permissions that are necessary in your IAM policies.

Amazon SNS policy:

{ "Version": "2012-10-17", "Statement": [ { "Action": [ "sns:Publish" ], "Resource": "arn:aws:sns:us-east-1:123456789012:Checkpoint-SNSTopic-wJalrXUtnFEMI", "Effect": "Allow" } ] }

Amazon SQS policy:

{ "Version": "2012-10-17", "Statement": [ { "Action": [ "sqs:SendMessage" ], "Resource": "arn:aws:sqs:us-east-1:123456789012:Checkpoint-SQSQueue-je7MtGbClwBF", "Effect": "Allow" } ] }

States execution policy:

{ "Version": "2012-10-17", "Statement": [ { "Action": [ "states:StartExecution", "states:DescribeExecution", "states:StopExecution" ], "Resource": "*", "Effect": "Allow" }, { "Action": [ "events:PutTargets", "events:PutRule", "events:DescribeRule" ], "Resource": "arn:aws:events:us-east-1:123456789012:rule/StepFunctionsGetEventsForStepFunctionsExecutionRule", "Effect": "Allow" } ] }

Example State Machine Code for the Nested State Machine (Express Workflows)

The state machine in this sample project updates backend information when called by the parent state machine.

Browse through this example state machine to see how Step Functions updates the different components of the mock e-commerce backend systems.

For more information about how AWS Step Functions can control other AWS services, see Using AWS Step Functions with other services.


                Selective checkpointing workflow.
{ "StartAt": "Update Order History", "States": { "Update Order History": { "Type": "Task", "Resource": "arn:aws:states:::lambda:invoke", "Parameters": { "FunctionName": "Checkpoint-UpdateDatabaseLambdaFunction-wJalrXUtnFEMI", "Payload": { "Message": "Update order history." } }, "Next": "Update Data Warehouse" }, "Update Data Warehouse": { "Type" : "Task", "Resource": "arn:aws:states:::lambda:invoke", "Parameters": { "FunctionName": "Checkpoint-UpdateDatabaseLambdaFunction-wJalrXUtnFEMI", "Payload": { "Message": "Update data warehouse." } }, "Next": "Update Customer Profile" }, "Update Customer Profile": { "Type": "Task", "Resource": "arn:aws:states:::lambda:invoke", "Parameters": { "FunctionName": "Checkpoint-UpdateDatabaseLambdaFunction-wJalrXUtnFEMI", "Payload": { "Message": "Update customer profile." } }, "Next": "Update Inventory" }, "Update Inventory": { "Type": "Task", "Resource": "arn:aws:states:::lambda:invoke", "Parameters": { "FunctionName": "Checkpoint-UpdateDatabaseLambdaFunction-wJalrXUtnFEMI", "Payload": { "Message": "Update inventory." } }, "End": true } } }

Example IAM Role for Child State Machine

This example AWS Identity and Access Management (IAM) policy generated by the sample project includes the least privilege necessary to execute the state machine and related resources. We recommend that you include only those permissions that are necessary in your IAM policies.

{ "Version": "2012-10-17", "Statement": [ { "Action": [ "lambda:InvokeFunction" ], "Resource": [ "arn:aws:lambda:us-east-1:123456789012:function:Example-UpdateDatabaseLambdaFunction-wJalrXUtnFEMI" ], "Effect": "Allow" } ] }

The following policy ensures that there are sufficient permissions for CloudWatch Logs.

{ "Version": "2012-10-17", "Statement": [ { "Action": [ "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries", "logs:PutResourcePolicy", "logs:DescribeResourcePolicies", "logs:DescribeLogGroups" ], "Resource": [ "*" ], "Effect": "Allow" } ] }

For information about how to configure IAM when using Step Functions with other AWS services, see IAM Policies for integrated services.