DEV Community

Chris Straw
Chris Straw

Posted on

Amazon Web Services Sign-Up & Configuration - Part 4 of Implementing a RESTful API on AWS

Quick recap: this is a soup to nuts series covering implementing a full-featured REST API on AWS from the perspective of a long-time infrastructure engineer with a historical preference for Java-based solutions.

AWS Setup

1) Create your AWS account

Although some of the Serverless Framework videos are outdated, their AWS Account setup video provides a concise summary of how to sign up for a AWS account.

After that, however, we are going to ignore the Serverless Framework videos and suggestions regarding granting Serverless access to our AWS account.

2) Create Administrative user and group

You should now have an AWS account with a single 'root' user.

Amazon recommends that, as with OS best practices, you don't use the root account for everyday use, but instead create a separate Administrative user and group. You'll be using these credentials for your scripted CLI interaction with AWS. So unless you blindly trust every last random NPM module on the Internet, you'll probably want to go ahead and create these according to Amazon's instructions:

https://docs.aws.amazon.com/IAM/latest/UserGuide/getting-started_create-admin-group.html

You'll be (1) activating IAm access, (2) creating a user, and (3) creating an Administrator group. Note that the website lists two ways to do this; you only need to follow the console steps version.

3) Install Amazon's CLI

Once this is done, the next step is installing the Amazon Command Line Interface (CLI). Instructions can be found here. We'll install the newest version, which as of April 2021 is version 2 at:

https://awscli.amazonaws.com/AWSCLIV2.pkg

Note: the non-sudo "Install for me only" option defaults to an invalid installation location of "/usr/local" -- a directory that requires root permission (unlike /usr/local/bin) and therefore causes the installation to fail. So either fix this by changing the default location (e.g. to ~/Applications) and creating symlinks as described in the instructions (e.g. ln -s ~/Applications/aws-cli/aws /usr/local/bin/aws and ln -s ~/Applications/aws-cli/aws_completer /usr/local/bin/aws_completer) or install for all users on the computer if you have root access.

Once this is done, go ahead and verify installation of the CLI:

$ which aws
/usr/local/bin/aws 
$ aws --version
aws-cli/2.1.25 Python/3.7.4 Darwin/20.3.0 exe/x86_64 prompt/off
Enter fullscreen mode Exit fullscreen mode

4) Provide Your AWS Credentials to AWS CLI

With the CLI installed, we now need to provide it our credentials so that it can interact with AWS services. Basically, each IAM user account has cryptographic keys that are used to authenticate every request to AWS. Amazon has an explanation here:

https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html

We are going to run aws configure and provide our keys, which can be found by going to AWS's IAm user list page:

https://console.aws.amazon.com/iam/home#/users

then clicking our Administrator,
Alt Text
then selecting the "Security credentials"
Alt Text
Scroll down and select "Create Access Key."
Alt Text
This will create an (1) access key; and (2) secret key; pair.

Alt TextNote the various security warnings about keeping this information secret. (I immediately deleted this pair after creating it for this example.). Also note that you need to either copy/paste both somewhere or download the csv and store it in a safe place, as the secret key is unrecoverable.

Now, switch back to terminal, run aws configure, and provide our credentials:

$ aws configure
AWS Access Key ID [None]: <Our access key id, e.g. AKIA....>
AWS Secrete Access Key [None]: <Our secret access key>
Default region name [None]: <your region, e.g. 'us-east-2'>
Default output format [None]: <just hit enter, default is json>
Enter fullscreen mode Exit fullscreen mode

The AWS CLI will now have created two files storing this information: (1) ~/.aws/config and (2) ~/.aws/credentials. You should now be able to run:

$ aws iam list-users
Enter fullscreen mode Exit fullscreen mode

and receive a list of the AWS IAm users you have created (in this case, just 'Administrator').

5) Create our Empty Serverless Framework Project

We are almost done. Our last step is to create our skeleton Serverless Framework project. Make sure you are in whatever directory you keep your workspaces (e.g. ~/workspace/). Go ahead and run serverless. We will (1) create a new project; (2) of type 'AWS Node.js'; and (3) called 'MyRESTProject'. I personally (1) don't enable autoupdate of the Serverless Framework; and (2) turn on command line completion.

$ serverless
Serverless: No project detected. Do you want to create a new one? (Y/n) Y
Serverless: What do you want to make? (Use arrow keys)
> AWS Node.js
  AWS Python
  Other
Serverless: What do you want to call this project? MyRESTProject

Project successfully created in 'MyRESTProject' folder.

Serverless: Would you like the Framework to update automatically? (Y/n) n

Serverless: Would you like to setup a command line <tab> completion? (Y/n) Y

Serverless: Which Shell do you use? (use arrow keys)
  bash
> zsh
  fish
Serverless: We will install completion to ~/.zshrc, is it okay ? (Y/n) Y
Enter fullscreen mode Exit fullscreen mode

We can now go into our project folder and see we have an empty skeleton:

$ cd MyRESTProject
$ ls
handler.js    serverless.yml
Enter fullscreen mode Exit fullscreen mode

Now let's verify everything is working by deploying our empty skeleton to AWS using the serverless deploy command.

$ serverless deploy
Serverless: Packaging service...
Serverless: Excluding development dependencies...
Serverless: Creating Stack...
Serverless: Checking Stack create progress...
........
Serverless: Stack create finished...
Serverless: Uploading CloudFormation file to S3...
Serverless: Uploading artifacts...
Serverless: Uploading service myrestproject.zip file to S3 (392 B)...
Serverless: Validating template...
Serverless: Updating Stack...
Serverless: Checking Stack update progress...
...............
Serverless: Stack update finished...
Service Information
service: myrestproject
stage: dev
region: us-east-1
stack: myrestproject-dev
resources: 6
api keys:
  None
endpoints:
  None
functions:
  hello: myrestproject-dev-hello
layers:
  None
Enter fullscreen mode Exit fullscreen mode

We can further verify the deployment using AWS's CLI (be sure to specify the right region as listed in your output above):


$ aws cloudformation list-stacks --stack-status-filter UPDATE_COMPLETE --region us-east-1     
{
    "StackSummaries": [
        {
            "StackId": "arn:aws:cloudformation:us-east-1:--------:stack/myrestproject-dev/----------------",
            "StackName": "myrestproject-dev",
            "TemplateDescription": "The AWS CloudFormation template for this Serverless application",
            "CreationTime": "2021-04-25T14:38:32.549000+00:00",
            "LastUpdatedTime": "2021-04-25T14:39:07.745000+00:00",
            "StackStatus": "UPDATE_COMPLETE",
            "DriftInformation": {
                "StackDriftStatus": "NOT_CHECKED"
            }
        }
    ]
}
Enter fullscreen mode Exit fullscreen mode

Now we will go ahead and undeploy the test from AWS using serverless remove.

$ serverless remove
Serverless: Getting all objects in S3 bucket...
Serverless: Removing objects in S3 bucket...
Serverless: Removing Stack...
Serverless: Checking Stack delete progress...
..........
Serverless: Stack delete finished...

Serverless: Stack delete finished...
Enter fullscreen mode Exit fullscreen mode

And we can verify it uninstalled

$ aws cloudformation list-stacks --stack-status-filter DELETE_COMPLETE --region us-east-1
{ 
    "StackSummaries": [
        {
            "StackId": "arn:aws:cloudformation:us-east-1:---------:stack/myrestproject-dev/---------",
            "StackName": "myrestproject-dev",
            "TemplateDescription": "The AWS CloudFormation template for this Serverless application",
            "CreationTime": "2021-04-25T14:38:32.549000+00:00",
            "LastUpdatedTime": "2021-04-25T14:39:07.745000+00:00",
            "DeletionTime": "2021-04-25T14:43:25.069000+00:00",
            "StackStatus": "DELETE_COMPLETE",
            "DriftInformation": {
                "StackDriftStatus": "NOT_CHECKED"
            }
        },
Enter fullscreen mode Exit fullscreen mode

Next time, we'll go about explaining these files and then altering our directory structure to make it more useable.

Top comments (0)