DEV Community: Sergio Kaz The latest articles on DEV Community by Sergio Kaz (@skaznowiecki). https://dev.to/skaznowiecki https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F560698%2Ffeb2b42c-08a5-4410-817f-63aba4add81a.jpeg DEV Community: Sergio Kaz https://dev.to/skaznowiecki en Storage-first pattern using Serverless Sergio Kaz Fri, 07 Jun 2024 15:30:48 +0000 https://dev.to/skaznowiecki/storage-first-pattern-using-serverless-m6 https://dev.to/skaznowiecki/storage-first-pattern-using-serverless-m6 <p>Sometimes we have <strong>sensitive requests</strong> which we need to prepeare our systems to avoid losing it. Usually losing these requests mean that the company/product <strong>loses money</strong> or introduce issues in the product/application</p> <h2> Sensitive requests </h2> <ul> <li>Payment requests</li> <li>Delivery requests</li> <li>Webhooks with external information</li> </ul> <h2> Non-sensitive requests </h2> <ul> <li>List of users</li> <li>List of user-roles</li> <li>Endpoints for internal systems</li> </ul> <p>The main difference between <strong>sensitive</strong> and <strong>non-sensitive</strong> request is that sensitive requests in general, you can not re-send it or it's more difficult in comparison with non-sensitive request</p> <p>The idea behind of storage-first pattern, is basically to <strong>store</strong> the request information <strong>first</strong> ( in a high availability storage ) and <strong>process</strong> it <strong>later</strong> .</p> <h2> Why serverless is usefull in these cases ? </h2> <p>Using Serverless technologies like s3, sqs, kinesis, dynamodb gives you high availability without needing to pay for the provisioning. Using serverless storage you only pay per use.</p> <p>we're going to explain here different use-cases and pattern, and talk a bit about pricing</p> <h2> Use cases </h2> <p>Here, there are 3 kind of implementation of storage-first pattern : </p> <h3> SQS-based Queueing </h3> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F59v9zouzy8pbszpb7ptc.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F59v9zouzy8pbszpb7ptc.png" alt="Image description" width="600" height="255"></a></p> <p><strong>Ideal for</strong>: Payment processing, order fulfillment, webhook handling.</p> <p><strong>How it works</strong>:</p> <ul> <li>Request is immediately placed in an SQS queue.</li> <li>A separate process (Lambda function, ECS task, etc.) continuously polls the queue, processes messages, and performs necessary actions.</li> </ul> <p><strong>Benefits</strong></p> <ul> <li>Decouples request ingestion and processing.</li> <li>Ensures high availability and fault tolerance.</li> <li>Scales automatically to handle spikes in requests.</li> <li>Retry mechanism</li> </ul> <p><strong>Pricing example</strong> </p> <p>Processing per 1 M of requests </p> <ul> <li>SQS : $0.4</li> <li>API-GATEWAY (http): $1.00</li> <li><p><strong>Total : $1.4</strong>*</p></li> <li><p>This is an estimate of the pricing because we're not taking care of Data Transfer</p></li> </ul> <h3> DynamoDB </h3> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F256hov1sbx5kgmkm8mi9.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F256hov1sbx5kgmkm8mi9.png" alt="Image description" width="600" height="255"></a></p> <p><strong>Ideal for</strong>: Storing and retrieving sensitive request data quickly (e.g., payment details, delivery addresses)</p> <p><strong>How it works</strong></p> <ul> <li>Critical request data is stored in DynamoDB with a unique identifier.</li> <li>Subsequent processes can look up and update data in DynamoDB with low latency using DynamoDB streams.</li> </ul> <p><strong>Benefits</strong></p> <ul> <li>Fast and reliable data access.</li> <li>Serverless, scales automatically.</li> <li>Supports fine-grained access control.</li> </ul> <p><strong>Pricing example</strong> </p> <p>Processing per 1 M of requests </p> <ul> <li>DynamoDB (write) : $1.25</li> <li>API-GATEWAY (http): $1.00</li> <li><p><strong>Total : $2.25</strong>*</p></li> <li><p>This is an estimate of the pricing because we're not taking care of Data Transfer and Storage</p></li> </ul> <h3> S3 </h3> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1g75e2zhagx7xveukhkt.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1g75e2zhagx7xveukhkt.png" alt="Image description" width="600" height="255"></a></p> <p><strong>Ideal for</strong>: Storing raw request data for auditing, compliance, and analysis.</p> <p><strong>How it works:</strong></p> <ul> <li>Requests are stored as objects in S3.</li> <li>S3 triggers events (e.g., object creation) to notify other services for further processing or analysis.</li> </ul> <p><strong>Benefits</strong></p> <ul> <li>Durable and scalable storage.</li> <li>Cost-effective for long-term storage.</li> <li>Integrates with other AWS services.</li> </ul> <p><strong>Pricing example</strong> </p> <p>Processing per 1 M of requests </p> <ul> <li>S3 put(standard) : $5</li> <li>API-GATEWAY (http): $1.00</li> <li><p><strong>Total : $6</strong>*</p></li> <li><p>This is an estimate of the pricing because we're not taking care of Data Transfer and Storage</p></li> </ul> <p>If you want to go deeper on AWS storage first pattern I highly recommend the following <a href="https://aws.amazon.com/blogs/compute/building-storage-first-applications-with-http-apis-service-integrations/">link</a></p> serverless aws lambda s3 How to process CSV file at scale using Step Function and Lambda function ? Sergio Kaz Sat, 11 May 2024 23:44:41 +0000 https://dev.to/skaznowiecki/how-to-process-csv-file-at-scale-using-step-function-and-cdk--5akb https://dev.to/skaznowiecki/how-to-process-csv-file-at-scale-using-step-function-and-cdk--5akb <p>When you need to process CSV files, you usually write a simple script and it's enough, however everything tends to be more complex when you need to run it at scale. </p> <p>At scale means, tens or hundreds of millions of rows.</p> <h2> Challenges </h2> <p>When you need to process CSV at scale and repetitively, you need to take of these following things : </p> <ul> <li>Parallel processing. The idea is to split the work in multiple nodes</li> <li>Storage. Having big CSV you need to have a place to store it. </li> <li>Output. If you need to store the output in a Database, you need to take care of things like DB ( connections, iops, throughput )</li> </ul> <h2> Solution </h2> <p>Using <code>S3</code> + <code>Lambda</code> + <code>Step Functions</code> + <code>MapState</code> + <code>DynamoDB</code> you can solve the mentioned challenges, creating a Serverless solution and only pay for exactly what you used.</p> <p>For this example I used CDK V2 to write the IaC, however you can implement using any othe IaC</p> <h3> Architecture overview </h3> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhyre6rhrzkp0go8hij0n.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhyre6rhrzkp0go8hij0n.png" alt="Architecture" width="786" height="531"></a></p> <h3> Storage </h3> <p>S3 works really well if you need to store files to process later. It's deeply integrated with AWS services and it's <a href="https://aws.amazon.com/s3/pricing/">cost-effective</a></p> <p><strong>CDK code</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">bucket</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Bucket</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Bucket</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">bucketName</span><span class="p">:</span> <span class="dl">'</span><span class="s1">csv.data-lake.example.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">encryption</span><span class="p">:</span> <span class="nx">BucketEncryption</span><span class="p">.</span><span class="nx">S3_MANAGED</span> <span class="p">});</span> </code></pre> </div> <p><a href="https://github.com/skaznowiecki/parallel-processing-step-function/blob/main/lib/resources/csv-bucket.ts">Github Link</a></p> <h3> Storage output </h3> <p><a href="https://aws.amazon.com/dynamodb">DynamoDB</a> is a no relational database which has a <a href="https://aws.amazon.com/dynamodb/pricing/on-demand/">serverless provisioning</a> method where you pay per request and you don't need to take care of DB connections, iops, throughput</p> <p><strong>CDK code</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code> <span class="k">new</span> <span class="nc">Table</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="dl">'</span><span class="s1">CsvItemTable</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">tableName</span><span class="p">:</span> <span class="s2">`CsvItems`</span><span class="p">,</span> <span class="na">partitionKey</span><span class="p">:</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">pk</span><span class="dl">'</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="nx">AttributeType</span><span class="p">.</span><span class="nx">STRING</span><span class="p">,</span> <span class="p">},</span> <span class="na">billingMode</span><span class="p">:</span> <span class="nx">BillingMode</span><span class="p">.</span><span class="nx">PAY_PER_REQUEST</span> <span class="p">})</span> </code></pre> </div> <p><a href="https://github.com/skaznowiecki/parallel-processing-step-function/blob/main/lib/resources/csv-table.ts">Github Link</a></p> <h3> Processing </h3> <p>To process the CSV lines, I used a lambda function because it's really simple to step up. Other options could be ECS task using Fargate / or EKS. </p> <h4> Lambda definition </h4> <p><strong>CDK code</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">new</span> <span class="nx">lambda</span><span class="p">.</span><span class="nc">NodejsFunction</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="dl">'</span><span class="s1">ProcessCsvItems</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">functionName</span><span class="p">:</span> <span class="dl">'</span><span class="s1">process-csv-items</span><span class="dl">'</span><span class="p">,</span> <span class="na">entry</span><span class="p">:</span> <span class="s2">`</span><span class="p">${</span><span class="nx">__dirname</span><span class="p">}</span><span class="s2">/handler.ts`</span><span class="p">,</span> <span class="na">handler</span><span class="p">:</span> <span class="dl">'</span><span class="s1">handler</span><span class="dl">'</span><span class="p">,</span> <span class="na">runtime</span><span class="p">:</span> <span class="nx">Runtime</span><span class="p">.</span><span class="nx">NODEJS_18_X</span><span class="p">,</span> <span class="na">environment</span><span class="p">:</span> <span class="p">{</span> <span class="na">CSV_ITEM_TABLE_NAME</span><span class="p">:</span> <span class="nx">csvItemTable</span><span class="p">.</span><span class="nx">tableName</span><span class="p">,</span> <span class="p">},</span> <span class="na">bundling</span><span class="p">:</span> <span class="p">{</span> <span class="na">minify</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">nodeModules</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">uuid</span><span class="dl">'</span><span class="p">],</span> <span class="p">},</span> <span class="p">})</span> </code></pre> </div> <p><a href="https://github.com/skaznowiecki/parallel-processing-step-function/blob/main/lib/process-csv-items/handler.ts">Github Link</a></p> <h4> Lambda code </h4> <p>Here we receive items as an array and we store in DynamoDB using Batch Write.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">const</span> <span class="nx">handler</span><span class="p">:</span> <span class="nx">Handler</span><span class="o">&lt;</span><span class="nx">HandlerEvent</span><span class="o">&gt;</span> <span class="o">=</span> <span class="k">async </span><span class="p">({</span> <span class="nx">Items</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">command</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">BatchWriteCommand</span><span class="p">({</span> <span class="na">RequestItems</span><span class="p">:</span> <span class="p">{</span> <span class="p">[</span><span class="nx">CSV_ITEM_TABLE_NAME</span><span class="p">]:</span> <span class="nx">Items</span><span class="p">.</span><span class="nf">map</span><span class="p">((</span><span class="nx">item</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">({</span> <span class="na">PutRequest</span><span class="p">:</span> <span class="p">{</span> <span class="na">Item</span><span class="p">:</span> <span class="p">{</span> <span class="na">pk</span><span class="p">:</span> <span class="nf">uuid</span><span class="p">(),</span> <span class="p">...</span><span class="nx">item</span><span class="p">,</span> <span class="p">},</span> <span class="p">},</span> <span class="p">})),</span> <span class="p">},</span> <span class="p">})</span> <span class="k">await</span> <span class="nx">docClient</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="nx">command</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><a href="https://github.com/skaznowiecki/parallel-processing-step-function/blob/main/lib/process-csv-items/handler.ts">Github Link</a></p> <h3> Orchestrator </h3> <p>Step function is an orchestrator, where you can create state machines and integrate a wide range of AWS services, like Lambda function, ECS Task, EMR.</p> <p>This part is a bit challenging to understand because we're not using a CDK Level 3 constructor, we need to write most of the CloudFormation code.</p> <p>For this specifically case I used <a href="https://docs.aws.amazon.com/step-functions/latest/dg/amazon-states-language-map-state.html">Map State</a> which allows you to process a variety kind of files, like CSV, JSON.</p> <h4> Step Function - State defintion </h4> <p>Here you can specify different things like : </p> <ul> <li>CSVHeaderLocation -&gt; Header location</li> <li>MaxConcurrency -&gt; Max lambdas running at the same time</li> <li>MaxItemsPerBatch -&gt; The amount of items that our lambda function is going to receive</li> </ul> <p><strong>CDK code</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">new</span> <span class="nc">CustomState</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="dl">'</span><span class="s1">CsvToDynamoDBState</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">stateJson</span><span class="p">:</span> <span class="p">{</span> <span class="na">Type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Map</span><span class="dl">'</span><span class="p">,</span> <span class="na">ItemReader</span><span class="p">:</span> <span class="p">{</span> <span class="na">Resource</span><span class="p">:</span> <span class="dl">'</span><span class="s1">arn:aws:states:::s3:getObject</span><span class="dl">'</span><span class="p">,</span> <span class="na">ReaderConfig</span><span class="p">:</span> <span class="p">{</span> <span class="na">InputType</span><span class="p">:</span> <span class="dl">'</span><span class="s1">CSV</span><span class="dl">'</span><span class="p">,</span> <span class="na">CSVHeaderLocation</span><span class="p">:</span> <span class="dl">'</span><span class="s1">FIRST_ROW</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="na">Parameters</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">Bucket.$</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">$.bucket</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Key.$</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">$.key</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="p">},</span> <span class="na">ItemProcessor</span><span class="p">:</span> <span class="p">{</span> <span class="na">ProcessorConfig</span><span class="p">:</span> <span class="p">{</span> <span class="na">Mode</span><span class="p">:</span> <span class="dl">'</span><span class="s1">DISTRIBUTED</span><span class="dl">'</span><span class="p">,</span> <span class="na">ExecutionType</span><span class="p">:</span> <span class="dl">'</span><span class="s1">STANDARD</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="na">StartAt</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Lambda Invoke</span><span class="dl">'</span><span class="p">,</span> <span class="na">States</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">Lambda Invoke</span><span class="dl">'</span><span class="p">:</span> <span class="p">{</span> <span class="na">Type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Task</span><span class="dl">'</span><span class="p">,</span> <span class="na">Resource</span><span class="p">:</span> <span class="dl">'</span><span class="s1">arn:aws:states:::lambda:invoke</span><span class="dl">'</span><span class="p">,</span> <span class="na">OutputPath</span><span class="p">:</span> <span class="dl">'</span><span class="s1">$.Payload</span><span class="dl">'</span><span class="p">,</span> <span class="na">Parameters</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">Payload.$</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">$</span><span class="dl">'</span><span class="p">,</span> <span class="na">FunctionName</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">functionArn</span><span class="p">,</span> <span class="p">},</span> <span class="na">Retry</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">ErrorEquals</span><span class="p">:</span> <span class="p">[</span> <span class="dl">'</span><span class="s1">Lambda.ServiceException</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Lambda.AWSLambdaException</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Lambda.SdkClientException</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Lambda.TooManyRequestsException</span><span class="dl">'</span><span class="p">,</span> <span class="p">],</span> <span class="na">IntervalSeconds</span><span class="p">:</span> <span class="mi">2</span><span class="p">,</span> <span class="na">MaxAttempts</span><span class="p">:</span> <span class="mi">6</span><span class="p">,</span> <span class="na">BackoffRate</span><span class="p">:</span> <span class="mi">2</span><span class="p">,</span> <span class="p">},</span> <span class="p">],</span> <span class="na">End</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="p">},</span> <span class="p">},</span> <span class="na">MaxConcurrency</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="na">Label</span><span class="p">:</span> <span class="dl">'</span><span class="s1">CsvToDynamoDB</span><span class="dl">'</span><span class="p">,</span> <span class="na">End</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">ItemBatcher</span><span class="p">:</span> <span class="p">{</span> <span class="na">MaxItemsPerBatch</span><span class="p">:</span> <span class="mi">25</span><span class="p">,</span> <span class="p">},</span> <span class="p">},</span> <span class="p">})</span> </code></pre> </div> <p><a href="https://github.com/skaznowiecki/parallel-processing-step-function/blob/main/lib/step-function/parallel-process-step.ts">Github Link</a></p> <h4> Step Function - definition </h4> <p>In this part we defined the type of <code>StateMachine</code>, we need to define the permissions and the steps.</p> <p>Here, you need to create a role which can :</p> <ul> <li>Invoke a lambda function</li> <li>Get an object from S3</li> <li>Start the Step Function</li> </ul> <p><strong>CDK code</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">new</span> <span class="nc">StateMachine</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="dl">'</span><span class="s1">CsvToDynamoDBStateMachine</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">stateMachineName</span><span class="p">:</span> <span class="dl">'</span><span class="s1">parallel-processing-csv-to-dynamodb</span><span class="dl">'</span><span class="p">,</span> <span class="na">stateMachineType</span><span class="p">:</span> <span class="nx">StateMachineType</span><span class="p">.</span><span class="nx">STANDARD</span><span class="p">,</span> <span class="na">definitionBody</span><span class="p">:</span> <span class="nx">DefinitionBody</span><span class="p">.</span><span class="nf">fromChainable</span><span class="p">(</span><span class="nx">chain</span><span class="p">),</span> <span class="na">role</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Role</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="dl">'</span><span class="s1">StateMachineRole</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">assumedBy</span><span class="p">:</span> <span class="k">new</span> <span class="nc">ServicePrincipal</span><span class="p">(</span><span class="dl">'</span><span class="s1">states.amazonaws.com</span><span class="dl">'</span><span class="p">),</span> <span class="na">roleName</span><span class="p">:</span> <span class="dl">'</span><span class="s1">parallel-processing-csv-to-dynamodb-role</span><span class="dl">'</span><span class="p">,</span> <span class="na">inlinePolicies</span><span class="p">:</span> <span class="p">{</span> <span class="na">LambdaInvokePolicy</span><span class="p">:</span> <span class="k">new</span> <span class="nc">PolicyDocument</span><span class="p">({</span> <span class="na">statements</span><span class="p">:</span> <span class="p">[</span> <span class="k">new</span> <span class="nc">PolicyStatement</span><span class="p">({</span> <span class="na">effect</span><span class="p">:</span> <span class="nx">Effect</span><span class="p">.</span><span class="nx">ALLOW</span><span class="p">,</span> <span class="na">actions</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">lambda:InvokeFunction</span><span class="dl">'</span><span class="p">],</span> <span class="na">resources</span><span class="p">:</span> <span class="p">[</span><span class="nx">lambda</span><span class="p">.</span><span class="nx">functionArn</span><span class="p">],</span> <span class="p">}),</span> <span class="p">],</span> <span class="p">}),</span> <span class="na">S3GetObjectPolicy</span><span class="p">:</span> <span class="k">new</span> <span class="nc">PolicyDocument</span><span class="p">({</span> <span class="na">statements</span><span class="p">:</span> <span class="p">[</span> <span class="k">new</span> <span class="nc">PolicyStatement</span><span class="p">({</span> <span class="na">effect</span><span class="p">:</span> <span class="nx">Effect</span><span class="p">.</span><span class="nx">ALLOW</span><span class="p">,</span> <span class="na">actions</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">s3:GetObject</span><span class="dl">'</span><span class="p">],</span> <span class="na">resources</span><span class="p">:</span> <span class="p">[</span><span class="nx">bucket</span><span class="p">.</span><span class="nf">arnForObjects</span><span class="p">(</span><span class="dl">'</span><span class="s1">*</span><span class="dl">'</span><span class="p">)],</span> <span class="p">}),</span> <span class="p">],</span> <span class="p">}),</span> <span class="na">StepFunctionsStartExecutionPolicy</span><span class="p">:</span> <span class="k">new</span> <span class="nc">PolicyDocument</span><span class="p">({</span> <span class="na">statements</span><span class="p">:</span> <span class="p">[</span> <span class="k">new</span> <span class="nc">PolicyStatement</span><span class="p">({</span> <span class="na">effect</span><span class="p">:</span> <span class="nx">Effect</span><span class="p">.</span><span class="nx">ALLOW</span><span class="p">,</span> <span class="na">actions</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">states:StartExecution</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">states:DescribeExecution</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">states:StopExecution</span><span class="dl">'</span><span class="p">],</span> <span class="na">resources</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">*</span><span class="dl">'</span><span class="p">],</span> <span class="p">}),</span> <span class="p">],</span> <span class="p">}),</span> <span class="p">},</span> <span class="p">}),</span> <span class="p">})</span> </code></pre> </div> <p><a href="https://github.com/skaznowiecki/parallel-processing-step-function/blob/main/lib/step-function/index.ts">Github Link</a></p> <p>Here I left the repository link with the whole information about how to make the deploy to your own AWS account. <a href="https://github.com/skaznowiecki/parallel-processing-step-function/blob/main/README.md">Link</a></p> <p>Any question or feedback is welcome !</p> serverless stepfunctions typescript aws How to get insights from our dataset without writing code? Sergio Kaz Fri, 24 Jun 2022 19:56:29 +0000 https://dev.to/skaznowiecki/how-to-get-insights-from-our-dataset-without-writing-code-25nb https://dev.to/skaznowiecki/how-to-get-insights-from-our-dataset-without-writing-code-25nb <p>Data scientist spend most of their time (about 50% to 80%) cleaning, preparing and organizing data. </p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fetbg59lfklbsjegwx0ah.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fetbg59lfklbsjegwx0ah.png" alt="Time consuming for DS" width="800" height="539"></a></p> <p>There are many tools in the market to achieve this, however I'll show you one of the most powerful tools that I've ever seen.</p> <p>Wellcome <a href="https://aws.amazon.com/glue/features/databrew/">AWS Glue DataBrew</a></p> <h2> AWS Glue DataBrew </h2> <p>AWS Glue DataBrew is a new visual data preparation tool that makes it easy for data analysts and data scientists to clean and normalize data to prepare it for analytics and machine learning.</p> <h2> Why is so powerful ? </h2> <p>Because, you can clean, prepare and organize your data at scale only paying per amount of information and time spending.</p> <h2> Step by step using DataBrew to get insights </h2> <h3> Prerequisites </h3> <ul> <li>AWS Account</li> </ul> <h3> Create a bucket and upload your dataset </h3> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3g8zlq054iv95t4vmg1h.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3g8zlq054iv95t4vmg1h.png" alt="New bucket" width="800" height="455"></a></p> <p>You can create a new bucket clicking <a href="https://s3.console.aws.amazon.com/s3/bucket/create?region=us-east-1">here</a>. </p> <p>Once you create the bucket, you must to upload a dataset: this is the dataset which I'm using for this demo. <a href="https://github.com/bluetarget-ai/dataset-examples/blob/main/drivers.csv">Here</a></p> <h3> Set up the dataset on [DataBrew](<a href="https://us-east-">https://us-east-</a> </h3> <p>1.console.aws.amazon.com/databrew/home)</p> <p>First we need to connect your Dataset to DataBrew</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgk79ccax9qhn85w9n97k.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgk79ccax9qhn85w9n97k.png" alt="Connect your dataset" width="800" height="345"></a></p> <p>Here, you have different kind of ways to connect to your dataset. For this demo, we use <strong>Amazon S3</strong>.</p> <p>Now, you have to select your S3 Bucket (that you created before) and select the dataset.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fb1vfafmuazb4kgj76i83.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fb1vfafmuazb4kgj76i83.png" alt="Select the dataset" width="800" height="287"></a></p> <p>After that, click on <strong>Create</strong></p> <h3> Run data profile </h3> <p>Once, you have your connection, select your dataset and click on <strong>Run data profile</strong></p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fs2huv7rrmjk1p9xjxomt.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fs2huv7rrmjk1p9xjxomt.png" alt="Run data profile" width="800" height="298"></a></p> <p>There your are going to see, differents options like, number of rows that you want run the job, output file, etc.</p> <p>At the end of the form, you are going to see a section named <strong>Permissions</strong></p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmvbymwmqjmlxhhrpya3j.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmvbymwmqjmlxhhrpya3j.png" alt="Permission section" width="800" height="248"></a></p> <p>There you must to select, <strong>Create new IAM role</strong>, fill the role name and click on <strong>Create and run job</strong></p> <h3> Wait until the job finish </h3> <p>In the job section (Profile jobs), you'll see something like that: </p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3rnnn0krafj4n6688eni.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3rnnn0krafj4n6688eni.png" alt="Working" width="800" height="322"></a></p> <p>When the job finish, click on <strong>View data profile</strong> and you'll see something like that:</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F774o3m1yvi8vl8lihn84.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F774o3m1yvi8vl8lihn84.png" alt="Summary" width="800" height="311"></a></p> <p>Summary of the dataset and the correlation between variables</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fah7th6scs5gxhurn4qhc.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fah7th6scs5gxhurn4qhc.png" alt="Value distribution" width="800" height="234"></a></p> <p>Value distribution</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Faca30rujwngmd9jimuot.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Faca30rujwngmd9jimuot.png" alt="Columns summary" width="800" height="289"></a></p> <p>and columns summary!!</p> <p>Well, there are much more insights that you can get with DataBrew, this is a short introduction.</p> datascience machinelearning serverless beginners Deploy multiple machine learning models for inference using Lambda and CDK V2 Sergio Kaz Wed, 22 Jun 2022 14:39:04 +0000 https://dev.to/skaznowiecki/deploy-multiple-machine-learning-models-for-inference-using-lambda-and-cdk-v2-4fl5 https://dev.to/skaznowiecki/deploy-multiple-machine-learning-models-for-inference-using-lambda-and-cdk-v2-4fl5 <blockquote> <p>This article was base on this <a href="https://aws.amazon.com/blogs/machine-learning/deploy-multiple-machine-learning-models-for-inference-on-aws-lambda-and-amazon-efs/">post</a>, however in this case I'm using CDK V2</p> </blockquote> <p>You can take advantage of Lambda benefits for machine learning model inference with large libraries or pre-trained models. </p> <h2> Solution overview </h2> <p>For the inference Lambda function we use the Docker implementation in order to import the necessary libraries and load the ML Model. We're doing in this way because of the <a href="https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-limits.html">Lambda limits</a> (10 GB for container images and 50 MB for .zip files) in the deployment package size.</p> <p>We implement Amazon EFS as filesystem of Lambda function for inference, so now it’s even easier and faster to load large models and files to memory for ML inference workloads.</p> <p>To upload the ML models to your file system, we use a Lambda function that is triggered when you upload the model to your S3 bucket. (in the next picture, you're going to see the architecture)</p> <h2> Architecture overview </h2> <p>The following diagram illustrates the architecture of the solution.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4v1of2nlckfatsr8cuen.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4v1of2nlckfatsr8cuen.png" alt="Architecture overview" width="771" height="358"></a></p> <h2> AWS services </h2> <ul> <li>Amazon VPC ( required for Amazon EFS )</li> <li>Amazon S3</li> <li>Amazon EFS</li> <li>AWS Lambda</li> <li>Amazon API Gateway</li> </ul> <h2> Steps to create this architecture from scratch </h2> <p>We are using <strong>AWS CDK V2</strong> with TypeScript.</p> <p>The Docker for inference was created for <strong>scikit-learn</strong> requirement. You can customize the requirements file, to use the machine learning framework you want such as TensorFlow, PyTorch, xgboost, etc.</p> <h3> 1) Create VPC, EFS and Access Point </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">vpc</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Vpc</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">MLVpc</span><span class="dl">"</span><span class="p">);</span> </code></pre> </div> <p>We create a VPC because EFS needs to be inside one.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">fs</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">FileSystem</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">MLFileSystem</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="nx">vpc</span><span class="p">,</span> <span class="na">removalPolicy</span><span class="p">:</span> <span class="nx">RemovalPolicy</span><span class="p">.</span><span class="nx">DESTROY</span><span class="p">,</span> <span class="na">throughputMode</span><span class="p">:</span> <span class="nx">ThroughputMode</span><span class="p">.</span><span class="nx">BURSTING</span><span class="p">,</span> <span class="na">fileSystemName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">ml-models-efs</span><span class="dl">"</span><span class="p">,</span> <span class="p">});</span> </code></pre> </div> <p>Here, we create the EFS within our VPC. Something to keep in mind is the <strong>throughput mode</strong>.</p> <blockquote> <p>In bursting mode, the throughput of your file system depends on how much data you’re storing in it. The number of burst credits scales with the amount of storage in your file system. Therefore, if you have an ML model that you expect to grow over time and you drive throughput in proportion to the size, you should use burst throughput mode.<br> </p> </blockquote> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">accessPoint</span> <span class="o">=</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">addAccessPoint</span><span class="p">(</span><span class="dl">"</span><span class="s2">LambdaAccessPoint</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">createAcl</span><span class="p">:</span> <span class="p">{</span> <span class="na">ownerGid</span><span class="p">:</span> <span class="dl">"</span><span class="s2">1001</span><span class="dl">"</span><span class="p">,</span> <span class="na">ownerUid</span><span class="p">:</span> <span class="dl">"</span><span class="s2">1001</span><span class="dl">"</span><span class="p">,</span> <span class="na">permissions</span><span class="p">:</span> <span class="dl">"</span><span class="s2">750</span><span class="dl">"</span> <span class="p">},</span> <span class="na">path</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/export/lambda</span><span class="dl">"</span><span class="p">,</span> <span class="na">posixUser</span><span class="p">:</span> <span class="p">{</span> <span class="na">gid</span><span class="p">:</span> <span class="dl">"</span><span class="s2">1001</span><span class="dl">"</span><span class="p">,</span> <span class="na">uid</span><span class="p">:</span> <span class="dl">"</span><span class="s2">1001</span><span class="dl">"</span> <span class="p">}</span> <span class="p">});</span> </code></pre> </div> <p>Here, we add an access point that we're going to use in our lambda's functions to connect to EFS.</p> <h3> 2) Create S3 Bucket and Lambda function (to upload content from S3 to EFS) </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">bucket</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Bucket</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">MLModelsBucket</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">encryption</span><span class="p">:</span> <span class="nx">BucketEncryption</span><span class="p">.</span><span class="nx">S3_MANAGED</span><span class="p">,</span> <span class="na">bucketName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">machine-learning.models</span><span class="dl">"</span><span class="p">,</span> <span class="p">});</span> </code></pre> </div> <p>This is a basic configuration of S3 Bucket.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">MODEL_DIR</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">/mnt/ml</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">loadFunction</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">NodejsFunction</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">HandleModelUploaded</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">functionName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">handle-model-uploaded</span><span class="dl">"</span><span class="p">,</span> <span class="na">entry</span><span class="p">:</span> <span class="s2">`</span><span class="p">${</span><span class="nx">__dirname</span><span class="p">}</span><span class="s2">/functions/model-uploaded/handler.ts`</span><span class="p">,</span> <span class="na">handler</span><span class="p">:</span> <span class="dl">"</span><span class="s2">handler</span><span class="dl">"</span><span class="p">,</span> <span class="na">environment</span><span class="p">:</span> <span class="p">{</span> <span class="na">MACHINE_LEARNING_MODELS_BUCKET_NAME</span><span class="p">:</span> <span class="nx">bucket</span><span class="p">.</span><span class="nx">bucketName</span><span class="p">,</span> <span class="nx">MODEL_DIR</span><span class="p">,</span> <span class="p">},</span> <span class="nx">vpc</span><span class="p">,</span> <span class="na">filesystem</span><span class="p">:</span> <span class="nx">LambdaFileSystem</span><span class="p">.</span><span class="nf">fromEfsAccessPoint</span><span class="p">(</span><span class="nx">accessPoint</span><span class="p">,</span> <span class="nx">MODEL_DIR</span><span class="p">),</span> <span class="p">});</span> <span class="c1">//Permission settings</span> <span class="nx">bucket</span><span class="p">.</span><span class="nf">grantRead</span><span class="p">(</span><span class="nx">loadFunction</span><span class="p">);</span> <span class="nx">loadFunction</span><span class="p">.</span><span class="nf">addEventSource</span><span class="p">(</span> <span class="k">new</span> <span class="nc">S3EventSource</span><span class="p">(</span><span class="nx">bucket</span><span class="p">,</span> <span class="p">{</span> <span class="na">events</span><span class="p">:</span> <span class="p">[</span><span class="nx">EventType</span><span class="p">.</span><span class="nx">OBJECT_CREATED</span><span class="p">],</span> <span class="p">})</span> <span class="p">);</span> </code></pre> </div> <p>Here there are a few stuff to consider:</p> <p>1) VPC: You must to set up the same VPC of EFS in the lambda.<br> 2) MODEL_DIR: This is the path where you're going to store and load machine learning models.<br> 3) Event source: We're saying that every new object in the bucket is going to execute that lambda function.</p> <h3> 3) Lambda function (to make inference) and API Gateway </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">inferenceFunction</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">DockerImageFunction</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">InferenceModel</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">functionName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">inference-model</span><span class="dl">"</span><span class="p">,</span> <span class="na">code</span><span class="p">:</span> <span class="nx">DockerImageCode</span><span class="p">.</span><span class="nf">fromImageAsset</span><span class="p">(</span> <span class="s2">`</span><span class="p">${</span><span class="nx">__dirname</span><span class="p">}</span><span class="s2">/functions/model-inference`</span> <span class="p">),</span> <span class="na">environment</span><span class="p">:</span> <span class="p">{</span> <span class="nx">MODEL_DIR</span><span class="p">,</span> <span class="p">},</span> <span class="na">memorySize</span><span class="p">:</span> <span class="mi">10240</span><span class="p">,</span> <span class="na">timeout</span><span class="p">:</span> <span class="nx">Duration</span><span class="p">.</span><span class="nf">seconds</span><span class="p">(</span><span class="mi">30</span><span class="p">),</span> <span class="nx">vpc</span><span class="p">,</span> <span class="na">filesystem</span><span class="p">:</span> <span class="nx">LambdaFileSystem</span><span class="p">.</span><span class="nf">fromEfsAccessPoint</span><span class="p">(</span><span class="nx">accessPoint</span><span class="p">,</span> <span class="nx">MODEL_DIR</span><span class="p">),</span> <span class="p">});</span> </code></pre> </div> <p>We're using <strong>DockerImage</strong> as lambda function, because of package size. Remember the <a href="https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-limits.html">Lambda limits</a> (10 GB for container images and 50 MB for .zip files) in the deployment package size.</p> <p>We set up the maximum memory allowed because we're using an internal cache to avoid loading it on every request.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">api</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">RestApi</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">ApiGateway</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">restApiName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">inference-api</span><span class="dl">"</span><span class="p">,</span> <span class="na">defaultCorsPreflightOptions</span><span class="p">:</span> <span class="p">{</span> <span class="na">allowHeaders</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">*</span><span class="dl">"</span><span class="p">],</span> <span class="na">allowMethods</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">*</span><span class="dl">"</span><span class="p">],</span> <span class="na">allowOrigins</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">*</span><span class="dl">"</span><span class="p">],</span> <span class="p">}</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">todos</span> <span class="o">=</span> <span class="nx">api</span><span class="p">.</span><span class="nx">root</span><span class="p">.</span><span class="nf">addResource</span><span class="p">(</span><span class="dl">"</span><span class="s2">inference</span><span class="dl">"</span><span class="p">);</span> <span class="nx">todos</span><span class="p">.</span><span class="nf">addMethod</span><span class="p">(</span><span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span><span class="p">,</span> <span class="k">new</span> <span class="nc">LambdaIntegration</span><span class="p">(</span><span class="nx">inferenceFunction</span><span class="p">,</span> <span class="p">{</span> <span class="na">proxy</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}));</span> </code></pre> </div> <p>Finally, we create a Rest Api Gateway. We use ApiGateway V1 because CDK V2 hasn't released Api Gateway V2 as constructor yet.</p> <h2> Github </h2> <p>Let's take a look to our <a href="https://github.com/bluetarget-ai/ml-model-inference-poc">Github</a></p> machinelearning serverless datascience devops How to create a website using S3 + Certificate Manager + Cloud Front with CDK ? Sergio Kaz Wed, 05 May 2021 00:17:20 +0000 https://dev.to/skaznowiecki/how-to-create-a-website-using-s3-certificate-manager-cloud-front-using-cdk-3cen https://dev.to/skaznowiecki/how-to-create-a-website-using-s3-certificate-manager-cloud-front-using-cdk-3cen <h1> Prerequisites </h1> <p>Before start we need a few things installed on our computer. </p> <p>1) npm<br> 2) NodeJs + TypeScript(2.7 or later)<br> 3) <a href="https://docs.aws.amazon.com/cdk/latest/guide/getting_started.html">CDK</a></p> <p>After that we have to set up your aws credentials, to achieve that you can follow this <a href="https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/setup-credentials.html">link</a></p> <p>The last one, you should have created a hosted zone in AWS and delegate your domain. </p> <p>Well, we can start!!</p> <h1> Configure SSL certificate </h1> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">hostedZone</span> <span class="o">=</span> <span class="nx">HostedZone</span><span class="p">.</span><span class="nf">fromLookup</span><span class="p">(</span><span class="k">this</span><span class="p">,</span><span class="dl">"</span><span class="s2">myZone</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">domainName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">example.com</span><span class="dl">"</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">certificate</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">acm</span><span class="p">.</span><span class="nc">Certificate</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="s2">`myCertificate`</span><span class="p">,</span> <span class="p">{</span> <span class="na">domainName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">example.com</span><span class="dl">"</span><span class="p">,</span> <span class="na">subjectAlternativeNames</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">www.example.com</span><span class="dl">"</span><span class="p">],</span> <span class="na">validation</span><span class="p">:</span> <span class="nx">acm</span><span class="p">.</span><span class="nx">CertificateValidation</span><span class="p">.</span><span class="nf">fromDns</span><span class="p">(</span><span class="nx">hostedZone</span><span class="p">),</span> <span class="p">});</span> </code></pre> </div> <p>On the first part we got the hosted zone related to your domain. <br> After that we created the SSL certificate using <code>Certificate Manager</code>. Adding the key <code>validation</code> into the <code>CM</code>, <code>AWS</code> automatically add the necessary records to validate your domain. </p> <h1> Set up bucket </h1> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">bucket</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Bucket</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="s2">`myBucket`</span><span class="p">,</span> <span class="p">{</span> <span class="na">encryption</span><span class="p">:</span> <span class="nx">BucketEncryption</span><span class="p">.</span><span class="nx">S3_MANAGED</span><span class="p">,</span> <span class="na">bucketName</span><span class="p">:</span> <span class="s2">`your-bucket-name`</span><span class="p">,</span> <span class="na">cors</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">allowedMethods</span><span class="p">:</span> <span class="p">[</span><span class="nx">HttpMethods</span><span class="p">.</span><span class="nx">GET</span><span class="p">,</span> <span class="nx">HttpMethods</span><span class="p">.</span><span class="nx">HEAD</span><span class="p">],</span> <span class="na">allowedOrigins</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">*</span><span class="dl">"</span><span class="p">],</span> <span class="na">allowedHeaders</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">*</span><span class="dl">"</span><span class="p">],</span> <span class="p">},</span> <span class="p">],</span> <span class="p">});</span> </code></pre> </div> <p>In this way we create the bucket. It's recommended to use the domain's name as bucket's name and use a prefix to difference the environments. </p> <h2> Set up policy and CDNOAI </h2> <p>In this part, I am going to explain step by step, because It could be a bit confuse.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">CDNOAI</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">CfnCloudFrontOriginAccessIdentity</span><span class="p">(</span> <span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">myCDNOAI</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">cloudFrontOriginAccessIdentityConfig</span><span class="p">:</span> <span class="p">{</span> <span class="na">comment</span><span class="p">:</span> <span class="dl">"</span><span class="s2">S3 OAI</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">}</span> <span class="p">);</span> </code></pre> </div> <h3> What is cloud front origin access identity ? </h3> <blockquote> <p>An Origin Access Identity (OAI) is used for sharing private content via CloudFront. The OAI is a virtual user identity that will be used to give your CF distribution permission to fetch a private object from your origin server (e.g. S3 bucket).<br> </p> </blockquote> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">policy</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">iam</span><span class="p">.</span><span class="nc">PolicyStatement</span><span class="p">({</span> <span class="na">actions</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">s3:Get*</span><span class="dl">"</span><span class="p">],</span> <span class="na">effect</span><span class="p">:</span> <span class="nx">Effect</span><span class="p">.</span><span class="nx">ALLOW</span><span class="p">,</span> <span class="na">resources</span><span class="p">:</span> <span class="p">[</span><span class="nx">bucket</span><span class="p">.</span><span class="nx">bucketArn</span><span class="p">,</span> <span class="nx">bucket</span><span class="p">.</span><span class="nf">arnForObjects</span><span class="p">(</span><span class="dl">"</span><span class="s2">*</span><span class="dl">"</span><span class="p">)],</span> <span class="p">});</span> </code></pre> </div> <p>We created a policy to allow get object on the whole bucket.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">policy</span><span class="p">.</span><span class="nf">addCanonicalUserPrincipal</span><span class="p">(</span><span class="nx">CDNOAI</span><span class="p">.</span><span class="nx">attrS3CanonicalUserId</span><span class="p">);</span> </code></pre> </div> <p>We add our <code>CDNOAI</code> to our policy.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">bucketPolicy</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">BucketPolicy</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="s2">`myBucketPolicy`</span><span class="p">,</span> <span class="p">{</span> <span class="nx">bucket</span><span class="p">,</span> <span class="p">});</span> <span class="nx">bucketPolicy</span><span class="p">.</span><span class="nb">document</span><span class="p">.</span><span class="nf">addStatements</span><span class="p">(</span><span class="nx">policy</span><span class="p">);</span> </code></pre> </div> <p>The last step of this section is create a bucket policy and attach to it our policy.</p> <h2> Set up Cloud front </h2> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="kd">const</span> <span class="nx">cloudFront</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">cloudfront</span><span class="p">.</span><span class="nc">Distribution</span><span class="p">(</span> <span class="k">this</span><span class="p">,</span> <span class="s2">`myCloudFront`</span><span class="p">,</span> <span class="p">{</span> <span class="na">defaultBehavior</span><span class="p">:</span> <span class="p">{</span> <span class="na">origin</span><span class="p">:</span> <span class="k">new</span> <span class="nx">origins</span><span class="p">.</span><span class="nc">S3Origin</span><span class="p">(</span><span class="nx">bucket</span><span class="p">),</span> <span class="na">allowedMethods</span><span class="p">:</span> <span class="nx">AllowedMethods</span><span class="p">.</span><span class="nx">ALLOW_GET_HEAD</span><span class="p">,</span> <span class="na">viewerProtocolPolicy</span><span class="p">:</span> <span class="nx">ViewerProtocolPolicy</span><span class="p">.</span><span class="nx">REDIRECT_TO_HTTPS</span><span class="p">,</span> <span class="p">},</span> <span class="nx">certificate</span><span class="p">,</span> <span class="na">defaultRootObject</span><span class="p">:</span> <span class="dl">"</span><span class="s2">index.html</span><span class="dl">"</span><span class="p">,</span> <span class="na">domainNames</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">example.com</span><span class="dl">"</span><span class="p">],</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">errorResponses</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">ttl</span><span class="p">:</span> <span class="nx">Duration</span><span class="p">.</span><span class="nf">days</span><span class="p">(</span><span class="mi">1</span><span class="p">),</span> <span class="na">httpStatus</span><span class="p">:</span> <span class="mi">404</span><span class="p">,</span> <span class="na">responseHttpStatus</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="na">responsePagePath</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/index.html</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">{</span> <span class="na">ttl</span><span class="p">:</span> <span class="nx">Duration</span><span class="p">.</span><span class="nf">days</span><span class="p">(</span><span class="mi">1</span><span class="p">),</span> <span class="na">httpStatus</span><span class="p">:</span> <span class="mi">403</span><span class="p">,</span> <span class="na">responseHttpStatus</span><span class="p">:</span> <span class="mi">200</span><span class="p">,</span> <span class="na">responsePagePath</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/index.html</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">],</span> <span class="p">}</span> <span class="p">);</span> </code></pre> </div> <p>This is a basic cloudfront configuration. </p> <p>I want to highlight the <code>certificate</code> variable. It is the same certificate that we previously created.</p> <h2> Create A record </h2> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">new</span> <span class="nc">ARecord</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="s2">`myARecord`</span><span class="p">,</span> <span class="p">{</span> <span class="na">zone</span><span class="p">:</span> <span class="nx">hostedZone</span><span class="p">,</span> <span class="na">ttl</span><span class="p">:</span> <span class="nx">Duration</span><span class="p">.</span><span class="nf">minutes</span><span class="p">(</span><span class="mi">5</span><span class="p">),</span> <span class="na">target</span><span class="p">:</span> <span class="nx">RecordTarget</span><span class="p">.</span><span class="nf">fromAlias</span><span class="p">(</span><span class="k">new</span> <span class="nx">targets</span><span class="p">.</span><span class="nc">CloudFrontTarget</span><span class="p">(</span><span class="nx">cloudFront</span><span class="p">)),</span> <span class="na">recordName</span><span class="p">:</span> <span class="dl">"</span><span class="s2">example.com</span><span class="dl">"</span><span class="p">,</span> <span class="p">});</span> </code></pre> </div> <p>In this part we are going to create an A record within our hosted zone, and reference it with our cloud front. </p> <h1> GITHUB </h1> <p>This is my github, and here you are going to find a full complete example using CDK to create and deploy powerfull webapps!!</p> <p><a href="https://github.com/skaznowiecki/cdk-s3-cloudfront">https://github.com/skaznowiecki/cdk-s3-cloudfront</a></p> aws serverless typescript javascript