dev diary 20251104

Building a Serverless App: From Local Testing to CI/CD with AWS SAM

Want to build a modern, scalable backend without managing servers? The AWS Serverless Application Model (SAM) is the perfect starting point. This guide breaks down the core steps, from setting up your development environment to securing your account and automating deployment.

Step 1: Develop Locally with AWS SAM

To speed up development, you must be able to test your AWS Lambda functions locally without deploying to the cloud constantly.

1. The SAM Project Structure
   A SAM project uses a specific folder hierarchy to keep configuration and code separate. When you manage your server settings, this structure is key:
   sam-app/
   ├── [README.md]
   ├── events/
   │ └── event.json # <- Input data (events) for local function testing
   ├── hello_world/
   │ ├── app.py # <- Complete source code for a Lambda function
   │ └── requirements.txt
   ├── samconfig.toml
   ├── template.yaml # <- Defines AWS resources and connections
   └── tests/
   └── ...

2. Defining Resources in template.yaml
   The template.yaml file is the blueprint for your entire application. It uses CloudFormation syntax to define how AWS resources are created and linked together.

3. This file defines resources such as Lambda functions, API Gateway endpoints, and data stores like DynamoDB or RDS.

4. It also manages endpoints and the necessary permissions for all components.

5. Local Emulation
   Use the AWS SAM CLI to run your code locally. This command-line tool provides a local emulator, allowing you to quickly test your functions using input data (events) you manage in the events/ directory.

Step 2: Automate Deployment with CI/CD

Once your code is ready, you need a robust process to get it to the cloud automatically.

• Commit to Git: Commit your code and configuration to a Git repository.
• Construct the Pipeline: Build a Continuous Integration/Continuous Deployment (CI/CD) pipeline (using AWS CodePipeline, GitHub Actions, etc.) to deploy automatically. This pipeline will trigger a full build, test, and deployment process whenever you push changes.

Monorepos and Deployment: Even with a monorepo structure (where you might use a tool like pnpm), you can configure SAM to deploy only the necessary parts of the serverless application folder.
Tip on Amplify: If you use AWS Amplify for your front end, your code is often automatically uploaded to S3 as part of its deployment process, streamlining your full-stack setup.

Secure Your AWS Account (Non-Negotiable First Steps!)

The very first action after creating an AWS account is to secure it. Never use the root user for daily tasks.

1. Create a Dedicated IAM User The root user has ultimate power. For everyday use, you must create a dedicated IAM (Identity and Access Management) user.
2. Log in as the root user, then navigate to IAM.
3. Select Users on the left menu and create a new user.
4. Set the User Name (e.g., your-dev-name).
5. Create a Group called Admins for development access.
6. Add the new user to the Admins group and grant console access with a password.
7. Add MFA to the Root User This is the most critical security measure.
8. Go to IAM and follow the prompts to add MFA (Multi-Factor Authentication) to the root user.
9. Choose a virtual MFA device (mobile app).
10. Use an application like Google Authenticator or Authy to scan the QR code. Your daily routine: Always log in to AWS with your IAM user, not the root user. I hope this structured post is perfect for your tech blog! Would you like me to draft a summary for social media promotion or suggest a follow-up topic?