Summary

Summary

In this workshop, you have hands-on experience about:

Amazon DynamoDB

  • DynamoDB service
    • Creating a DynamoDB table.
    • Interact with a DynamoDB table from a Lambda functions.
    • Explore the items of a DynamoDB table using AWS Management Console.

AWS Lambda

  • Lambda service:
    • Creating Lambda functions.
    • Directly invoking Lambda functions:
      • Using AWS Management Console
      • Using AWS CLI
      • Using any HTTP client, e.g. a browser, curl, and function URL.
    • Synchronously invoking a Lambda (and wait for the response)
    • Using function URL to expose Lambda functions to public, unauthenticated users (that doesn’t have AWS credential).

AWS Identity and Access Management

You also understand about IAM works with Lambda and DynamoDB:

  • access permissions - permissions for other entities to access your functions - in other words, it’s how the IAM authenticate and authorize the invocation of your Lambda functions.

    • When invoking a Lambda function using AWS Management Console, you’re using the permission of the IAM credential you’ve logged in.
    • When invoking a Lambda function using AWS CLI, you’re using the permission of the IAM credential you’ve configured for AWS CLI.
    • When invoking a Lambda function using its public function, IAM still needs to authenticate/authorize that invocation (although IAM allow any principle which including unauthenticated users).

  • execution role - which provide permissions for functions to access other resources, e.g. DynamoDB table.

Recap

Let’s have a quick recap of the architecture of the workshop:

alt text

  • Our serverless CRUD API microservice is exposed via function URL.
  • The function URL is a public URL that can be accessed by anyone.
  • The routing to each CRUD operation is done by the consumer app via the unique function URL of each Lambda function.

You can see that exposing our serverless CRUD API microservice to public via function URL is not the best solution if we have more resources.

Although using too much function URLs is not a the suitable solution, a single function URL it’s still a quick, simple way to expose a Lambda function as a webhook (of course with basic authentication or IAM authentication).

What’s next?

If you’re interested in learning more about Lambda function URL, you can refer to the following resources:

Otherwise, you can follow the next workshop to learn about:

  • Managing the Lambda functions into a REST API with API Gateway.