Serverless web applications are among the most talked-about trends in the cloud engineering space and have been since the introduction of AWS Lambda back in 2014. Today, serverless architecture empowers teams to increase agility, scalability, and efficiency for customer-facing applications and critical workloads.
Of course, serverless web applications still run on servers, but many aspects of server management are AWS’s responsibility. You can focus on your application code and forget time-killing tasks like provisioning, configuring, and maintaining servers.
In this tutorial you will review two different scenarios of using AWS Lambda service:
Let's talk about main differencies between API Gateway and newly announced Lambda Function URL:
Function URLs are best for use cases where you must implement a single-function microservice with a public endpoint that doesn’t require the advanced functionality of API Gateway, such as request validation, throttling, custom authorizers, custom domain names, usage plans, or caching. For example, when you are implementing webhook handlers, form validators, mobile payment processing, advertisement placement, machine learning inference, and so on. It is also the simplest way to invoke your Lambda functions during research and development without leaving the Lambda console or integrating additional services.
Amazon API Gateway is a fully managed service that makes it easy for you to create, publish, maintain, monitor, and secure APIs at any scale. Use API Gateway to take advantage of capabilities like JWT/custom authorizers, request/response validation and transformation, usage plans, built-in AWS WAF support, and so on.
Note: All values used in this tutorial are conditional.
You will need:
Let's implement the given scenario:
First, you need to create a directory:
Define your provider:
The above is the simple Lambda function for use with API Gateway, which uploads your file to S3 bucket and returning a hard-coded "Hello your file has been uploaded!"
Each Lambda function must have an associated IAM role which dictates what access it has to other AWS services. The above configuration specifies a AWSLambdaBasicExecutionRole
role and AmazonS3FullAccess
managed policy attached.
Define variables:
Don't forget to add .gitignore
:
Before you can work with a new configuration directory, it must be initialized using terraform init
, which in this case will install the AWS provider:
Apply your configuration and respond to the confirmation prompt with a yes
:
Now, let's review our infrastucture in AWS Management console:
First, check our S3 bucket. Go to S3 Console:
You can get all the information about the bucket by clicking on it's name
Next, go to AWS Lambda console and select created function:
Finally, to see our API, go to API Gateway console and select it:
To test our API or to interact with API we need the endpoint of API, so go to the stages section from the sidebar and get the endpoint of API.
API Endpoint looks like:
https://xw0n4tuhn9.execute-api.us-west-1.amazonaws.com/test
I am going to use POSTMAN to test API, you can use any other tool or you can also call the endpoint from your project’s front-end.
In postman, your request would be like API endpoint followed by resource name, in this case, resource name /upload , and method type is POST. In the body part of the request go to a binary section and select any binary file and pass the name of that file in header with file-name field (for front-end you need to pass file-name in header of API endpoint request) and fire a query.
That’s it, you have configured successfully if you will get 200 Status code. You can go to S3 console and check file will be successfully uploaded:
Previously, if you wanted to expose a Lambda with an HTTP endpoint you would normally use the fully managed API Gateway service, this new feature will instead allow you to have an HTTPS URL that is directly connected to your Lambda function, cutting out the API Gateway middleman.
One great feature is the pricing. Lambda Function URLs are completely “free”. You’ll only ever be paying for the invocation and memory time, like a normal Lambda. This is one advantage over API Gateway which costs to integrate.
However, that doesn’t mean they’re a direct replacement for API Gateway. Instead, API Gateway provides more advanced features such as the ability of JWT/custom authorizers, request-response validation and transformation, usage plans, direct built-in AWS firewall support and more.
Let's start by creating a new branch:
The name of the branch is optional, you can choose your own.
Copy the S3.tf; lambda.tf; .gitignore; variables.tf
and provider.tf
files from the main
branch.
lambda.tf
file:Add the aws_lambda_function_url resource
And,
You can give an output to Function URL
.
Now, it's time to initialize new directory and apply the configuration:
And,
As you can see, Terraform will apply 11 resources, because we don't use API Gateway. Also it will give an output of Function URL after implementation.
Also you can access this URL directly from AWS Lambda console and open it in your browser.
We allow all the methos in our aws_lambda_function_url
resource, so you can choose any of available and test it.
In this guide you created an AWS Lambda function that produces a result compatible with Amazon API Gateway proxy resources and tested new Lambda Function URL.
Although the AWS Lambda function used in this guide is very simple. You can try out your own scenarios.
Once you are finished with this guide, you can destroy the example objects with Terraform.
Since the artifact zip files were created outside of Terraform, they must also be cleaned up outside of Terraform.
AWS Lambda
Documentation
Api Gateway
Terraform
S3
Lambda Function URL