--- title: '20 AWS Serverless Application Model (SAM)' disqus: hackmd --- :::info AWS Certified Developer Associate DVA-C01 ::: 20 AWS Serverless Application Model (SAM) === <style> img{ /* border: 2px solid red; */ margin-left: auto; margin-right: auto; width: 90%; display: block; } </style> ## Table of Contents [TOC] AWS SAM --- - serverless app model (sam) - framework for developing and deploying serverless apps - all config in yaml - generate complex cloudformation from simple SAM YAML file - supports anything from cloudformation - outputs, mappings, params, res etc. - only 2 commands to deploy to aws - sam can use codedeploy to deploy lambda funcs - sam can help you run lambda, api gateway, dynamodb locally - dont need to deploy lambda func to test it ### What it Looks Like - transform header indicating SAM template - `Transform: 'AWS::Serverless-2016-10-31'` - write code - `AWS::Serverless::Function` - lambda - `AWS::Serverless::Api` - api gateway - `AWS:Serverless::SimpleTable` - dynamodb - package and deploy - `aws cloudformation package / sam package` - `aws cloudformation deploy / sam deploy` ### SAM Deployment  - aws cloudformation package - upload code zip file to s3 - also transforms sam template into cloudformation template - generated templates will have a reference to s3 - aws cloudformation deploy - create and execute a change set - change set is figuring out how cloudformation shld take its existing state and move it to the next state based on modifications generated - cloudformation then applies it to our stack - stack may comprise of all services ### SAM Policy Templates - list of templates to apply perms to your lambda funcs - full list [here](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-policy-templates.html) - important examples - `S3ReadPolicy` - gives read only perms to objs in s3 - `SQSPollerPolicy` - allows to poll on sqs queue - `DynamoDBCrudPolicy` - create read update delete  - instead of creating iam role, attach policy in sam template instead ### SAM with CodeDeploy - sam framework natively uses codedeploy to update lambda functions - leverage traffic shifting feature using aliases - can also define pre and post traffic hooks features to validate deployment - before traffic shift starts and after it ends - easy & automated rollback using cloudwatch alarms  - trigger deployment in codedeploy - runs pre traffic hook test using another lambda func - optional - do traffic shifting with alias - then monitor cloudwatch alarm - optional - ensure everything goes well during deployment - once deployment and traffic shifting done, run post-traffic hook lambda func - also optional - runs some tests on your alias - if everything goes well, v1 func of alias goes away - only left with v2 ### Summary - sam is built on cloudformation - sam requires `Transform` and `Resources` section - commands to know - `sam build` - fetch dependencies and create local deployment artifacts - `sam package` - package and upload to amazon s3 - generate CF template - `sam deploy` - deploy to cloudformation - sam policy templates for easy iam policy definition - sam is integrated with codedeploy to do deploy to lambda aliases ### Console - https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-install-windows.html - follow this - windows just download a sam installer - use brew for mac and linux #### Init Project - use `sam init` to generate a sam template for your specific runtime - but can also create from scratch on your own  - can go to sam examples github for dummy code - https://github.com/aws/serverless-application-model  - example template yaml file - `Transform` means sam template - resource list - 1st res is function - handler shld be `<file name>.<function name>` - codeuri shld point to dir with the code  - create cli commands to generate your transformed cloudformation template - first create s3 bucket - next upload code and do transformation from aws cloudformation package - can also use `sam package` since sam is just shorthand for aws cloudformation  - generated template - codeuri now points to s3  - running package will also output a sample deploy cli command   - failed as didnt add `CAPABILITY_IAM` into your cli cmd   - once deployed, can go to cloudformation to check your stack out #### Adding API Gateway - look for api gateway in the examples github for ref  - example lambda func for api gateway demo  - add events segment in lambda func to create new api - func is invoked everytime a get req is called to /hello - rerun your cloudformation commands to create the new api gateway  - more resources created for your cloudformation - like api gateway and iam roles #### Adding DynamoDB - look for dynamodb example in github - actually prev api gateway example alr used dynamodb so we'll just use that  - example lambda func for adding of dynamodb - get region from os environment vars  - read doc for full list of properties u can pass into your simpletable segment - set provisioned throughput to save costs for this demo  - add your simpletable section in the yaml file  - can add env vars in your yaml template - table name refs the simpletable created - region refs a pseudo param `AWS::Region`  - rmb to add iam policy to your func - this basically gives a dynamodbcrudpolicy with ref to the table created to your lambda func  - sample function scans the dynamodb and returns it #### CloudFormation Designer and App Repository  - can see details of what was created in cloudformation from viewing the stack - pic above shows the template code  - can go actions > view designer  - high lvl view of what was created  - also when creating your lambda func, u have option to use aws serverless app repo - is basically sam templates created by a lot of people - can search through #### SAM with CodeDeploy  - using sam hello world python example  - codeploy yaml to be integrated with your template yaml  - add `AutoPublishAlias` in your lambda func section in template yaml - create new alias "live" - also deployment pref specific canary 10% 10 mins - 10% of traffic go to new ver for 10mins then shift 100%  - can also use `sam deploy --guided` instead of package and deploy - run `sam build` before  - live alias created  - can view codedeploy traffic shift from codedeploy console ###### tags: `AWS Developer Associate` `Notes`