Fotower Gallery is a place where users can store and organise images.
This project is part of a learning experience into AWS infrastructure and the Serverless Framework. For now, the focus is to develop and host the backend of this platform.
- Getting Started
- Backend-as-a-Service: AWS/Serverless
- Deployment
- Upcoming Features
- License
- Acknowledgments
Setup aws cli
by following the steps in the AWS documentation. Setup serverless
by following the steps in the Serverless documentation.
Ensure that Python3.7 is installed. This can be obtained from the official Python website.
Finally, verify all required installations by executing the following commands:
aws --version
serverless --version
python3.7 --version
Configuring AWS CLI involves first creating a user through the Identity and Access Management (IAM) with Programmatic access, which provides an access key ID and a secret access key for various development tools, including AWS CLI.
NOTE: The secret access key is only visible right after user creation, so make sure to save it.
Execute the following command on your terminal configure and follow the prompts:
aws configure
This will create a folder named .aws
in your home directory containing your configuration and credentials. Serverless uses these files when interacting with AWS.
This step is not required to deploy the serverless application, but it provides virtual development environment where boto3
(and any other Python package) can be installed without affecting your global installation. To do this, navigate to services/
and execute the following commands:
pip3.7 install virtualenv
python3.7 -m virtualenv -p python3.7 env
source env/bin/activate
pip install -r requirements.txt
Remember to exit the virtual environment by executing the command:
deactivate
.
NOTE: This section is not required to deploy this project, however, it's just here for completeness.
A template project can be created by simply executing the following command on the folder you want to set as the root of your serverless application. You can specify what template to use depending on what programming language you want to use, check out the full list of available templates.
serverless create --template <template-name>
NOTE: The
serverless
andsls
commands can be used interchangably.
A dialog will appear asking you if you want to create a new project; enter Y
and follow the prompts.
AWS is a cloud platform consisting of a multitude of individual services targeting different usages (e.g. networking, compute, analytics, storage, etc.). Even though AWS has a user friendly console that allows users to access all these services, I will use the Serverless Framework to access all these services with in a programmatic way.
The serverless.yml
file contains all the configuration related to the way the code is deployed to all the relevant services.
For reference, check out this sample
serverless.yml
file containing all the possible settings that can be tweaked.
Serverless takes care of creating API Gateway resources, and linking them to a corresponding Lambda-proxy function, defined under functions
in the serverless.yml
file.
Boto3 is the AWS SDK for Python and it provides with low-level access to various AWS services.
Lambda functions are at the core of our tech stack. The following Amazon web services will be directly used:
- API Gateway: through a lambda-proxy integration (recommended by Serverless) the request processing and response formatting is conducted by the lambda function. This gives us direct control over the REST API. For more information, checkout the API Gateway integration documentation.
- DynamoDB: is being used to store picture metadata, as well as user information. The table configuration is done as a service in the
serverless.yml
file. - Cognito: is a user management system that allows us to restrict certain endpoints to authenticated users.
authorizer.py
is the middleware that verifies the validity of Authorization tokens found the headers of requests. This function sits in front of all the functions that require a token. - S3: the setup of the picture bucket can be found in
serverless.yml
; however, since the uploading of pictures is very frontend dependant this feature has not been implemented. Instead, pictures will be stored as base64 strings in DynamoDB.
The serverless code resides in the services/ directory of the repository. This folder contains the following important files:
- serverless.yml - This file is at the centre of a Serverless application. It contains all the configuration related to the way the code is deployed to all the relevant Amazon web services.
- apis/ - Contains
.py
files defining API handlers in the form of Lambda functions.
Looking in more depth at apis/:
apis
├── [auth]
│ ├── (auth.serverless.yml)
│ ├── authorizer.py
│ ├── login.py
│ └── signup.py
├── [feed]
│ ├── (feed.serverless.yml)
│ ├── fetch_feed.py
│ └── fetch_user_wall.py
├── [pictures]
│ ├── fetch_picture.py
│ ├── modify_picture.py
│ ├── (pictures.serverless.yml)
│ ├── remove_picture.py
│ └── upload_picture.py
└── [users]
├── delete_user.py
├── fetch_user.py
├── update_user.py
└── (users.serverless.yml)
- The folders in square brackets represent the 3 major API resources, all other resources fall under one of these three.
- The
*.serverless.yml
files in round brackets contain the serverless definitions of the functions in the same folder as them. These get imported to the mainserverless.yml
file. NOTE: All the file paths in these files are relative to theserverless.yml
file
Once aws
has been configured, you can deploy your serverless application using the following command:
sls deploy
NOTE: The
serverless
andsls
commands can be used interchangably.
serverless.yml
resource name abstraction.- Validation and error unification.
- API documentation using Swagger.
This project is licensed under the MIT License - see the LICENSE file for details
- Thanks to Alex DeBrie for a quick guide on how to Build a Python REST API with Serverless, Lambda, and DynamoDB.
- Thanks to Serverless Stack for a guide on how to organize serverless projects.
- Thanks to David García for a blog post about about using Cognito for user management and API Gateway integration.