Speed up application development on AWS with Serverless Rightstart Kit

Today, web applications have become a force that drives any business. The need for applications and their uses differs from one business to another. And there are a lot of modules common to all web applications like user management, API authentication, database, infra, ci/cd,… But when it comes to building an application, developers build all application modules from scratch up.

This phase of building and configuring the base of application is critical as it involves a lot of challenges, shape path of development and takes considerably more man-hours.

Web app = Common Modules + Business Modules

Serverless RightStart Kit (SRK) — The Solution

This is a bundle that contains base code, infrastructure, and CI/CD pipeline for the application you are going to start development is ready to be deployed with just one command sls deploy.

Here is the list of base modules and approach used by SRK to kick start the development,

1. Rest Api’s — Lambda + Node + Typescript
2. User Registration — Cognito User pools
3. API Authentication — API Gateway Authorizer
4. Database — Mysql RDS
5. DevOps CI/CD — Code Build + Code Pipeline
6. Schema Migrations — Sequelize

These are the major functionalities involved in an application. These items look simple, right? But the major challenge is to build these pieces from scratch up with a lot of factors like performance, security, availability on cloud platforms for every application you work on.

Just one command, sls deploy , your application infrastructure with CI/CD on AWS would be ready. Start writing your business logic code straightaway.

SRK would be the perfect platform to start building your application and customize it as your application needs.

Architecture:

Getting Started:

1. Download the SRK code from Github — Click here.
2. Install the dependencies in the local machine. npm install
3. Modify values at guided places in serverless.yml as per your application needs.
4. Push your code to AWS Code Commit (Github and Bitbucket support coming soon).
5. Now, execute sls deploy from your terminal. (Note: Default profile from AWS credentials is considered. AWS credentials for serverless can be configured as given here.)
6. All the resources will be created in the AWS account based on the credentials you provided in the previous step. You can view the progress under Cloud Formation service in the AWS Console.
7. Once, the CF Stack creation is completed, you are ready to go. Execute the API gateway endpoints shown as output once the sls deploy has completed. From here, any commits to the AWS Code Commit repository will trigger a build and your application will be updated.

Detailed Information:

Local Setup:

1. Download SRK code from Github — Click here.
2. Make sure serverless is installed in your machine — For reference.
3. Install dependencies by executing npm install
4. To run application in local npm run local . SRK uses serverless-offline plugin to simulate lambda function in the local environment.

Configuration:

In the serverless.yml file, set the following values based on your application needs.

AWS_ACCOUNT: #Your-Account-ID
DATABASE_NAME: 'serverless_rightstart_db'
DATABASE_USER: 'admin'
DATABASE_PASSWORD: 'some_password' #To be moved to Secrets Manager.
STAGE_NAME: 'dev'
REGION: 'us-east-1' #AWS region where resources are to be deployed
CODE_COMMIT_REPO_NAME: 'aws-serverless-rightstart'
CODE_COMMIT_REPO_URL: #Your-Repo-url-here
VPC_CIDR_BLOCK: 172.0.0.0/20
COGNITO_USER_POOL_NAME: serverless-rightstart-userpool

Create a Code Commit repository and provide the repository URL and Name in the configuration properties mentioned above. These will be used to set up Code Pipeline.

serverless.yml — Contains the configurations and lambda functions code.

Infra/base.yml — CloudFormation template to create basic infra resources like vpc, subnets, RDS, Security Groups, … as shown above.

Infra/cognito_auth.yml — CloudFormation template to create a Cognito user pool.

Lambda Functions/ Rest Endpoints:

SRK contains 5 endpoints demonstrating different use cases in each-

/api/user/register — POST call that creates a user in the Cognito user pool. Request JSON payload :

{
 "name" : "String",
 "email": "String",
 "password" : "String"
}

/api/user/login — POST call that authenticates the user from Cognito. It returns access_token , id_token and refresh_token. Request JSON payload:

{
 "username" : "String",
 "password" : "String"
}

/api/insert — POST call that inserts data into RDS MySql DB. Also, this endpoint is allowed only to authenticated requests. It should contain Authorization header with Bearer id_token obtained from the /api/user/login response. Request JSON payload:

{
  "name": "String",
  "email": "String",
  "id": Number
}

/api/update — POST call to update data in DB. This endpoint is also secured. It should contain Authorization header with Bearer id_token obtained from the /api/user/login response. Request JSON payload:

{
  "name": "String",
  "email": "String",
  "id": Number
}

/api/{userId} — GET call to fetch records from DB based on the userId path parameter. This endpoint is not secured and hence Authoriization header is not required.

Sequelize:
Sequelize is a Node.js ORM for MySql. SRK uses Sequelize for ORM and for schema migrations. For more information on Sequelize — Click here.

Deployment:
For the first time,

sls deploy — If you are using default AWS profile from aws credentials.

sls deploy --aws-profile my-profile — To provide the profile to use from aws credentials.

Thereafter, any commits to CodeCommit Repo will trigger a build action that deploys the latest code.

The current version of SRK suits perfectly for application development purposes focusing mainly on cost. For production, high availability has to be incorporated into SRK. I will be working on that and updating this repository soon. Stay tuned!

If you are interested in this project, feel free to contribute. It’s simple, fork this repo, add your code, send a pull-request.

Here’s the Github repository to Serverless RightStart Kit.

To Do:

1. Fine-grain policies. At this stage, IAM policies are not provided as part of this CF.
2. Github and bitbucket as a source to Code Pipeline.
3. Change RDS MySql to Aurora Mysql.
4. High Availability.