In this workshop you will use Amazon API Gateway, AWS Lambda and Amazon DynamoDB to build a Customer Ticketing application so we can provide a great experience to Wild Rydes users.
The Wild Rydes team wants this application to meet the following requirements:
- Users must be able to submit and view support tickets
- Users must be able to log in with their Facebook user id
- The application should use an entirely serverless architecture (we don't have an operations team to manage our infrastructure!)
- The application must be able to failover to another region in the case of a
disaster. The RTO and RPO must both be less than 15 minutes.
- RTO: Recovery time objective – the targeted duration of time and a service level within which a business process must be restored after a disaster.
- RPO: Recovery point objective – the maximum targeted period in which data might be lost from a service due to a major incident.
The application will utilize three layers:
- A UI layer built using HTML, Javascript and CSS and hosted directly from AWS S3
- An API layer built using Node.js running on AWS Lambda and exposed via Amazon API Gateway.
- A data layer storing customer tickets in DynamoDB.
For the purposes of this workshop, our failover is focused on the path from our application (in this case, a web application) through API Gateway, Lambda and DynamoDB. We do not address replication of the website UI layer itself to a second region, although this could be achieved using something like S3 Cross Region Replication.
The backend components will be replicated to the second region so that we can failover in the event of a disaster. In addition, all data in DynamoDB will be replicated from the primary region to the secondary region ensuring that our application data will be available when we failover.
A few additional components will be utilized to assist us including AWS Cognito to allow the application to authenticate users and authorize access to the API layer. AWS Route53 will be used for DNS and will allow us to perform health checks on our primary region, and upon detecting an issue, automatically switching to our secondary region using Route53 DNS updates.
This workshop is broken up into multiple modules. In each, we will walk through a high level overview of how to implement or test a part of this architecture. You will expand sections for detailed command or console instructions.
We will be using the following two regions for this workshop. Please remember these and check before creating resources to ensure you are in the correct region:
- Primary:
eu-west-1
(Ireland) - Secondary:
ap-southeast-1
(Singapore)
Using the two regions above for this workshop is mandatory. We will start with
eu-west-1
(Ireland). You will not deploy anything in ap-southeast-1
(Singapore)
until Module 3.
(please read these carefully and do not jump ahead and start setting things up unless specifically called out)
In order to complete this workshop you'll need an AWS Account with access to create AWS IAM, S3, DynamoDB, Lambda and API Gateway. The code and instructions in this workshop assume only one student is using a given AWS account at a time. If you try sharing an account with another student, you'll run into naming conflicts for certain resources - we do not recommend this as there may be unpredictable results or difficult to identify configuration issues.
You will also need to either purchase a domain, or repurpose an existing unused domain you already own. You will need to delegate DNS to Route53 if the domain is not already acquired through AWS. You may also need access to the email account associated with the domain name registration.
Our application requires a Facebook federated identity to allow users to login with an existing account. In order to set this up you will need a Facebook Developer account. You may set up the account now, but do not start configuring anything else yet.
You can sign up using this link.
Note that you will create the App ID later on in this guide using the website URL you will set up in Module 2.
To complete parts of this workshop you'll need the AWS Command Line Interface (CLI) installed on your local machine. Make sure you have the latest version installed.
If you are using the supplied EC2 AMI, this will already be done for you and there is no need to do anything else. The rest of this section is only needed if you choose to use your own computer for the workshop modules.
Follow the AWS CLI Getting Started guide to install and configure the CLI on your machine.
Please also configure an IAM user on the AWS account you intend to use with Programatic Access and run aws configure and supply the need Access Key and Secret Access Key. We recommend that this user have Administrator Access to the account for the duration of the workshop.
Again, if you use the supplied EC2 AMI, you don't need to set any of this up - it has been done for you.
README_InstallDevDependencies. Using the AMI is strongly suggested, but if you are an advanced user you may manually set these up on your workstation - see README_InstallDevDependencies for more info.
We recommend you use the latest version of Chrome or Firefox when testing the web application UI.
You will need a local text editor for making minor updates to configuration files. Good options are Atom, Sublime, VI/VIM, TextEdit or NotePad
We have already installed vi/vim on the provided EC2 AMI.