Forem: Vikas Garg The latest articles on Forem by Vikas Garg (@vikasgarghb). https://forem.com/vikasgarghb https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F343864%2F891bdd90-f75e-4dc1-912a-61c6cc656472.png Forem: Vikas Garg https://forem.com/vikasgarghb en Using PingAccess and PingFederate for Authentication and Authorization Vikas Garg Thu, 30 Sep 2021 19:49:04 +0000 https://forem.com/vikasgarghb/using-pingaccess-and-pingfederate-for-authentication-and-authorization-4igc https://forem.com/vikasgarghb/using-pingaccess-and-pingfederate-for-authentication-and-authorization-4igc <p>Recently, I came across PingIdentity's solution for authorization and authentication. There are multiple services provided by them, two of those are PingFederate and PingAccess. PingFederate, in simple terms, is the token provider. PingAccess is the gateway/proxy to your underlying services or APIs. More information on these two can be found <a href="https://developer.pingidentity.com/en.html" rel="noopener noreferrer">here</a>.</p> <p>In this post, I will focus more on what needs to happen in the services right from configuration and any code changes.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj3fqi6a5n0rg30g3mk5x.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fj3fqi6a5n0rg30g3mk5x.png" alt="don't give me hope"></a>Don't do that. Don't give me hope</p> <h2> Contents </h2> <ul> <li>PingAccess and PingFederate</li> <li>Services</li> <li>Getting the Token</li> <li>Call the APIs</li> <li>Decode the Token</li> <li>Conclusion</li> </ul> <h3> PingAccess and PingFederate <a></a> </h3> <p>First things first, you will need access to PingAccess and PingFederate. You can install them on your local machine as standalone services OR can have them running inside docker container. Ping provides pre-built docker images for each of their services. More info for the docker images can be found <a href="https://devops.pingidentity.com/reference/dockerImagesRef/" rel="noopener noreferrer">here</a>.</p> <p>For this post, I have these running inside docker containers. These containers need ping credentials to fetch the license information. You can get the credentials by registering on devops.pingidentity.com. Once you have registered, ping will send you your credentials which then needs to be passed to PingAccess and PingFederate containers either via environment variables (<code>PING_IDENTITY_DEVOPS_USER</code> and <code>PING_IDENTITY_DEVOPS_KEY</code>). You can either add these to the <code>docker-compose</code> OR use a <code>.env</code> file which is passed to <code>docker-compose up</code> command OR use <code>ping-devops</code> <a href="https://devops.pingidentity.com/get-started/pingDevopsUtil/" rel="noopener noreferrer">utility</a>. Sample <code>.env</code> file will look like this,</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> PING_IDENTITY_DEVOPS_USER=&lt;user name&gt; PING_IDENTITY_DEVOPS_KEY=&lt;user key&gt; </code></pre> </div> <p>and then you will start your containers like, <code>docker-compose --env-file .env up -d</code>.</p> <p>Once the containers are started, you will need to orchestrate both PingAccess and PingFederate with the information related to your service including the host and port the services will be available, client-id/secret for token, signing certificate etc. All the setup required for this post can be found <a href="https://github.com/vikasgarghb/blog-ping-id/blob/master/README.md#pingaccess-and-pingfederate" rel="noopener noreferrer">here</a>.<br> <a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fi2-download.imgflip.com%2F5otmr7.jpg" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fi2-download.imgflip.com%2F5otmr7.jpg" alt="Thanos"></a>Who wants Infinity Stones?</p> <h3> Services <a></a> </h3> <p>For this post, I am using 3 Spring Boot services but you are not restricted to using the same but can use services in other languages like nodeJS. The 3 services are,</p> <ul> <li>bff-service -- This service acts as a gateway to the other 2 API services by fetching and using the auth token from PingFederate.</li> <li>todo-service -- This is a simple service providing APIs to fetch and add todos. The service is behind the PingAccess proxy layer.</li> <li>tweet-service -- This is a simple service providing APIs to fetch and add tweets (not making call to twitter). The service is behind the PingAccess proxy layer.</li> </ul> <h3> Getting the Token <a></a> </h3> <p>In order to make calls to any of todo-service or tweet-service, we will need to get the token from PingFederate. For that to happen, we will need to the following pieces, clientId, clientSecret, grantType and audience. PingFederate provides an API to get the token after providing the required parameters in the request body.</p> <p>Let's setup bff-service to get the token. In application.yml,</p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">auth</span><span class="pi">:</span> <span class="na">tokenEndpoint</span><span class="pi">:</span> <span class="s">https://pingfederate:9031/as/token.oauth2</span> <span class="na">grantType</span><span class="pi">:</span> <span class="s">client_credentials</span> <span class="na">todo</span><span class="pi">:</span> <span class="na">serviceUrl</span><span class="pi">:</span> <span class="s">https://todo.pa.local:3000</span> <span class="na">audience</span><span class="pi">:</span> <span class="s">https://todo.pa.local:3000</span> <span class="na">clientId</span><span class="pi">:</span> <span class="s">todo_client</span> <span class="na">clientSecret</span><span class="pi">:</span> <span class="s">toomanysecrets</span> <span class="na">tweet</span><span class="pi">:</span> <span class="na">serviceUrl</span><span class="pi">:</span> <span class="s">https://tweet.pa.local:3000</span> <span class="na">audience</span><span class="pi">:</span> <span class="s">https://tweet.pa.local:3000</span> <span class="na">clientId</span><span class="pi">:</span> <span class="s">tweet_client</span> <span class="na">clientSecret</span><span class="pi">:</span> <span class="s">toomanysecrets</span> </code></pre> </div> <p><code>tokenEndpoint</code> - This is the PingFederate API endpoint to get the JWT token.<br> <code>serviceUrl</code> - This is the base url for your API service. This should be of the pattern: <code>&lt;virtual-host-on-pingaccess&gt;:&lt;application-port-for-pingaccess&gt;</code>. This url is same as what you set under Applications on PingAccess.</p> <p>The clientId and secret for individual services are the same ones you have setup on PingFederate, whereas the audience should match to what has been setup in the Access Token Manager on PingFederate.</p> <p>To fetch the token, you will need to add something like this in your code, add a <code>Token</code> class,</p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="kd">public</span> <span class="kd">class</span> <span class="nc">Token</span> <span class="o">{</span> <span class="nd">@JsonProperty</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"access_token"</span><span class="o">)</span> <span class="kd">private</span> <span class="kd">final</span> <span class="nc">String</span> <span class="n">accessToken</span><span class="o">;</span> <span class="nd">@JsonProperty</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"token_type"</span><span class="o">)</span> <span class="kd">private</span> <span class="kd">final</span> <span class="nc">String</span> <span class="n">tokenType</span><span class="o">;</span> <span class="nd">@JsonProperty</span><span class="o">(</span><span class="n">value</span> <span class="o">=</span> <span class="s">"expires_in"</span><span class="o">)</span> <span class="kd">private</span> <span class="kd">final</span> <span class="kt">int</span> <span class="n">expiresIn</span><span class="o">;</span> <span class="kd">private</span> <span class="kd">final</span> <span class="kt">long</span> <span class="n">expireAt</span><span class="o">;</span> <span class="o">}</span> </code></pre> </div> <p>Then add this method somewhere in your code,</p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="kd">public</span> <span class="nc">String</span> <span class="nf">getToken</span><span class="o">(</span><span class="nc">String</span> <span class="n">clientId</span><span class="o">,</span> <span class="nc">String</span> <span class="n">clientSecret</span><span class="o">,</span> <span class="nc">String</span> <span class="n">audience</span><span class="o">,</span> <span class="nc">String</span> <span class="n">grantType</span><span class="o">)</span> <span class="o">{</span> <span class="nc">HttpHeaders</span> <span class="n">httpHeaders</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">HttpHeaders</span><span class="o">();</span> <span class="n">httpHeaders</span><span class="o">.</span><span class="na">setContentType</span><span class="o">(</span><span class="nc">MediaType</span><span class="o">.</span><span class="na">APPLICATION_FORM_URLENCODED</span><span class="o">);</span> <span class="nc">MultiValueMap</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">,</span> <span class="nc">String</span><span class="o">&gt;</span> <span class="n">map</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">LinkedMultiValueMap</span><span class="o">&lt;&gt;();</span> <span class="n">map</span><span class="o">.</span><span class="na">add</span><span class="o">(</span><span class="s">"client_id"</span><span class="o">,</span> <span class="n">clientId</span><span class="o">);</span> <span class="n">map</span><span class="o">.</span><span class="na">add</span><span class="o">(</span><span class="s">"client_secret"</span><span class="o">,</span> <span class="n">clientSecret</span><span class="o">);</span> <span class="n">map</span><span class="o">.</span><span class="na">add</span><span class="o">(</span><span class="s">"audience"</span><span class="o">,</span> <span class="n">audience</span><span class="o">);</span> <span class="n">map</span><span class="o">.</span><span class="na">add</span><span class="o">(</span><span class="s">"grant_type"</span><span class="o">,</span> <span class="n">grantType</span><span class="o">);</span> <span class="nc">ResponseEntity</span><span class="o">&lt;</span><span class="nc">Token</span><span class="o">&gt;</span> <span class="n">response</span> <span class="o">=</span> <span class="n">restTemplate</span><span class="o">.</span><span class="na">postForEntity</span><span class="o">(</span><span class="n">tokenEndpoint</span><span class="o">,</span> <span class="k">new</span> <span class="nc">HttpEntity</span><span class="o">&lt;&gt;(</span><span class="n">map</span><span class="o">,</span> <span class="n">httpHeaders</span><span class="o">),</span> <span class="nc">Token</span><span class="o">.</span><span class="na">class</span><span class="o">);</span> <span class="k">return</span> <span class="n">response</span><span class="o">.</span><span class="na">getBody</span><span class="o">().</span><span class="na">getAccessToken</span><span class="o">();</span> <span class="o">}</span> </code></pre> </div> <p>Now before making any request to any of the todo or tweet service, we will first fetch the token and then pass it along.</p> <h3> Call the APIs <a></a> </h3> <p>Now we have seen how we can get the token. Next we will see how to use the token to make the API requests. In your code, you can create your request like,</p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="kd">public</span> <span class="nc">HttpEntity</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">&gt;</span> <span class="nf">getRequest</span><span class="o">(</span><span class="nc">String</span> <span class="n">clientId</span><span class="o">,</span> <span class="nc">String</span> <span class="n">clientSecret</span><span class="o">,</span> <span class="nc">String</span> <span class="n">audience</span><span class="o">)</span> <span class="o">{</span> <span class="nc">String</span> <span class="n">accessToken</span> <span class="o">=</span> <span class="n">tokenUtil</span><span class="o">.</span><span class="na">getToken</span><span class="o">(</span> <span class="n">clientId</span><span class="o">,</span> <span class="n">clientSecret</span><span class="o">,</span> <span class="n">audience</span><span class="o">,</span> <span class="n">grantType</span><span class="o">);</span> <span class="nc">HttpHeaders</span> <span class="n">httpHeaders</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">HttpHeaders</span><span class="o">();</span> <span class="n">httpHeaders</span><span class="o">.</span><span class="na">add</span><span class="o">(</span><span class="nc">HttpHeaders</span><span class="o">.</span><span class="na">AUTHORIZATION</span><span class="o">,</span> <span class="s">"Bearer "</span> <span class="o">+</span> <span class="n">accessToken</span><span class="o">);</span> <span class="n">httpHeaders</span><span class="o">.</span><span class="na">setContentType</span><span class="o">(</span><span class="nc">MediaType</span><span class="o">.</span><span class="na">APPLICATION_JSON</span><span class="o">);</span> <span class="k">return</span> <span class="k">new</span> <span class="nc">HttpEntity</span><span class="o">&lt;&gt;(</span><span class="n">httpHeaders</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <p>That's it. Once you have this setup, you can pass the request to any GET API (for POST APIs you will need to add the request body as well) to get the requested data.</p> <h3> Decode the Token <a></a> </h3> <p>Now, since the request has been made from bff-service to your API services via PingAccess using the token provided by PingFederate, there are 2 things you can do on the API Services.</p> <ol> <li>You can ignore the token altogether, given that the request is coming via PingAccess which has already established that the token is valid and only then it has let the request pass through. This is a BIG security loophole, as anyone who can get the knowledge of your API can exploit it by bypassing the PingAccess altogether by directly making the API requests.</li> <li>Check and verify the token. This will involve decoding the token and then performing any rule checks like audience matches, expiration and any other scope checks. Let's take a look at the config and code changes required on the individual service.</li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">spring</span><span class="pi">:</span> <span class="na">security</span><span class="pi">:</span> <span class="na">oauth2</span><span class="pi">:</span> <span class="na">resourceserver</span><span class="pi">:</span> <span class="na">jwt</span><span class="pi">:</span> <span class="na">jwk-set-uri</span><span class="pi">:</span> <span class="s">https://pingfederate:9031/ext/todoauthtoken/jwks</span> <span class="na">issuer-uri</span><span class="pi">:</span> <span class="s">https://pingfederate:9031</span> <span class="na">auth</span><span class="pi">:</span> <span class="na">audience</span><span class="pi">:</span> <span class="s">todo.pa.local:8082</span> </code></pre> </div> <p><code>jwk-set-uri</code> - This is the jwks url where the keys for your token is published on PingFederate.<br> <code>issuer-uri</code> - This is the token issuer. In our case it is PingFederate<br> <code>auth.audience</code> - This is the audience we are expecting in the token payload.</p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="nd">@Override</span> <span class="kd">protected</span> <span class="kt">void</span> <span class="nf">configure</span><span class="o">(</span><span class="nc">HttpSecurity</span> <span class="n">http</span><span class="o">)</span> <span class="kd">throws</span> <span class="nc">Exception</span> <span class="o">{</span> <span class="n">http</span><span class="o">.</span><span class="na">authorizeRequests</span><span class="o">().</span><span class="na">mvcMatchers</span><span class="o">(</span><span class="s">"/todos/**"</span><span class="o">).</span><span class="na">authenticated</span><span class="o">().</span><span class="na">and</span><span class="o">().</span><span class="na">oauth2ResourceServer</span><span class="o">().</span><span class="na">jwt</span><span class="o">();</span> <span class="o">}</span> <span class="nd">@Bean</span> <span class="kd">public</span> <span class="nc">JwtDecoder</span> <span class="nf">jwtDecoder</span><span class="o">()</span> <span class="o">{</span> <span class="nc">NimbusJwtDecoder</span> <span class="n">jwtDecoder</span> <span class="o">=</span> <span class="nc">NimbusJwtDecoder</span><span class="o">.</span><span class="na">withJwkSetUri</span><span class="o">(</span><span class="n">jwkSetUri</span><span class="o">).</span><span class="na">build</span><span class="o">();</span> <span class="nc">OAuth2TokenValidator</span><span class="o">&lt;</span><span class="nc">Jwt</span><span class="o">&gt;</span> <span class="n">audienceValidator</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AudienceValidator</span><span class="o">(</span><span class="n">audience</span><span class="o">);</span> <span class="nc">OAuth2TokenValidator</span><span class="o">&lt;</span><span class="nc">Jwt</span><span class="o">&gt;</span> <span class="n">withIssuer</span> <span class="o">=</span> <span class="nc">JwtValidators</span><span class="o">.</span><span class="na">createDefaultWithIssuer</span><span class="o">(</span><span class="n">issuer</span><span class="o">);</span> <span class="nc">OAuth2TokenValidator</span><span class="o">&lt;</span><span class="nc">Jwt</span><span class="o">&gt;</span> <span class="n">withAudience</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">DelegatingOAuth2TokenValidator</span><span class="o">&lt;&gt;(</span><span class="n">withIssuer</span><span class="o">,</span> <span class="n">audienceValidator</span><span class="o">);</span> <span class="n">jwtDecoder</span><span class="o">.</span><span class="na">setJwtValidator</span><span class="o">(</span><span class="n">withAudience</span><span class="o">);</span> <span class="k">return</span> <span class="n">jwtDecoder</span><span class="o">;</span> <span class="o">}</span> </code></pre> </div> <p>Add the above bean in your spring config. The <code>configure</code> method is telling Spring that the given APIs needs to be authenticated with a JWT else the request will be rejected. The <code>jwtDecoder</code> defined here will make use of the provided <code>jwkSetUri</code>, <code>issuer</code> and the custom validator (<code>AudienceValidator</code>) to validate the incoming token.</p> <p>Doing just this will secure your APIs with JWT and will reject the requests with no Authorization or invalid JWTs.</p> <h3> Conclusion <a></a> </h3> <p>Above approach is a sort of generic approach followed to secure your APIs using a Token Provider and Resource Server. Here I have used PingFederate but it can be replaced with any other available Token Providers like auth0, Okta etc.</p> <p>The full working code used in this post can be found here: </p> <div class="ltag-github-readme-tag"> <div class="readme-overview"> <h2> <img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev.to%2Fassets%2Fgithub-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"> <a href="https://github.com/vikasgarghb" rel="noopener noreferrer"> vikasgarghb </a> / <a href="https://github.com/vikasgarghb/blog-ping-id" rel="noopener noreferrer"> blog-ping-id </a> </h2> <h3> Application integration with PingAccess and PingFederate </h3> </div> </div> <p><br><br> <a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fi.kym-cdn.com%2Fphotos%2Fimages%2Foriginal%2F001%2F490%2F511%2F148.jpg" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fi.kym-cdn.com%2Fphotos%2Fimages%2Foriginal%2F001%2F490%2F511%2F148.jpg" alt="I see this as an absolute win"></a>I see this as an absolute win</p> pingaccess pingfederate authorization authention Feature Flags with Spring Boot Vikas Garg Tue, 07 Sep 2021 13:57:14 +0000 https://forem.com/vikasgarghb/feature-flags-with-spring-boot-3l1l https://forem.com/vikasgarghb/feature-flags-with-spring-boot-3l1l <p>Feature Flags is a very broad topic and have been coming back up regularly irrespective of what language you use. There are multiple platforms available which provide extensive support for managing your features external to the code or deployed as part of the code. Some of the examples are,</p> <ul> <li>LaunchDarkly</li> <li>Togglz</li> <li>Property (File) based and many more.</li> </ul> <h2> Table Of Contents </h2> <ul> <li>Problem at hand</li> <li>Project Setup</li> <li>Dependencies</li> <li>Feature Loading</li> <li>Enhancement</li> <li>Remarks</li> </ul> <h3> Problem at hand <a></a> </h3> <p>This article specifically targets a case where you can add a toggle check before any method you want before actually getting into the method execution. Be it at a controller level to prevent an API to be executed OR a service method OR a repository method. This pattern can be extended with any feature toggle implementation you use.</p> <p>Code for the blog can be found here. </p> <div class="ltag-github-readme-tag"> <div class="readme-overview"> <h2> <img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev.to%2Fassets%2Fgithub-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"> <a href="https://github.com/vikasgarghb" rel="noopener noreferrer"> vikasgarghb </a> / <a href="https://github.com/vikasgarghb/blog-feature-flags-spring" rel="noopener noreferrer"> blog-feature-flags-spring </a> </h2> <h3> Feature Flag Annotation usage with Spring Boot. </h3> </div> </div> <h3> Project Setup <a></a> </h3> <p>To begin with you will need,</p> <ul> <li>Java 11+</li> <li>Gradle 7+</li> <li>IDE of your choice</li> <li>Spring Boot 2.5.4+</li> </ul> <h3> Dependencies <a></a> </h3> <p>Apart from the other spring dependencies, you will need to include spring-aop and aspectjweaver. There are much documentation available for Aspect based programming with Spring. Won't go into much details about it. But one thing which this article focuses on is how aspect can be used to call a method before executing actual method.</p> <p>AspectJ's <code>@Before</code> annotation allows us to accomplish this. As long as correct pointcut expression is provided, the method decorated with this annotation will be called before the actual method.</p> <p>For eg,</p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="nd">@Before</span><span class="o">(</span><span class="s">"execution (* blog.vgarg.features..*(..)) &amp;&amp; @annotation(checkFeatureFlag)"</span><span class="o">)</span> <span class="kd">public</span> <span class="kt">void</span> <span class="nf">checkFeatureFlag</span><span class="o">(</span><span class="nc">JoinPoint</span> <span class="n">joinPoint</span><span class="o">,</span> <span class="nc">CheckFeatureFlag</span> <span class="n">checkFeatureFlag</span><span class="o">)</span> <span class="o">{</span> <span class="nc">String</span> <span class="n">flag</span> <span class="o">=</span> <span class="n">checkFeatureFlag</span><span class="o">.</span><span class="na">flag</span><span class="o">();</span> <span class="k">if</span> <span class="o">(!</span><span class="n">featureFlagService</span><span class="o">.</span><span class="na">isFeatureFlagSet</span><span class="o">(</span><span class="n">flag</span><span class="o">))</span> <span class="o">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nf">FeatureNotEnabledException</span><span class="o">();</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="nd">@CheckFeatureFlag</span><span class="o">(</span><span class="n">flag</span> <span class="o">=</span> <span class="s">"flags.goodmorning"</span><span class="o">)</span> <span class="nd">@GetMapping</span><span class="o">(</span><span class="s">"/good-morning"</span><span class="o">)</span> <span class="kd">public</span> <span class="nc">ResponseEntity</span><span class="o">&lt;</span><span class="nc">String</span><span class="o">&gt;</span> <span class="nf">getGoodMorning</span><span class="o">()</span> <span class="o">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nc">ResponseEntity</span><span class="o">&lt;&gt;(</span><span class="n">greetingService</span><span class="o">.</span><span class="na">getGoodMorning</span><span class="o">(),</span> <span class="nc">HttpStatus</span><span class="o">.</span><span class="na">OK</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <p><code>checkFeatureFlag</code> method will be executed by spring before <code>getGoodMorning</code> method gets executed.</p> <h3> Feature Loading <a></a> </h3> <p>So, for this post, I am using file based features but the approach can be extended to use with any other feature provider.</p> <div class="highlight js-code-highlight"> <pre class="highlight java"><code> <span class="kd">public</span> <span class="kd">interface</span> <span class="nc">FeatureFlagService</span> <span class="o">{</span> <span class="kt">boolean</span> <span class="nf">isFeatureFlagSet</span><span class="o">(</span><span class="nc">String</span> <span class="n">flag</span><span class="o">);</span> <span class="o">}</span> </code></pre> </div> <p>I have defined an interface with a simple single method to check the status of any given feature flag. As mentioned for this post the implementation reads the toggle from a file named, <code>featureflags.properties</code> residing in <code>src/main/resources</code> (can be anywhere as long as it is on classpath).</p> <h3> Enhancement <a></a> </h3> <p>As mentioned before this can be extended for other feature support providers. For eg, with launch darkly the implementation will involve using the SDK provided by them. As long as the LD setup is done correct way, using their SDK is pretty simple. More can be read <a href="https://docs.launchdarkly.com/sdk/server-side/java" rel="noopener noreferrer">here</a>.</p> <h3> Remarks <a></a> </h3> <p>This is very bare minimum implementation of the functionality and has the capability of being extended into more. This only applies when the feature check needs to be applied before the actual method. For eg, if a new API needs to be deployed but not released, this check can come in handy.</p> <p>But as any other solution this is not one size fits all solution. Would be happy to hear from the community what solutions have they tried.</p> features spring java Namespaced Stacks via SAM Vikas Garg Thu, 19 Nov 2020 21:22:22 +0000 https://forem.com/vikasgarghb/namespaced-stacks-via-sam-53c1 https://forem.com/vikasgarghb/namespaced-stacks-via-sam-53c1 <p><a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-command-reference.html" rel="noopener noreferrer">AWS SAM</a> is a nice tool when it comes to orchestrating a new serverless stack. It has its own quirks and shenanigans which needs to be worked around. One such was the lack of support for namespaced stacks, which could come in handy where you have multiple developers deploying in the same environment during development phase.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Ff2xgotklug4vrfykt6ay.jpg" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Ff2xgotklug4vrfykt6ay.jpg" alt="There can be only one!!"></a>There can be only one!!</p> <p>But thanks to <code>--config-file</code> samcli option, this has become possible. Here is my take on how we can establish this.</p> <h3> Create Sam Configuration File </h3> <p>You need to create a new configuration file, which will have the same contents as existing samconfig.toml file apart from some minor differences as highlighted below.</p> <p>samconfig.toml<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight toml"><code><span class="py">stack_name</span> <span class="p">=</span> <span class="s">"blog-sam-custom-namespace-dev"</span> <span class="py">s3_bucket</span> <span class="p">=</span> <span class="s">"aws-sam-cli-managed-default-samclisourcebucket-s7lq825ncn5b"</span> <span class="py">s3_prefix</span> <span class="p">=</span> <span class="s">"blog-sam-custom-namespace-dev"</span> <span class="py">region</span> <span class="p">=</span> <span class="s">"us-east-1"</span> <span class="py">capabilities</span> <span class="p">=</span> <span class="s">"CAPABILITY_NAMED_IAM"</span> <span class="py">parameter_overrides</span> <span class="p">=</span> <span class="s">""" Environment=dev NodeEnv=dev """</span> </code></pre> </div> <p>samconfig-jdoe.toml<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight toml"><code><span class="py">stack_name</span> <span class="p">=</span> <span class="s">"blog-sam-custom-namespace-jdoe"</span> <span class="py">s3_bucket</span> <span class="p">=</span> <span class="s">"aws-sam-cli-managed-default-samclisourcebucket-s7lq825ncn5b"</span> <span class="py">s3_prefix</span> <span class="p">=</span> <span class="s">"blog-sam-custom-namespace-jdoe"</span> <span class="py">region</span> <span class="p">=</span> <span class="s">"us-east-1"</span> <span class="py">capabilities</span> <span class="p">=</span> <span class="s">"CAPABILITY_NAMED_IAM"</span> <span class="py">parameter_overrides</span> <span class="p">=</span> <span class="s">""" Environment=jdoe NodeEnv=jdoe """</span> </code></pre> </div> <h3> Update your template </h3> <p>Update your template.yaml(or yml) like following,<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">S3UploaderFunction</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Serverless::Function</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">CodeUri</span><span class="pi">:</span> <span class="s">build/s3-uploader</span> <span class="na">Handler</span><span class="pi">:</span> <span class="s">index.handler</span> <span class="na">Role</span><span class="pi">:</span> <span class="kt">!Sub</span> <span class="s">${BlogSamCustomNamespaceRole.Arn}</span> <span class="na">Environment</span><span class="pi">:</span> <span class="na">Variables</span><span class="pi">:</span> <span class="na">ENV</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">Environment</span> <span class="na">NODE_ENV</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">NodeEnv</span> </code></pre> </div> <blockquote> <p>Note: If you have multiple functions, you can also move the environment variable declaration to Globals.</p> </blockquote> <h3> Handle or use environment in the code </h3> <p>Now, if you want to use the passed in environment, you can use it in following way (not limited to),<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">S</span><span class="err">#</span><span class="nx">_BUCKET</span> <span class="o">=</span> <span class="s2">`blog-sam-custom-namespace-bucket-</span><span class="p">${</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">ENV</span><span class="p">}</span><span class="s2">`</span><span class="p">;</span> </code></pre> </div> <h3> Deploy </h3> <p>Given you already have your AWS profile set and project built, you can run the following command to deploy,<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>sam deploy --config-file samconfig-jdoe.toml </code></pre> </div> <p>If everything goes well, you will get the stack deployed ending with your provided namespace.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Fmpn7lmyoj2ws5vnskwz8.gif" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fi%2Fmpn7lmyoj2ws5vnskwz8.gif" alt="We are all the same"></a>We are all the same</p> <p>Full code can be found <a href="https://github.com/vikasgarghb/blog-sam-custom-namespace" rel="noopener noreferrer">here</a>.</p> aws awssam RDS Proxy via SAM Vikas Garg Fri, 17 Jul 2020 20:21:27 +0000 https://forem.com/vikasgarghb/rds-proxy-via-sam-15gn https://forem.com/vikasgarghb/rds-proxy-via-sam-15gn <p>Databases, Serverless, Connection Pooling all these terms are pretty cool in isolation but can be intimidating when tried to use together. And to add to that managing the orchestration of these via SAM or CDK makes it more.<br> <a href="https://res.cloudinary.com/practicaldev/image/fetch/s--LSS7SOiU--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/tza9dkzhepcuy572wa13.gif" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--LSS7SOiU--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/tza9dkzhepcuy572wa13.gif" alt="Phoo, Phoo, Phoo"></a>Phoo, Phoo, Phoo</p> <p>AWS introduced <a href="https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-proxy.html">RDS Proxy</a> to handle some of the issues related to Connection Pooling. In this post, I will try to orchestrate my application to use RDS Proxy via SAM.</p> <h2> Table Of Contents </h2> <ul> <li>Secret</li> <li>IAM Role 1</li> <li>RDS Proxy</li> <li>Database Connection</li> <li>IAM Role 2</li> <li>Alternative to IAM Role 2</li> </ul> <h3> Secret <a></a> </h3> <p>In order for accessing the database, you need to create a secret in AWS SecretsManager. The secret will be using the username and password for the user you want to use to connect the database. You will need to encrypt the secret. You can use it by using the default encryption key provided by AWS OR can create one yourself.<br> <a href="https://res.cloudinary.com/practicaldev/image/fetch/s--OXk9FZ1M--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/fmdpyu9o5rzc6bjb7g2i.gif" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--OXk9FZ1M--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/fmdpyu9o5rzc6bjb7g2i.gif" alt="Can you keep the secret?"></a>Can you keep the secret?</p> <h3> IAM Role 1 <a></a> </h3> <p>Now you have the secret, but your user will need to have permissions to access the secret. For that you will need to add the following policy to your existing role OR create a new one.<br> </p> <div class="highlight"><pre class="highlight json"><code><span class="nl">"Statement"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Sid"</span><span class="p">:</span><span class="w"> </span><span class="s2">"GetSecretValue"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Action"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"secretsmanager:GetSecretValue"</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Effect"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Allow"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"arn:aws:secretsmanager:us-east-1:123456789012:secret:&lt;secretId&gt;"</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Sid"</span><span class="p">:</span><span class="w"> </span><span class="s2">"DecryptSecretValue"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Action"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"kms:Decrypt"</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Effect"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Allow"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"arn:aws:kms:us-east-1:123456789012:key/&lt;keyId&gt;"</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Condition"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"StringEquals"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"kms:ViaService"</span><span class="p">:</span><span class="w"> </span><span class="s2">"secretsmanager.&lt;region&gt;.amazonaws.com"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span></code></pre></div> <p>What this will do is get your role permissions to access the secret value using the encryption key.</p> <h3> RDS Proxy <a></a> </h3> <p>Now we need to setup the rds proxy. You can do this via Console OR also SAM, if you want to have separate proxy for each of your application (There is a limitation of 20 proxies per AWS Account, so might want to consider that before going this route). Anyways, here is how you can do it via SAM,<br> </p> <div class="highlight"><pre class="highlight json"><code><span class="err">Resources:</span><span class="w"> </span><span class="err">DBProxy:</span><span class="w"> </span><span class="err">Type:</span><span class="w"> </span><span class="err">AWS::RDS::DBProxy</span><span class="w"> </span><span class="err">Properties:</span><span class="w"> </span><span class="err">DBProxyName:</span><span class="w"> </span><span class="err">rds-proxy-test</span><span class="w"> </span><span class="err">EngineFamily:</span><span class="w"> </span><span class="err">MYSQL</span><span class="w"> </span><span class="err">RoleArn:</span><span class="w"> </span><span class="err">arn:aws:iam::</span><span class="mi">123456789012</span><span class="err">:role/&lt;role-with-permissions-to-access-secret&gt;</span><span class="w"> </span><span class="err">RequireTLS:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="err">Auth:</span><span class="w"> </span><span class="err">-</span><span class="w"> </span><span class="p">{</span><span class="err">AuthScheme:</span><span class="w"> </span><span class="err">SECRETS</span><span class="p">,</span><span class="w"> </span><span class="err">SecretArn:</span><span class="w"> </span><span class="err">arn:aws:secretsmanager:us-east</span><span class="mi">-1</span><span class="err">:</span><span class="mi">123456789012</span><span class="err">:secret:secret-you-created-earlier</span><span class="p">,</span><span class="w"> </span><span class="err">IAMAuth:</span><span class="w"> </span><span class="err">ENABLED</span><span class="p">}</span><span class="w"> </span><span class="err">VpcSubnetIds:</span><span class="w"> </span><span class="err">&lt;Comma-separated</span><span class="w"> </span><span class="err">list</span><span class="w"> </span><span class="err">of</span><span class="w"> </span><span class="err">vpc</span><span class="w"> </span><span class="err">ids</span><span class="w"> </span><span class="err">setup</span><span class="w"> </span><span class="err">for</span><span class="w"> </span><span class="err">your</span><span class="w"> </span><span class="err">DB&gt;</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="err">Out</span><span class="w"> </span><span class="err">of</span><span class="w"> </span><span class="err">scope</span><span class="w"> </span><span class="err">of</span><span class="w"> </span><span class="err">this</span><span class="w"> </span><span class="err">post</span><span class="w"> </span><span class="err">ProxyTargetGroup:</span><span class="w"> </span><span class="err">Type:</span><span class="w"> </span><span class="err">AWS::RDS::DBProxyTargetGroup</span><span class="w"> </span><span class="err">Properties:</span><span class="w"> </span><span class="err">DbProxyName:</span><span class="w"> </span><span class="err">!Ref</span><span class="w"> </span><span class="err">DBProxy</span><span class="w"> </span><span class="err">TargetGroupName:</span><span class="w"> </span><span class="err">default</span><span class="w"> </span><span class="err">InstanceIdentifiers:</span><span class="w"> </span><span class="err">-</span><span class="w"> </span><span class="err">Fn::ImportValue:</span><span class="w"> </span><span class="err">DBInstanceName</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="err">Name</span><span class="w"> </span><span class="err">of</span><span class="w"> </span><span class="err">your</span><span class="w"> </span><span class="err">RDS</span><span class="w"> </span><span class="err">instance</span><span class="w"> </span><span class="err">DependsOn:</span><span class="w"> </span><span class="err">DBProxy</span><span class="w"> </span></code></pre></div> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--6wAfwC6t--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/vpbche6reul8gmq5yl2q.gif" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--6wAfwC6t--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/vpbche6reul8gmq5yl2q.gif" alt="That's how you create it!!"></a>That's how you create it!!</p> <h3> Database Connection <a></a> </h3> <p>Now that you have your database, user setup and proxy created, you would like to make use of it in your code. Here is what you need to do (I used typeorm and mysql2 for managing the connections and types),<br> </p> <div class="highlight"><pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">connectionOptions</span> <span class="o">=</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">mysql</span><span class="dl">'</span><span class="p">,</span> <span class="na">host</span><span class="p">:</span> <span class="nx">config</span><span class="p">.</span><span class="nx">database</span><span class="p">.</span><span class="nx">host</span><span class="p">,</span> <span class="c1">// This is the RDS Proxy host and NOT the db host</span> <span class="na">port</span><span class="p">:</span> <span class="mi">3306</span><span class="p">,</span> <span class="na">username</span><span class="p">:</span> <span class="nx">config</span><span class="p">.</span><span class="nx">database</span><span class="p">.</span><span class="nx">username</span><span class="p">,</span> <span class="c1">// This needs to be the same user you have stored in secretsmanager </span> <span class="na">database</span><span class="p">:</span> <span class="nx">config</span><span class="p">.</span><span class="nx">database</span><span class="p">.</span><span class="nx">name</span><span class="p">,</span> <span class="na">entities</span><span class="p">:</span> <span class="p">[],</span> <span class="c1">// List of your entities</span> <span class="p">};</span> <span class="kd">const</span> <span class="nx">getDBConfig</span> <span class="o">=</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// Since we have IAM enabled on our proxy, we will make use of the token to authenticate and connect to the db.</span> <span class="kd">const</span> <span class="nx">signer</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">RDS</span><span class="p">.</span><span class="nx">Signer</span><span class="p">({</span> <span class="na">region</span><span class="p">:</span> <span class="nx">config</span><span class="p">.</span><span class="nx">region</span><span class="p">,</span> <span class="na">username</span><span class="p">:</span> <span class="nx">connectionOptions</span><span class="p">.</span><span class="nx">username</span><span class="p">,</span> <span class="na">hostname</span><span class="p">:</span> <span class="nx">connectionOptions</span><span class="p">.</span><span class="nx">host</span><span class="p">,</span> <span class="na">port</span><span class="p">:</span> <span class="nx">connectionOptions</span><span class="p">.</span><span class="nx">port</span><span class="p">,</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="nx">signer</span><span class="p">.</span><span class="nx">getAuthToken</span><span class="p">({</span> <span class="na">username</span><span class="p">:</span> <span class="nx">connectionOptions</span><span class="p">.</span><span class="nx">username</span><span class="p">,</span> <span class="p">});</span> <span class="k">return</span> <span class="p">{</span> <span class="p">...</span><span class="nx">connectionOptions</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="nx">token</span><span class="p">,</span> <span class="na">extra</span><span class="p">:</span> <span class="p">{</span> <span class="na">authPlugins</span><span class="p">:</span> <span class="p">{</span> <span class="na">mysql_clear_password</span><span class="p">:</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">():</span> <span class="kr">string</span> <span class="o">=&gt;</span> <span class="s2">`</span><span class="p">${</span><span class="nx">token</span><span class="p">}</span><span class="s2">\0`</span><span class="p">,</span> <span class="p">},</span> <span class="p">},</span> <span class="c1">// Drop minimum TLS version supported to 1.0.</span> <span class="na">ssl</span><span class="p">:</span> <span class="p">{</span> <span class="p">...</span><span class="nx">sslProfiles</span><span class="p">[</span><span class="dl">'</span><span class="s1">Amazon RDS</span><span class="dl">'</span><span class="p">],</span> <span class="na">minVersion</span><span class="p">:</span> <span class="dl">'</span><span class="s1">TLSv1</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="p">};</span> <span class="p">};</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">getDBConnection</span> <span class="o">=</span> <span class="k">async</span> <span class="p">():</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">Connection</span><span class="o">&gt;</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">CONNECTION_NAME</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">default</span><span class="dl">'</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">connectionManager</span> <span class="o">=</span> <span class="nx">getConnectionManager</span><span class="p">();</span> <span class="kd">let</span> <span class="na">connection</span><span class="p">:</span> <span class="nx">Connection</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="nx">connectionManager</span><span class="p">.</span><span class="nx">has</span><span class="p">(</span><span class="nx">CONNECTION_NAME</span><span class="p">))</span> <span class="p">{</span> <span class="nx">connection</span> <span class="o">=</span> <span class="nx">connectionManager</span><span class="p">.</span><span class="kd">get</span><span class="p">(</span><span class="nx">CONNECTION_NAME</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">connection</span><span class="p">.</span><span class="nx">isConnected</span><span class="p">)</span> <span class="p">{</span> <span class="nx">connection</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">connection</span><span class="p">.</span><span class="nx">connect</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">connection</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">createConnection</span><span class="p">(</span><span class="nx">getDBConfig</span><span class="p">());</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">connection</span><span class="p">;</span> <span class="p">};</span> </code></pre></div> <p>Not too bad. Seems pretty straightforward from configurations aspect.<br> <a href="https://res.cloudinary.com/practicaldev/image/fetch/s--sGut-qGw--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/2dual7xb43sl8z5lv291.gif" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--sGut-qGw--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/2dual7xb43sl8z5lv291.gif" alt="Don't you say that..."></a>Don't you say that...</p> <h3> Lambda </h3> <p>Your configuration is in place, now you just need to make your lambda do some db operations. It can be done simply like this,<br> </p> <div class="highlight"><pre class="highlight typescript"><code><span class="k">export</span> <span class="k">default</span> <span class="kd">const</span> <span class="nx">handler</span> <span class="o">=</span> <span class="k">async</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">connection</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">getConnection</span><span class="p">();</span> <span class="c1">// Perform db operations using connection</span> <span class="p">...</span> <span class="p">}</span> <span class="k">finally</span> <span class="p">{</span> <span class="k">await</span> <span class="p">(</span><span class="k">await</span> <span class="nx">getDBConnection</span><span class="p">()).</span><span class="nx">close</span><span class="p">();</span> <span class="p">}</span> <span class="p">};</span> </code></pre></div> <p>Simple!!! Yes, it is. But you will ask why are we explicitly closing the connection, shouldn't lambda take care of that for us? Well, the answer is Yes and No both.<br> <a href="https://res.cloudinary.com/practicaldev/image/fetch/s--VnPAeuQf--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/subtkkck05en5caimth9.gif" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--VnPAeuQf--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/subtkkck05en5caimth9.gif" alt="I am listening!!!"></a>I am listening!!!</p> <p>So, if you let AWS take care of closing the proxy connection, that's fine but AWS will keep the connection open for some unknown time and that connection, if reused will run into expired token problem, given the IAM token is very short-lived. This will probably happen in a frequently requested service.<br> But on the other hand, if you close the proxy connection after each lambda execution explicitly, each new lambda execution will create a new connection to proxy and you will get a new token to use.<br> <a href="https://res.cloudinary.com/practicaldev/image/fetch/s--xWbp1bLr--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/96lzty83hsztnftorytd.gif" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--xWbp1bLr--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/96lzty83hsztnftorytd.gif" alt="BAM"></a>BAM</p> <h3> IAM Role 2 <a></a> </h3> <p>Next up is your lambda execution role. This role can be the same as the one you used earlier OR a different one. Whichever you choose to go with, just make sure you have this policy attached to it,<br> </p> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Statement"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Effect"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Allow"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Action"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"rds-db:connect"</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"arn:aws:rds-db:us-east-1:123456789012:dbuser:prx-123456789/db-user"</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <p>Thing to note here is that you will be using the proxy resource id and NOT the RDS database resource id. DB user should be the same as what you stored in the secretsmanager.</p> <h3> Alternative to IAM Role 2 <a></a> </h3> <p>If you don't want to update the execution role, you can also specify the policy directly on your lambda function. You can do this via SAM like this,<br> </p> <div class="highlight"><pre class="highlight yaml"><code><span class="na">SomeLambdaFunction</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Serverless::Function</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">Description</span><span class="pi">:</span> <span class="s">Database Operations Function</span> <span class="na">FunctionName</span><span class="pi">:</span> <span class="s">db-function</span> <span class="na">Handler</span><span class="pi">:</span> <span class="s">db.handler</span> <span class="na">Role</span><span class="pi">:</span> <span class="kt">!Sub</span> <span class="s">${SomeRole.Arn}</span> <span class="na">Policies</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Version</span><span class="pi">:</span> <span class="s1">'</span><span class="s">2012-10-17'</span> <span class="na">Statement</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Effect</span><span class="pi">:</span> <span class="s">Allow</span> <span class="na">Action</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">rds-db:connect</span> <span class="na">Resource</span><span class="pi">:</span> <span class="pi">-</span> <span class="kt">!Sub</span> <span class="s">arn:aws:rds-db:us-east-1:123456789012:dbuser:prx-123456789/db-user</span> </code></pre></div> <p>That's it. RDS Proxy can be a great tool to use in a system where you need to do db heavy operations like multiple reads in parallel OR you have a system with a state machine fanning out multiple requests. This takes the connection pooling overhead out of the equation and lets you focus on the business side of things.</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--Vhd0fHoF--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/wecaxqd0tdjanwkcdh9h.gif" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--Vhd0fHoF--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/wecaxqd0tdjanwkcdh9h.gif" alt="Bazingaaa"></a>Bazingaaa</p> rdsproxy sam aws ASL Expressions with Step Functions Vikas Garg Tue, 16 Jun 2020 18:33:01 +0000 https://forem.com/vikasgarghb/asl-expressions-with-step-functions-jg2 https://forem.com/vikasgarghb/asl-expressions-with-step-functions-jg2 <p><a href="https://aws.amazon.com/step-functions/">Step Functions</a> are a great tool to coordinate multiple AWS services into serverless workflows. Your workflows can be linear OR conditionals OR parallel OR mapped. Each step can be a different service and inputs are passed from each step to another. More on this can be read <a href="https://docs.aws.amazon.com/step-functions/latest/dg/concepts-input-output-filtering.html">here</a>.<br> <a href="https://res.cloudinary.com/practicaldev/image/fetch/s--QPIh_hWC--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/nvuwtnot277irjgwn0px.gif" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--QPIh_hWC--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_66%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/nvuwtnot277irjgwn0px.gif" alt="Which is the odd one out?"></a>Which is the odd one out?</p> <p>So, this post is not about how step functions work and what can they do but in this post I would like to focus on how you can pass and process inputs. There are multiple ways to pass inputs between steps and process them before they are passed. By process, I mean validating any primitives OR clean any arrays etc.<br> <a href="https://res.cloudinary.com/practicaldev/image/fetch/s--PHjQyunB--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://miro.medium.com/max/400/1%2Ae5GJWv9b_7M8-H08kEBXSQ.jpeg" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--PHjQyunB--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://miro.medium.com/max/400/1%2Ae5GJWv9b_7M8-H08kEBXSQ.jpeg" alt="filter it out!!!"></a>filter it out!!!</p> <h2> Table of Contents </h2> <ul> <li>ASL</li> <li>Input Processing</li> <li>Operations</li> </ul> <h3> ASL <a></a> </h3> <p>Step functions definition can be defined using <a href="https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html">Amazon States Language</a>. More about it can be found <a href="https://states-language.net/spec.html">here</a>. It is a JSON-based structured language which defines various states and tasks performed by those states. An example state machine definition can be:<br> </p> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"Comment"</span><span class="p">:</span><span class="w"> </span><span class="s2">"This is a simple state machine"</span><span class="p">,</span><span class="w"> </span><span class="nl">"StartAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"InitialState"</span><span class="p">,</span><span class="w"> </span><span class="nl">"States"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"InitialState"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:lambda:us-east-1:123456789012:function:FUNCTION_NAME"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"MiddleState"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"MiddleState"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:lambda:us-east-1:123456789012:function:FUNCTION_NAME2"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"EndState"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"EndState"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:lambda:us-east-1:123456789012:function:FUNCTION_NAME3"</span><span class="p">,</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <h2> Input Processing <a></a> </h2> <p>Each state can accept InputPath, OutputPath, Parameters and ResultPath parameters. More info on this can be found <a href="https://docs.aws.amazon.com/step-functions/latest/dg/concepts-input-output-filtering.html">here</a>. There are 2 types of input here:</p> <ul> <li>One which is passed to the state machine. Eg, </li> </ul> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"comment"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Input comment."</span><span class="p">,</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"val1"</span><span class="p">:</span><span class="w"> </span><span class="mi">23</span><span class="p">,</span><span class="w"> </span><span class="nl">"val2"</span><span class="p">:</span><span class="w"> </span><span class="mi">17</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <ul> <li>Other which passed to each step. Eg, </li> </ul> <div class="highlight"><pre class="highlight json"><code><span class="nl">"MiddleState"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"InputPath"</span><span class="p">:</span><span class="w"> </span><span class="s2">"$.data"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:lambda:us-east-1:123456789012:function:FUNCTION_NAME2"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"EndState"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"val1"</span><span class="p">:</span><span class="w"> </span><span class="mi">23</span><span class="p">,</span><span class="w"> </span><span class="nl">"val2"</span><span class="p">:</span><span class="w"> </span><span class="mi">17</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <p>In the reminder of the post, we will talk about the 2nd type of input. <code>$</code> is a referential operator to refer to original input. <code>.</code> allows you to access any property in the input. For eg, <code>$.data</code> refers to the <code>data</code> property in your input object.</p> <h2> Operations <a></a> </h2> <p>As I mentioned earlier, you can pass inputs to each state in multiple ways. You can pass the output from previous step as input to next. You can skip the output from previous step and pass in the same input as previous step to next step. You can combine the output and input from previous step and then pass it entirely to next step. You can create your own input by picking properties from both input and output from previous step.<br> <a href="https://i.giphy.com/media/lffThFKTbC0hpf4KfP/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/lffThFKTbC0hpf4KfP/giphy.gif" alt="Confused!!!"></a>Confused!!!</p> <p>Won't go into solving that confusion, it can be read <a href="https://docs.aws.amazon.com/step-functions/latest/dg/concepts-input-output-filtering.html">here</a>.</p> <p>For the inputs validation or filtering, you can either handle that in your function, pass in the inputs as is and then in your code apply the validations.<br> <a href="https://i.giphy.com/media/tfdeUfV3RsVKE/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/tfdeUfV3RsVKE/giphy.gif" alt="Easy"></a>Easy</p> <p>But what if I don't want to do this in any function but want to handle it in the step definition itself. Yes, you can do that. ASL spec uses JSONPath to determine the inputs. Using JSONPath, you can accomplish some of the validations or filtering in the definition itself.</p> <h3> Subset of List </h3> <p>Sample Input<br> </p> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"list"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="w"> </span><span class="mi">3</span><span class="p">,</span><span class="w"> </span><span class="mi">4</span><span class="p">,</span><span class="w"> </span><span class="mi">5</span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <p><code>"InputPath": "$.list[1, 2]"</code>, will result into <code>[2, 3]</code> to be passed to the step.</p> <h3> Nested Property </h3> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"person"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"it"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"email"</span><span class="p">,</span><span class="w"> </span><span class="nl">"phone"</span><span class="p">:</span><span class="w"> </span><span class="s2">"phone"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <p><code>"InputPath": "$.person.email"</code>, will result into <code>"email"</code> to be passed to the step.</p> <h3> Nested Property for an item in the list </h3> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"persons"</span><span class="p">:</span><span class="w"> </span><span class="p">[{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"it1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"email1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"phone"</span><span class="p">:</span><span class="w"> </span><span class="s2">"phone1"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"it2"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"email2"</span><span class="p">,</span><span class="w"> </span><span class="nl">"phone"</span><span class="p">:</span><span class="w"> </span><span class="s2">"phone2"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"it3"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"email3"</span><span class="p">,</span><span class="w"> </span><span class="nl">"phone"</span><span class="p">:</span><span class="w"> </span><span class="s2">"phone3"</span><span class="w"> </span><span class="p">}]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <p><code>"InputPath": "$.persons[0].email"</code>, will result into <code>"email1"</code> to be passed to the step.<br> <code>"InputPath": "$.persons[*].email"</code>, will result into <code>["email1", "email2", "email3"]</code> to be passed to the step.</p> <h3> Logical Filtering </h3> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"scores"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"math"</span><span class="p">:</span><span class="w"> </span><span class="mi">10</span><span class="p">,</span><span class="w"> </span><span class="nl">"english"</span><span class="p">:</span><span class="w"> </span><span class="mi">20</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"math"</span><span class="p">:</span><span class="w"> </span><span class="mi">15</span><span class="p">,</span><span class="w"> </span><span class="nl">"english"</span><span class="p">:</span><span class="w"> </span><span class="mi">20</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"math"</span><span class="p">:</span><span class="w"> </span><span class="mi">5</span><span class="p">,</span><span class="w"> </span><span class="nl">"english"</span><span class="p">:</span><span class="w"> </span><span class="mi">20</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="kc">null</span><span class="p">,</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"math"</span><span class="p">:</span><span class="w"> </span><span class="mi">20</span><span class="p">,</span><span class="w"> </span><span class="nl">"english"</span><span class="p">:</span><span class="w"> </span><span class="mi">20</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="kc">null</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <p><code>"InputPath": "$.scores[(@.math &gt; 10)]"</code>, will result into <code>[{ "math": 15, "english": 20 }, { "math": 20, "english": 20 }]</code> to be passed to the step.<br> <code>"InputPath": "$.scores[(@ != null)]"</code>, will result into the same list without <code>null</code>s to be passed to the step.</p> <h3> Existence Check </h3> <div class="highlight"><pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"result"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"item"</span><span class="p">:</span><span class="w"> </span><span class="mi">12345</span><span class="p">,</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre></div> <p><code>"InputPath": "$.[?(@.result)].result.item"</code>, will result into <code>[12345]</code>. Basically this checks the existence of property in the root object.</p> <p>These are few of the examples which you can follow. A full list of supported operators can be found <a href="https://support.smartbear.com/alertsite/docs/monitors/api/endpoint/jsonpath.html#filters">here</a>.</p> <p><a href="https://i.giphy.com/media/o5HKScC1PflLO/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/o5HKScC1PflLO/giphy.gif" alt="You wish!!!"></a>You wish!!!</p> stepfunctions aws asl Streaming Files to S3 using Axios Vikas Garg Tue, 21 Apr 2020 14:35:36 +0000 https://forem.com/vikasgarghb/streaming-files-to-s3-using-axios-h32 https://forem.com/vikasgarghb/streaming-files-to-s3-using-axios-h32 <p>Recently, ran into a simple yet interesting problem (well not that interesting) about streaming file from one S3 location to another S3 location. You will argue that why can't you just use the aws-sdk's <a href="https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#copyObject-property">copyObject</a> method. Well, that method takes in source bucket/key and destination bucket/key which is fine but not available all the time. Like when file is coming from an external vendor.</p> <p>Consider a scenario, where you just have the url of the file. It can be anything like an end-point to an html page, OR a pre-signed url to another S3 location etc. How to copy that file? Couple of approaches could be,</p> <ul> <li>Manually download the file and then upload it to your S3 bucket.</li> <li>Have a UI interface to download the file and then upload it via some backend service call.</li> </ul> <p>How about we write a simple lambda function which takes in your url and destination S3 location and copies the file directly? Let's see how we can achieve that using available resources.</p> <h2> TOC </h2> <ul> <li>PreRequisites</li> <li>Wrong Solution 1</li> <li>Wrong Solution 2</li> <li>Correct Solution</li> <li>Conclusion</li> </ul> <h3> PreRequisites <a></a> </h3> <p>In order to try this out, you would need an AWS account (or can use localstack. See this if need to know how to work with <a href="https://dev.to/vikasgarghb/sam-local-with-localstack-4285">localstack</a>). For this post, we will use node environment, I am using Node 12.</p> <h3> Wrong Solution 1 <a></a> </h3> <p>Before arriving on the correct solution, we will walk through couple of wrong approaches. These are wrong mainly coz of incorrect usage of async/awaits. So, this goes like this,<br> </p> <div class="highlight"><pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">downloadFile</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">downloadUrl</span><span class="p">:</span> <span class="nx">string</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">any</span><span class="o">&gt;</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">axios</span><span class="p">.</span><span class="kd">get</span><span class="p">(</span><span class="nx">downloadUrl</span><span class="p">,</span> <span class="p">{</span> <span class="na">responseType</span><span class="p">:</span> <span class="dl">'</span><span class="s1">stream</span><span class="dl">'</span><span class="p">,</span> <span class="p">});</span> <span class="p">};</span> <span class="kd">const</span> <span class="nx">uploadFromStream</span> <span class="o">=</span> <span class="p">(</span><span class="na">fileResponse</span><span class="p">:</span> <span class="nx">AxiosResponse</span><span class="p">,</span> <span class="na">fileName</span><span class="p">:</span> <span class="nx">string</span><span class="p">,</span> <span class="na">bucket</span><span class="p">:</span> <span class="nx">string</span><span class="p">):</span> <span class="nx">PassThrough</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">s3</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">S3</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">passThrough</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">PassThrough</span><span class="p">();</span> <span class="nx">s3</span><span class="p">.</span><span class="nx">upload</span><span class="p">(</span> <span class="p">{</span> <span class="na">Bucket</span><span class="p">:</span> <span class="nx">bucket</span><span class="p">,</span> <span class="na">Key</span><span class="p">:</span> <span class="nx">fileName</span><span class="p">,</span> <span class="na">ContentType</span><span class="p">:</span> <span class="nx">fileResponse</span><span class="p">.</span><span class="nx">headers</span><span class="p">[</span><span class="dl">'</span><span class="s1">content-type</span><span class="dl">'</span><span class="p">],</span> <span class="na">Body</span><span class="p">:</span> <span class="nx">passThrough</span> <span class="p">},</span> <span class="p">(</span><span class="na">err</span><span class="p">:</span> <span class="nb">Error</span><span class="p">,</span> <span class="na">data</span><span class="p">:</span> <span class="nx">S3</span><span class="p">.</span><span class="nx">ManagedUpload</span><span class="p">.</span><span class="nx">SendData</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="k">throw</span> <span class="nx">err</span><span class="p">;</span> <span class="p">}</span> <span class="p">},</span> <span class="p">);</span> <span class="k">return</span> <span class="nx">passThrough</span><span class="p">;</span> <span class="p">};</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">handler</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="na">event</span><span class="p">:</span> <span class="nx">CopyEvent</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">downloadFile</span><span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">fileUrl</span><span class="p">);</span> <span class="nx">response</span><span class="p">.</span><span class="nx">data</span><span class="p">.</span><span class="nx">pipe</span><span class="p">(</span><span class="nx">uploadFromStream</span><span class="p">(</span><span class="nx">response</span><span class="p">,</span> <span class="nx">event</span><span class="p">.</span><span class="nx">fileName</span><span class="p">,</span> <span class="dl">'</span><span class="s1">test-bucket</span><span class="dl">'</span><span class="p">));</span> <span class="k">return</span> <span class="nx">event</span><span class="p">.</span><span class="nx">fileName</span><span class="p">;</span> <span class="p">};</span> </code></pre></div> <p>So, now when you run this function, the function will end successfully. But when you go to your S3 bucket and check it, the file is not there.</p> <p><a href="https://i.giphy.com/media/c20UV66B7zCWA/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/c20UV66B7zCWA/giphy.gif" alt="Where is my file?"></a>Where is my file?</p> <p>So, what went wrong? We didn't await on the <code>s3.upload</code>. The lambda function returned before the upload could finish. Let's add await and see what happens.</p> <h3> Wrong Solution 2 <a></a> </h3> <div class="highlight"><pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">uploadFromStream</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">fileResponse</span><span class="p">:</span> <span class="nx">AxiosResponse</span><span class="p">,</span> <span class="nx">fileName</span><span class="p">:</span> <span class="nx">string</span><span class="p">,</span> <span class="nx">bucket</span><span class="p">:</span> <span class="nx">string</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">PassThrough</span><span class="o">&gt;</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">s3</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">S3</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">passThrough</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">PassThrough</span><span class="p">();</span> <span class="k">await</span> <span class="nx">s3</span> <span class="p">.</span><span class="nx">upload</span><span class="p">({</span> <span class="na">Bucket</span><span class="p">:</span> <span class="nx">bucket</span><span class="p">,</span> <span class="na">Key</span><span class="p">:</span> <span class="nx">fileName</span><span class="p">,</span> <span class="na">ContentType</span><span class="p">:</span> <span class="nx">fileResponse</span><span class="p">.</span><span class="nx">headers</span><span class="p">[</span><span class="dl">'</span><span class="s1">content-type</span><span class="dl">'</span><span class="p">],</span> <span class="na">Body</span><span class="p">:</span> <span class="nx">passThrough</span> <span class="p">})</span> <span class="p">.</span><span class="nx">promise</span><span class="p">();</span> <span class="k">return</span> <span class="nx">passThrough</span><span class="p">;</span> <span class="p">};</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">handler</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="na">event</span><span class="p">:</span> <span class="nx">MovePdfEvent</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">string</span><span class="o">&gt;</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">downloadFile</span><span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">fileUrl</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">stream</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">uploadFromStream</span><span class="p">(</span><span class="nx">response</span><span class="p">,</span> <span class="nx">event</span><span class="p">.</span><span class="nx">fileName</span><span class="p">,</span> <span class="dl">'</span><span class="s1">test-bucket</span><span class="dl">'</span><span class="p">);</span> <span class="nx">response</span><span class="p">.</span><span class="nx">data</span><span class="p">.</span><span class="nx">pipe</span><span class="p">(</span><span class="nx">stream</span><span class="p">);</span> <span class="k">return</span> <span class="nx">event</span><span class="p">.</span><span class="nx">fileName</span><span class="p">;</span> <span class="p">};</span> </code></pre></div> <p>So, now when you run this function, the function will end successfully. But when you go to your S3 bucket and check it, the file is still not there.</p> <p><a href="https://i.giphy.com/media/iGvWZBfhOmBKEtWJmF/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/iGvWZBfhOmBKEtWJmF/giphy.gif" alt="Where is my file, again?"></a>Where is my file, again?</p> <p>So, what went wrong, again? This time we had await. Even after having await, we resolved the upload stream function before we passed it to stream here: <code>response.data.pipe</code>. So, how do we solve it? Thanks to <a class="comment-mentioned-user" href="https://dev.to/elthrasher">@elthrasher</a> , for figuring out the missing pieces. Let's see what they are.</p> <h3> Correct Solution <a></a> </h3> <div class="highlight"><pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">uploadFromStream</span> <span class="o">=</span> <span class="p">(</span> <span class="nx">fileResponse</span><span class="p">:</span> <span class="nx">AxiosResponse</span><span class="p">,</span> <span class="nx">fileName</span><span class="p">:</span> <span class="nx">string</span><span class="p">,</span> <span class="nx">bucket</span><span class="p">:</span> <span class="nx">string</span><span class="p">,</span> <span class="p">):</span> <span class="p">{</span> <span class="nl">passThrough</span><span class="p">:</span> <span class="nx">PassThrough</span><span class="p">;</span> <span class="nl">promise</span><span class="p">:</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">S3</span><span class="p">.</span><span class="nx">ManagedUpload</span><span class="p">.</span><span class="nx">SendData</span><span class="o">&gt;</span> <span class="p">}</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">s3</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">S3</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">passThrough</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">PassThrough</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">promise</span> <span class="o">=</span> <span class="nx">s3</span> <span class="p">.</span><span class="nx">upload</span><span class="p">({</span> <span class="na">Bucket</span><span class="p">:</span> <span class="nx">bucket</span><span class="p">,</span> <span class="na">Key</span><span class="p">:</span> <span class="nx">fileName</span><span class="p">,</span> <span class="na">ContentType</span><span class="p">:</span> <span class="nx">fileResponse</span><span class="p">.</span><span class="nx">headers</span><span class="p">[</span><span class="dl">'</span><span class="s1">content-type</span><span class="dl">'</span><span class="p">],</span> <span class="na">ContentLength</span><span class="p">:</span> <span class="nx">fileResponse</span><span class="p">.</span><span class="nx">headers</span><span class="p">[</span><span class="dl">'</span><span class="s1">content-length</span><span class="dl">'</span><span class="p">],</span> <span class="na">Body</span><span class="p">:</span> <span class="nx">passThrough</span><span class="p">,</span> <span class="p">})</span> <span class="p">.</span><span class="nx">promise</span><span class="p">();</span> <span class="k">return</span> <span class="p">{</span> <span class="nx">passThrough</span><span class="p">,</span> <span class="nx">promise</span> <span class="p">};</span> <span class="p">};</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">handler</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="na">event</span><span class="p">:</span> <span class="nx">CopyFileEvent</span><span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">string</span><span class="o">&gt;</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">responseStream</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">downloadFile</span><span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">fileUrl</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">passThrough</span><span class="p">,</span> <span class="nx">promise</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">uploadFromStream</span><span class="p">(</span><span class="nx">responseStream</span><span class="p">,</span> <span class="nx">event</span><span class="p">.</span><span class="nx">fileName</span><span class="p">,</span> <span class="dl">'</span><span class="s1">test-bucket</span><span class="dl">'</span><span class="p">);</span> <span class="nx">responseStream</span><span class="p">.</span><span class="nx">data</span><span class="p">.</span><span class="nx">pipe</span><span class="p">(</span><span class="nx">passThrough</span><span class="p">);</span> <span class="k">return</span> <span class="nx">promise</span> <span class="p">.</span><span class="nx">then</span><span class="p">((</span><span class="nx">result</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">result</span><span class="p">.</span><span class="nx">Location</span><span class="p">;</span> <span class="p">})</span> <span class="p">.</span><span class="k">catch</span><span class="p">((</span><span class="nx">e</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">throw</span> <span class="nx">e</span><span class="p">;</span> <span class="p">});</span> <span class="p">};</span> </code></pre></div> <p>So, now when you run this function, the function will end successfully. But now when you go to your S3 bucket and check it, the file is there.</p> <p><a href="https://i.giphy.com/media/aQYR1p8saOQla/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/aQYR1p8saOQla/giphy.gif" alt="Yay!!!"></a>Yay!!!</p> <p>So, what did we change? This time we returned the upload promise and also the pass through stream from our function and then piped that stream to response stream. And in the function we returned the upload promise, so that way the lambda function will wait for the promise to be either resolved or rejected before quitting.</p> <h3> Conclusion <a></a> </h3> <p>This looks simple but as you saw it was a bit tricky coz <code>async</code>/<code>await</code> are great but can become hairy and a dev's nightmare real soon. But anyways, correct usage of these helped us solve our problem at hand.</p> <p>Full code can be found <a href="https://github.com/vikasgarghb/file-stream-lambda">here</a>.</p> s3 axios stream async Step Functions with Localstack Vikas Garg Mon, 30 Mar 2020 21:27:21 +0000 https://forem.com/vikasgarghb/step-functions-with-localstack-42 https://forem.com/vikasgarghb/step-functions-with-localstack-42 <p>AWS State Machines are a great tool to co-ordinate the components of a distributed applications and microservices using visual workflows. Using the aws console to build and deploy step functions is great and easy. But it makes local development somewhat slow. So, as usual, I invested some time in trying to make this whole setup work with localstack.</p> <h2> Table of Contents </h2> <ul> <li>Tools</li> <li>Functions</li> <li>State Machine</li> <li>Run everything</li> </ul> <h3> Tools <a></a> </h3> <p>For this you will need to have,</p> <ul> <li><a href="//docker.com">Docker</a></li> <li>Node12.X</li> <li><a href="https://github.com/localstack/awscli-local" rel="noopener noreferrer">awscli-local</a></li> </ul> <h3> Functions <a></a> </h3> <p><a href="https://i.giphy.com/media/42HJ26S7bvbmVhcaR2/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/42HJ26S7bvbmVhcaR2/giphy.gif" alt="We are not talking calculus"></a>We are not talking calculus <br> By functions, we are talking lambda functions. For our case, we will have 2 functions: <code>createMatches</code> and <code>calculateRunRate</code>. Both are pretty simple functions. <code>createMatches</code> takes in the following input</p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code> <span class="p">{</span> <span class="nl">teamA</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="c1">// Team playing the match</span> <span class="nl">teamB</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="c1">// 2nd team playing the match</span> <span class="nl">numMatches</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="c1">// How many matches they are playing?</span> <span class="nl">matchType</span><span class="p">:</span> <span class="nx">MatchType</span><span class="p">;</span> <span class="c1">// Is it a T20 or ODI?</span> <span class="p">}</span> </code></pre> </div> <p>and it outputs an array of match results in the form,</p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code> <span class="p">{</span> <span class="nl">matchType</span><span class="p">:</span> <span class="nx">MatchType</span><span class="p">;</span> <span class="c1">// Is it a T20 or ODI?</span> <span class="nl">teamA</span><span class="p">:</span> <span class="nx">MatchScore</span><span class="p">;</span> <span class="c1">// How many runs scored, wickets lost, overs played?</span> <span class="nl">teamB</span><span class="p">:</span> <span class="nx">MatchScore</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p><code>calculateRunRate</code> then takes in the output of <code>createMatches</code> function as input and calculates the run rate for each team and returns it as,</p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code> <span class="p">{</span> <span class="nl">teamA</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="c1">// signed floating number</span> <span class="nl">teamB</span><span class="p">:</span> <span class="kr">number</span><span class="p">;</span> <span class="c1">// signed floating number</span> <span class="p">}</span> </code></pre> </div> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fqph.fs.quoracdn.net%2Fmain-qimg-9164bd0866d4e91e1ca4e7bc17bf31d9.webp" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fqph.fs.quoracdn.net%2Fmain-qimg-9164bd0866d4e91e1ca4e7bc17bf31d9.webp" alt="Run rates can be heart breaking"></a>Run rates can be heart breaking</p> <h3> State Machine <a> </a> </h3> <p>Now that we have our lambda functions in place, lets create the state machine. This is what our machine will look like,</p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Comment"</span><span class="p">:</span><span class="w"> </span><span class="s2">"State Machine to calculate net run rates for given teams."</span><span class="p">,</span><span class="w"> </span><span class="nl">"StartAt"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CreateMatches"</span><span class="p">,</span><span class="w"> </span><span class="nl">"States"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"CreateMatches"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:lambda:us-east-1:123456789012:function:CreateMatchesFunction"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Next"</span><span class="p">:</span><span class="w"> </span><span class="s2">"CalculateRunRate"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"CalculateRunRate"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"Type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Task"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Resource"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:lambda:us-east-1:123456789012:function:CalculateRunRateFunction"</span><span class="p">,</span><span class="w"> </span><span class="nl">"End"</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>This is a pretty straight-forward json file. The specs for each property can be read <a href="https://docs.aws.amazon.com/step-functions/latest/dg/amazon-states-language-state-machine-structure.html" rel="noopener noreferrer">here</a>. The state machine needs to specify a starting point, in this case it is the <code>CreateMatches</code> step. And then it also needs to be specify the end step.<br> <a href="https://i.giphy.com/media/6XeycPXa9f8s/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/6XeycPXa9f8s/giphy.gif" alt="The bowling machine"></a>The bowling machine</p> <h3> docker-compose </h3> <p>Now we will write the docker-compose.yml. This is pretty straight-forward, </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">version</span><span class="pi">:</span> <span class="s1">'</span><span class="s">3.7'</span> <span class="na">services</span><span class="pi">:</span> <span class="na">localstack</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">localstack/localstack</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">DATA_DIR=/tmp/localstack/data</span> <span class="pi">-</span> <span class="s">SERVICES=lambda</span> <span class="pi">-</span> <span class="s">TZ=America/New_York</span> <span class="pi">-</span> <span class="s">LAMBDA_EXECUTOR=docker</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">4574:4574'</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">/tmp/localstack:/tmp/localstack</span> <span class="pi">-</span> <span class="s">/var/run/docker.sock:/var/run/docker.sock</span> <span class="na">stepfunctions</span><span class="pi">:</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">stepfunctions</span> <span class="na">image</span><span class="pi">:</span> <span class="s">amazon/aws-stepfunctions-local:latest</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">LAMBDA_ENDPOINT=http://localstack:4574</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">8083:8083'</span> </code></pre> </div> <p>Things to note here that we are starting <code>lambda</code> service on localstack. More information on localstack can be found <a href="https://github.com/localstack/localstack" rel="noopener noreferrer">here</a>. The service will be available on port <code>4574</code>. Also pay attention to the <code>LAMBDA_EXECUTOR</code> and shared volumes. We need to do that coz with localstack the lambda executor needs docker to run. Next we have the <code>stepfunctions</code> service, which is built using the <code>amazon/aws-stepfunctions-local:latest</code> docker image. Here we need to specify the lambda endpoint. This is endpoint where the step functions will look for lambda functions to execute.<br> <a href="https://i.giphy.com/media/meNaovDMpxyUw/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/meNaovDMpxyUw/giphy.gif" alt="Where is the ball?"></a>Where is the ball?</p> <h3> Run everything <a></a> </h3> <p>In order to run this, we will have to run a few commands which can be put together is a script. To deploy the lambda functions to localstack, we will first need to zip them. You can do that by any zipping tool. I did it via <code>zip</code> command line utility.</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> zip <span class="nt">-r</span> ./createMatches.zip ./createMatchesHandler.js zip <span class="nt">-r</span> ./calculateRunRate.zip ./calculateRunRateHandler.js </code></pre> </div> <p>Next start the containers by running <code>docker-compose up -d</code>. Once the containers are up, you can deploy the lambda functions to localstack like this:</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> awslocal lambda create-function <span class="se">\</span> <span class="nt">--function-name</span> CreateMatchesFunction <span class="se">\</span> <span class="nt">--runtime</span> nodejs12.x <span class="se">\</span> <span class="nt">--handler</span> createMatchesHandler.handler <span class="se">\</span> <span class="nt">--role</span> arn:aws:iam::012345678901:role/DummyRole <span class="se">\</span> <span class="nt">--zip-file</span> fileb://dist/createMatches.zip awslocal lambda create-function <span class="se">\</span> <span class="nt">--function-name</span> CalculateRunRateFunction <span class="se">\</span> <span class="nt">--runtime</span> nodejs12.x <span class="se">\</span> <span class="nt">--handler</span> calculateRunRateHandler.handler <span class="se">\</span> <span class="nt">--role</span> arn:aws:iam::012345678901:role/DummyRole <span class="se">\</span> <span class="nt">--zip-file</span> fileb://dist/calculateRunRate.zip </code></pre> </div> <p>The output of these commands will look something like this,</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> { "TracingConfig": { "Mode": "PassThrough" }, "CodeSha256": "iA5Rqi3x8PvmLWPZBvWXYrpOQC9tx6zi6TjpU9K8uKI=", "FunctionName": "CreateMatchesFunction", "LastModified": "2020-03-30T21:17:30.828+0000", "RevisionId": "70a91d5c-c42d-422e-9e93-fbc8d6ef638c", "CodeSize": 995, "FunctionArn": "arn:aws:lambda:us-east-1:000000000000:function:CreateMatchesFunction", "Version": "$LATEST", "Role": "arn:aws:iam::012345678901:role/DummyRole", "Timeout": 3, "Handler": "createMatchesHandler.handler", "Runtime": "nodejs12.x", "Description": "" } { "TracingConfig": { "Mode": "PassThrough" }, "CodeSha256": "GF2chlh/6N9mcPAyg6ysY537GsN+fff6zAuNeQUaz3Y=", "FunctionName": "CalculateRunRateFunction", "LastModified": "2020-03-30T21:17:31.469+0000", "RevisionId": "e1bfe0ab-bce5-4e21-b7c4-8a2bfa980a22", "CodeSize": 815, "FunctionArn": "arn:aws:lambda:us-east-1:000000000000:function:CalculateRunRateFunction", "Version": "$LATEST", "Role": "arn:aws:iam::012345678901:role/DummyRole", "Timeout": 3, "Handler": "calculateRunRateHandler.handler", "Runtime": "nodejs12.x", "Description": "" } </code></pre> </div> <p>Ok, so now we have successfully deployed our lambda functions to localstack. Now we just need to create our state machine and execute the functions. For that, we can run the following commands,</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> aws stepfunctions <span class="se">\</span> <span class="nt">--endpoint</span> http://localhost:8083 <span class="se">\</span> create-state-machine <span class="se">\</span> <span class="nt">--definition</span> file://state-machine.json <span class="se">\</span> <span class="nt">--name</span> <span class="s2">"NetRunRateCalculatorStateMachine"</span> <span class="se">\</span> <span class="nt">--role-arn</span> <span class="s2">"arn:aws:iam::012345678901:role/DummyRole"</span> aws stepfunctions <span class="se">\</span> <span class="nt">--endpoint</span> http://localhost:8083 <span class="se">\</span> start-execution <span class="se">\</span> <span class="nt">--state-machine</span> arn:aws:states:us-east-1:123456789012:stateMachine:NetRunRateCalculatorStateMachine <span class="se">\</span> <span class="nt">--name</span> <span class="nb">test</span> <span class="nt">--input</span> <span class="s2">"{</span><span class="se">\"</span><span class="s2">teamA</span><span class="se">\"</span><span class="s2">:</span><span class="se">\"</span><span class="s2">India</span><span class="se">\"</span><span class="s2">, </span><span class="se">\"</span><span class="s2">teamB</span><span class="se">\"</span><span class="s2">: </span><span class="se">\"</span><span class="s2">Australia</span><span class="se">\"</span><span class="s2">, </span><span class="se">\"</span><span class="s2">numMatches</span><span class="se">\"</span><span class="s2">: 3, </span><span class="se">\"</span><span class="s2">matchType</span><span class="se">\"</span><span class="s2">: </span><span class="se">\"</span><span class="s2">t20</span><span class="se">\"</span><span class="s2">}"</span> </code></pre> </div> <p>This will give you the following output,</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> { "creationDate": 1585603052.224, "stateMachineArn": "arn:aws:states:us-east-1:123456789012:stateMachine:NetRunRateCalculatorStateMachine" } { "startDate": 1585603052.766, "executionArn": "arn:aws:states:us-east-1:123456789012:execution:NetRunRateCalculatorStateMachine:test" } </code></pre> </div> <p>Now to check the status of the execution you can run the <code>describe-execution</code> utility on step functions, like this,</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> aws stepfunctions <span class="se">\</span> <span class="nt">--endpoint</span> http://localhost:8083 <span class="se">\</span> describe-execution <span class="se">\</span> <span class="nt">--execution-arn</span> arn:aws:states:us-east-1:123456789012:execution:NetRunRateCalculatorStateMachine:test </code></pre> </div> <p>If the machine already completed execution you will get the following output,</p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"SUCCEEDED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"startDate"</span><span class="p">:</span><span class="w"> </span><span class="mf">1585603052.766</span><span class="p">,</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"test"</span><span class="p">,</span><span class="w"> </span><span class="nl">"executionArn"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:us-east-1:123456789012:execution:NetRunRateCalculatorStateMachine:test"</span><span class="p">,</span><span class="w"> </span><span class="nl">"stateMachineArn"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:states:us-east-1:123456789012:stateMachine:NetRunRateCalculatorStateMachine"</span><span class="p">,</span><span class="w"> </span><span class="nl">"stopDate"</span><span class="p">:</span><span class="w"> </span><span class="mf">1585603055.931</span><span class="p">,</span><span class="w"> </span><span class="nl">"output"</span><span class="p">:</span><span class="w"> </span><span class="s2">"{</span><span class="se">\"</span><span class="s2">teamA</span><span class="se">\"</span><span class="s2">:-3.4393976210462283,</span><span class="se">\"</span><span class="s2">teamB</span><span class="se">\"</span><span class="s2">:3.4393976210462283} "</span><span class="p">,</span><span class="w"> </span><span class="nl">"input"</span><span class="p">:</span><span class="w"> </span><span class="s2">"{</span><span class="se">\"</span><span class="s2">teamA</span><span class="se">\"</span><span class="s2">:</span><span class="se">\"</span><span class="s2">India</span><span class="se">\"</span><span class="s2">, </span><span class="se">\"</span><span class="s2">teamB</span><span class="se">\"</span><span class="s2">: </span><span class="se">\"</span><span class="s2">Australia</span><span class="se">\"</span><span class="s2">, </span><span class="se">\"</span><span class="s2">numMatches</span><span class="se">\"</span><span class="s2">: 3, </span><span class="se">\"</span><span class="s2">matchType</span><span class="se">\"</span><span class="s2">: </span><span class="se">\"</span><span class="s2">t20</span><span class="se">\"</span><span class="s2">}"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>That's it. You have successfully created a state machine and run it against the lambdas in localstack. You can find the full code <a href="https://github.com/vikasgarghb/net-run-rate-calculator" rel="noopener noreferrer">here</a>.<br> <a href="https://i.giphy.com/media/zsQ4dmaXqQaQw/giphy.gif" class="article-body-image-wrapper"><img src="https://i.giphy.com/media/zsQ4dmaXqQaQw/giphy.gif" alt="Success..."></a>Success...</p> localstack stepfunctions aws SAM Local with Localstack Vikas Garg Thu, 19 Mar 2020 16:00:08 +0000 https://forem.com/vikasgarghb/sam-local-with-localstack-4285 https://forem.com/vikasgarghb/sam-local-with-localstack-4285 <p>As a developer, I look for making local dev experience as smooth as possible. In the same vein, one thing that bothers most of us working with aws cloud is to test it locally. Good thing is that we have <a href="https://github.com/localstack/localstack" rel="noopener noreferrer">localstack</a> to our rescue. This post will focus on how you can have AWS SAM working with Localstack.</p> <h2> Table Of Contents </h2> <ul> <li>Tools</li> <li>Project Setup</li> <li>Setting up Localstack</li> <li>Hooking it up</li> </ul> <h3> Tools <a></a> </h3> <ul> <li>NodeJs 12.x</li> <li>Docker</li> <li><a href="https://aws.amazon.com/cli/" rel="noopener noreferrer">aws-cli</a></li> <li><a href="https://github.com/localstack/awscli-local" rel="noopener noreferrer">awscli-local</a></li> </ul> <h3> Project Setup <a></a> </h3> <p>For this post, we will use <code>sam init</code> to pull in the hello-world project with nodejs runtime. More information on <a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html" rel="noopener noreferrer">SAM</a>. After following the prompts, you will get a sample hello world project setup running in node.</p> <h3> Setting up Localstack <a></a> </h3> <p>In order to setup localstack in the project, we will first create a docker-compose.yml in the root of our project.</p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">version</span><span class="pi">:</span> <span class="s2">"</span><span class="s">3"</span> <span class="na">services</span><span class="pi">:</span> <span class="na">localstack</span><span class="pi">:</span> <span class="na">build</span><span class="pi">:</span> <span class="s">localstack</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">localstack</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">DATA_DIR=/tmp/localstack/data</span> <span class="pi">-</span> <span class="s">SERVICES=s3</span> <span class="c1"># this can be a comma separated list of services you want to start</span> <span class="pi">-</span> <span class="s">TZ=America/New_York</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">4572:4572'</span> <span class="c1"># these ports will be different for different services.</span> </code></pre> </div> <p>Another thing that we will need to do is create a directory called <code>localstack</code> with following contents, </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> .dockerignore Dockerfile recorded_api_calls.json </code></pre> </div> <p>Let's see what each of these files will look like, <code>.dockerignore</code></p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> .dockerignore Dockerfile </code></pre> </div> <p><code>Docekrfile</code></p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> FROM localstack/localstack COPY /. /tmp/localstack/data </code></pre> </div> <p>We will get to the contents of the json file later. Once we have this, we are ready to start the localstack in a docker container. You can do this by running,<br> <code>docker-compose up -d</code>. This will pull the localstack image and build it and start it.</p> <h4> S3 bucket </h4> <p>Now we will need to create a s3 bucket in our localstack container. For this we can just run this: <code>awslocal s3 mb s3://test-bucket</code>. This will create the bucket. Now bash into the container, <code>docker exec -it localstack /bin/bash</code> and then go to <code>vi /tmp/localstack/data/recorded_api_calls.json</code>. Copy the contents of this file and paste them in the file <code>recorded_api_calls.json</code> in the <code>localstack</code> directory we created earlier. We need to do this, so that we don't need to create the bucket every time we start the container.</p> <h3> Hooking it up <a></a> </h3> <p>Now if you want to setup your project to use any AWS components like S3, IAM, STS etc. you can do so and test them without going to AWS directly.</p> <p>In the code, you will need aws-sdk to initialize the s3 client, you can do this by,</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="kd">const</span> <span class="nx">s3</span> <span class="o">=</span> <span class="nx">AWS</span><span class="p">.</span><span class="nc">S3</span><span class="p">({</span> <span class="na">endpoint</span><span class="p">:</span> <span class="dl">'</span><span class="s1">http://localhost:4572</span><span class="dl">'</span> <span class="p">});</span> </code></pre> </div> <p>Coming back to make <code>sam local invoke</code> work with localstack. For this, bare minimum you would need to do this:</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> sam local invoke --docker-network host </code></pre> </div> <p>For more information on <a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-cli-command-reference-sam-local-invoke.html" rel="noopener noreferrer">sam local</a></p> <p>Full working code can be found here: </p> <div class="ltag-github-readme-tag"> <div class="readme-overview"> <h2> <img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev.to%2Fassets%2Fgithub-logo-5a155e1f9a670af7944dd5e12375bc76ed542ea80224905ecaf878b9157cdefc.svg" alt="GitHub logo"> <a href="https://github.com/vikasgarghb" rel="noopener noreferrer"> vikasgarghb </a> / <a href="https://github.com/vikasgarghb/sam-local-with-localstack" rel="noopener noreferrer"> sam-local-with-localstack </a> </h2> <h3> </h3> </div> <div class="ltag-github-body"> <div id="readme" class="md"> <div class="markdown-heading"> <h1 class="heading-element">sam-local-with-localstack</h1> </div> <p>This project contains source code and supporting files for a serverless application that you can deploy with the SAM CLI. It includes the following files and folders.</p> <ul> <li>hello-world - Code for the application's Lambda function.</li> <li>events - Invocation events that you can use to invoke the function.</li> <li>hello-world/tests - Unit tests for the application code.</li> <li>template.yaml - A template that defines the application's AWS resources.</li> </ul> <p>The application uses several AWS resources, including Lambda functions and an API Gateway API. These resources are defined in the <code>template.yaml</code> file in this project. You can update the template to add AWS resources through the same deployment process that updates your application code.</p> <p>If you prefer to use an integrated development environment (IDE) to build and test your application, you can use the AWS Toolkit.<br> The AWS Toolkit is an open source plug-in for popular IDEs that uses the SAM CLI to build…</p> </div> </div> <div class="gh-btn-container"><a class="gh-btn" href="https://github.com/vikasgarghb/sam-local-with-localstack" rel="noopener noreferrer">View on GitHub</a></div> </div> sam localstack Lambdas, SAM and Dotnet Vikas Garg Wed, 18 Mar 2020 13:02:23 +0000 https://forem.com/vikasgarghb/lambdas-sam-and-dotnet-17oj https://forem.com/vikasgarghb/lambdas-sam-and-dotnet-17oj <p>Recently, had a chance encounter with lambdas and dotnet. <a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html">AWS SAM</a> provides a pretty good hello-world for dotnet application. So, I gave that a chance and below are some of my findings.</p> <h2> Table of Contents </h2> <ul> <li>Dotnet SDK</li> <li>Dotnet Tools</li> <li>SAM Build</li> <li>Dotnet Publish</li> <li>Dotnet Lambda</li> </ul> <h3> Dotnet SDK <a></a> </h3> <p>Currently, SAM works with dotnetcore2.0 and dotnetcore2.1. And the latest available version of <a href="https://dotnet.microsoft.com/download/dotnet-core">dotnet SDK</a> is 3.1. In order to work with the hello-world example of AWS SAM with dotnet, you would need at least sdk version 2.1 installed on your machine (I was able to make it work with sdk 3.1 too).</p> <h3> Dotnet Tools <a></a> </h3> <p>You might also want to install <a href="https://github.com/aws/aws-lambda-dotnet">aws dotnet tools</a>. These are required by sam to create, build and deploy the lambda functions. If you don't have them installed, then you can do so by<br> </p> <p><code>dotnet tool install -g Amazon.Lambda.Tools</code><br> </p> <p>If you get an error that dotnet not found, then you might want to check the location <code>/usr/local/share/dotnet/dotnet</code>. This needs to have symlink to <code>/usr/local/bin</code>. In order to do that, just run <br> <code>ln -s /usr/local/share/dotnet/dotnet /usr/local/bin</code></p> <p>While running <code>sam build</code>, you might run into the following issue:<br> </p> <div class="highlight"><pre class="highlight plaintext"><code>Could not execute because the specified command or file was not found. Possible reasons for this include: * You misspelled a built-in dotnet command. * You intended to execute a .NET Core program, but dotnet-xyz does not exist. * You intended to run a global tool, but a dotnet-prefixed executable with this name could not be found on the PATH. </code></pre></div> <p>To resolve it, add the following <code>$HOME/.dotnet/tools</code> to your PATH variable. This should do it, <code>export PATH=$PATH:$HOME/.dotnet/tools</code></p> <h3> SAM Build <a></a> </h3> <p>Now when you run <code>sam build</code>, it will build the code and put the compiled files into <code>.aws-sam/build</code> directory and will also create the package to deploy to aws lambda via <code>sam deploy</code>. If all of your setup is correct, then you can either invoke this lambda locally via <code>sam local invoke</code> OR deploy it to AWS via <code>sam deploy -g</code>.</p> <h3> Dotnet Publish <a></a> </h3> <p>If you don't want to run the <code>sam build</code> and have some more control over how you build your code, you can do that via <code>dotnet publish</code>. With this you can provide more options like runtime, configuration etc for the build. Also you can specify an alternate location for the output files. Only other thing you would need to do is that you will have to manually create the zip file to deploy to lambda. You can do that by using any compression tool (<code>zip</code> for unix, for eg.).</p> <h3> Dotnet Lambda <a></a> </h3> <p>Another way you can do is via <code>dotnet lambda</code>. This feature is available via Dotnet Tools. Using this, you can combine the build and package steps together. This creates the deployable package which you can either deploy to lambda manually or via the tool itself (<code>dotnet lambda deploy-function</code>).</p> <p>These were some of my findings and being an alien to dotnet universe, these things were very frustrating and tricky to resolve. So, thought of putting it all together in one place.</p> <p>Sample code can be found here </p> <div class="ltag-github-readme-tag"> <div class="readme-overview"> <h2> <img src="https://res.cloudinary.com/practicaldev/image/fetch/s--vJ70wriM--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://practicaldev-herokuapp-com.freetls.fastly.net/assets/github-logo-ba8488d21cd8ee1fee097b8410db9deaa41d0ca30b004c0c63de0a479114156f.svg" alt="GitHub logo"> <a href="https://github.com/vikasgarghb"> vikasgarghb </a> / <a href="https://github.com/vikasgarghb/dotnet-sam"> dotnet-sam </a> </h2> <h3> </h3> </div> <div class="ltag-github-body"> <div id="readme" class="md"> <h1> dotnet-sam</h1> <p>This project contains source code and supporting files for a serverless application that you can deploy with the SAM CLI. It includes the following files and folders.</p> <ul> <li>src - Code for the application's Lambda function.</li> <li>events - Invocation events that you can use to invoke the function.</li> <li>test - Unit tests for the application code.</li> <li>template.yaml - A template that defines the application's AWS resources.</li> </ul> <p>The application uses several AWS resources, including Lambda functions and an API Gateway API. These resources are defined in the <code>template.yaml</code> file in this project. You can update the template to add AWS resources through the same deployment process that updates your application code.</p> <h2> Deploy the sample application</h2> <p>The Serverless Application Model Command Line Interface (SAM CLI) is an extension of the AWS CLI that adds functionality for building and testing Lambda applications. It uses Docker to run your functions in an Amazon Linux…</p> </div> </div> <div class="gh-btn-container"><a class="gh-btn" href="https://github.com/vikasgarghb/dotnet-sam">View on GitHub</a></div> </div> <p>.</p> lambdas dotnet sam Polling with redux saga Vikas Garg Mon, 09 Mar 2020 19:30:45 +0000 https://forem.com/vikasgarghb/polling-with-redux-saga-3e71 https://forem.com/vikasgarghb/polling-with-redux-saga-3e71 <p>I had been working on a solution to wait for a result to be available to update the results on a UI upon a user action. We are using react and redux. Looking at the other solutions available everywhere using redux-saga, they were all using an infinite loop and using specific redux-saga provided events to halt the polling. This made me think of making use of redux store and reducers to implement polling. So, this is my attempt to solve this problem.</p> <h3> What is polling? </h3> <p>Polling in general term means checking the status of something OR making repeated calls for a response. Eg. news ticker; twitter feeds etc.</p> <h3> Redux Saga </h3> <p><a href="https://redux-saga.js.org/">Redux Saga</a> -- It uses an ES6 generator functions which are similar to <code>async</code>/<code>await</code> syntax.</p> <h3> Let's get to the business </h3> <p>For this, we are going to use a dummy service which have following APIs,<br> </p> <div class="highlight"><pre class="highlight plaintext"><code>- POST /job -- Creates a job. - GET /:jobId/status -- Returns the status of the job </code></pre></div> <p>Note: Not going into the details on the implementation of the APIs. Our focus will be on redux-saga implementation.</p> <h4> redux-saga </h4> <p>Let's see the implementation<br> </p> <div class="highlight"><pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">function</span><span class="o">*</span> <span class="nx">createJob</span><span class="p">(</span><span class="nx">action</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">payload</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">action</span><span class="p">;</span> <span class="k">yield</span> <span class="nx">post</span><span class="p">({</span> <span class="na">url</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/job</span><span class="dl">'</span><span class="p">,</span> <span class="na">onSuccess</span><span class="p">:</span> <span class="nx">ON_SUCCESS</span><span class="p">,</span> <span class="na">onError</span><span class="p">:</span> <span class="nx">ON_ERROR</span><span class="p">,</span> <span class="na">data</span><span class="p">:</span> <span class="nx">payload</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">function</span><span class="o">*</span> <span class="nx">startPollingForStatus</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">job</span> <span class="o">=</span> <span class="k">yield</span> <span class="nx">select</span><span class="p">(</span><span class="nx">state</span> <span class="o">=&gt;</span> <span class="nx">getJob</span><span class="p">(</span><span class="nx">state</span><span class="p">));</span> <span class="k">yield</span> <span class="nx">put</span><span class="p">(</span><span class="nx">getStatus</span><span class="p">(</span><span class="nx">job</span><span class="p">.</span><span class="nx">id</span><span class="p">));</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">function</span><span class="o">*</span> <span class="nx">getStatus</span><span class="p">(</span><span class="nx">action</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">jobId</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">action</span><span class="p">;</span> <span class="k">yield</span> <span class="kd">get</span><span class="p">({</span> <span class="na">url</span><span class="p">:</span> <span class="s2">`/</span><span class="p">${</span><span class="nx">jobId</span><span class="p">}</span><span class="s2">/status`</span><span class="p">,</span> <span class="na">onSuccess</span><span class="p">:</span> <span class="nx">ON_SUCCESS_GET_STATUS</span><span class="p">,</span> <span class="na">onError</span><span class="p">:</span> <span class="nx">ON_ERROR</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">function</span><span class="o">*</span> <span class="nx">isJobComplete</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">job</span> <span class="o">=</span> <span class="k">yield</span> <span class="nx">select</span><span class="p">(</span><span class="nx">state</span> <span class="o">=&gt;</span> <span class="nx">getJob</span><span class="p">(</span><span class="nx">state</span><span class="p">));</span> <span class="k">if</span> <span class="p">(</span><span class="nx">job</span><span class="p">.</span><span class="nx">status</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">complete</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="k">yield</span> <span class="nx">put</span><span class="p">(</span><span class="nx">jobIsComplete</span><span class="p">(</span><span class="nx">job</span><span class="p">.</span><span class="nx">guid</span><span class="p">));</span> <span class="p">}</span> <span class="k">if</span> <span class="p">([</span><span class="dl">'</span><span class="s1">created</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">processing</span><span class="dl">'</span><span class="p">].</span><span class="nx">includes</span><span class="p">(</span><span class="nx">job</span><span class="p">.</span><span class="nx">status</span><span class="p">))</span> <span class="p">{</span> <span class="k">yield</span> <span class="nx">delay</span><span class="p">(</span><span class="mi">4000</span><span class="p">);</span> <span class="k">return</span> <span class="k">yield</span> <span class="nx">put</span><span class="p">(</span><span class="nx">getStatus</span><span class="p">(</span><span class="nx">job</span><span class="p">.</span><span class="nx">id</span><span class="p">));</span> <span class="p">}</span> <span class="k">yield</span> <span class="nx">put</span><span class="p">({</span> <span class="na">type</span><span class="p">:</span> <span class="nx">ON_ERROR</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">function</span><span class="o">*</span> <span class="nx">jobIsComplete</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="dl">'</span><span class="s1">success</span><span class="dl">'</span><span class="p">;</span> <span class="p">}</span> <span class="k">export</span> <span class="k">default</span> <span class="kd">function</span><span class="o">*</span> <span class="nx">root</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="k">yield</span> <span class="p">[</span> <span class="nx">takeLatest</span><span class="p">(</span><span class="nx">ON_CREATE_JOB</span><span class="p">,</span> <span class="nx">createJob</span><span class="p">),</span> <span class="nx">takeLatest</span><span class="p">(</span><span class="nx">ON_GET_STATUS</span><span class="p">,</span> <span class="nx">getStatus</span><span class="p">),</span> <span class="nx">takeLatest</span><span class="p">(</span><span class="nx">ON_SUCCESS</span><span class="p">,</span> <span class="nx">startPollingForStatus</span><span class="p">),</span> <span class="nx">takeLatest</span><span class="p">(</span><span class="nx">ON_SUCCESS_GET_STATUS</span><span class="p">,</span> <span class="nx">isJobComplete</span><span class="p">),</span> <span class="nx">takeLatest</span><span class="p">(</span><span class="nx">ON_ERROR</span><span class="p">,</span> <span class="nx">onError</span><span class="p">),</span> <span class="p">];</span> <span class="p">}</span> </code></pre></div> <p>This might look a bit too much but let's break it down.</p> <p><strong>startPollingForStatus</strong><br> As soon as the job is created and is returned successfully, we start the polling. As a result of the creation job, we have the returned job stored in redux store and then use the job id to fetch its status.</p> <p><strong>isJobComplete</strong><br> Upon successful return of the status, we check for different statuses: <code>created</code>, <code>complete</code> and <code>processing</code>. If the status is not <code>complete</code>, we want to continue polling. So, we make use of <code>delay</code> function provided by redux-saga. This will delay for given time (in ms) and then resume the polling. If the status is <code>complete</code>, we will halt the polling and do something else to show the user that the job is complete.</p> <h3> Conclusion </h3> <p>This makes use of redux store and state and get us out of using an infinite loop to poll for updates. Let me know in comments if you see any issues with this approach.</p> <p>Plan to add some samples for tests and github link for working solution. :)</p> <p><em>UPDATE</em>: Code can be found <a href="https://github.com/vikasgarghb/redux-polling">here</a></p> redux react polling saga