This repo contains demo code that was used in my presentation about Serverless using AWS Lambda.
The system architecture designed to demonstrate the use of AWS Lambda function is shown below.
First of all, in order to deploy and run this code, you must have an active AWS account.
-
Generate a PGP key (see PGP section).
-
Create a S3 bucket on AWS.
-
Create 2 folders in the bucket:
- uploads/ - files will be uploaded here
- encrypted/ - encrypted files will be pasted here
-
Create a Lambda function on AWS (e.g. encrypt-s3-files).
-
Create a Lambda package locally from source files (see deploy section).
-
Upload this package (dist.zip file) to your Lambda function.
-
Configure Lambda handler to "lambda.encryptS3File".
-
Configure Lambda timeout to 15 seconds.
-
Save changes.
-
From Lambda designer, add a S3 trigger to your Lambda function with the following configurations:
- Event type: PUT
- Prefix: uploads/
-
Upload a file to the uploads/ folder.
-
Check Lambda logs in CloudWatch.
Optional: Configure environment variables as needed (optional, see variables section).
Create a deploy package to upload to AWS Lambda by running the command below:
$ npm run build
A dist.zip file will be created and may be uploaded to AWS Lambda.
Lambda function uses those environment variables that are configurable, but optional.
| Variable | Description | Default value |
|---|---|---|
| S3_ENCRYPTED_PREFIX | Prefix for encrypted files. | 'encrypted/' |
| S3_API_VERSION | S3 API version. | '2006-03-01' |
Generate a PGP key.
$ gpg --gen-key
Use info below:
Real name: Serverless Demo
Email address: serverless@demo
Export the PGP pub key.
$ gpg --armor --export serverless@demo > src/pub.key
You can also delete the secret/pub keys if it's not used anymore.
BE CAREFUL, IT CAN'T BE UNDONE
$ gpg --delete-secret-key serverless@demo # secret
$ gpg --delete-key serverless@demo # pub
August 2019, design and code by Alexandre Bolzon.