A simple AWS Serverless (SAM) blog created based on Amazon DynamoDB Blog API using .NETCore 2.0
NOTE This template will generate an AWS API Gateway and its lambda methods. However, it does not set the lambda authorizer, so anyone with your URL would be able to create a post/user
NOTE-2 Currently, the user's password will be stored as
password
+secret
. So, don't use it as production or implement abettercrypt
. (I'll do that later on.)
- Install .NETCore 2.0
- Install AWS SDK for .NET
- Install AWS Templates for .NET
dotnet new -i Amazon.Lambda.Templates::*
And, change serverless.template
parameters
Parameters:
BlogTableName:
Default: # blog table name
UserTableName:
Default: # user table name
Salt:
Default: # unique salt phrase
Issuer:
Default: # some issuer string
Audience:
Default: # some audience string
Secret:
Default: # some secret to create JWT
To publish, execute
dotnet lambda deploy-serverless -sn <name of the new CloudFormation stack> -sb <An S3 bucket> --region <any-aws-region>
Once published, you'are all set almost done.
-
Go to your AWS Api Gateway Console > [api name] > Authorizers,
-
Create a new *Authorizer
- Name: Authorizer's Name
- Lambda Function: choose [AuthLambda] function
- Lambda Invoke Role: [leave it blank]
- Lambda Event Payload: Token
- Token Source: Auth
# The Blog uses this
-
Go to Resources :
and for each of these: /blogs [
DELETE
,POST
], /me [GET
] /users [DELETE
,POST
,GET
,POST
]- Open [method]'s Method Request
- Choose [AuthorizerName] as your Authorization
- Choose
Validate body, query string parameters, and headers
for Request Validator - In HTTP Request Headers, input Auth as a new Header and, set it as Required
-
Once the you finish the requests setup, go to:
for each resource [/...]
- Actions > Deploy API > [choose a stage name]
-
Now you are done!
Before you set an Authorizer
for /users
[POST
], it is recommended to create an Admin
user.
POST /prod/users HTTP/1.1
Host: <your api url>
Content-Type: application/json
Cache-Control: no-cache
Postman-Token: 25d0a1c0-7476-c8f8-5671-a4b5a9140eb4
{
"name": "Felipe Correa",
"email": "felipe.correa (at) (google's Mail).com",
"password": "my secure passwrod",
"isAdmin": true
}
Once you have edited your template and code you can use the following command lines to deploy your application from the command line (these examples assume the project name is EmptyServerless):
Restore dependencies
cd "BlogApi"
dotnet restore
Deploy application
cd "BlogApi/src/BlogApi"
dotnet lambda deploy-serverless