Deploying a Serverless Application with AWS Lambda and EventBridge: A Detailed Guide Day 30 of my 90 -Day Devops Journey

Abigeal AfolabiAbigeal Afolabi
4 min read

Welcome to day 30! This guide details creating a serverless application using Node.js, AWS Lambda, and EventBridge, triggered by S3 file uploads.

Before You Begin:

  • AWS Account: You need an active AWS account.

  • IAM User with Permissions: Create an IAM user with sufficient permissions. Avoid using root credentials. The user needs
    permissions to access S3 (reading objects), Lambda (creating functions, invoking functions), and EventBridge (creating rules and
    targets). A well-defined policy minimizing permissions is crucial for security. Use the AWS console's IAM service to create a user
    and attach a policy granting these permissions.

Image description

Step 1: Create the S3 Bucket

  1. Navigate to the S3 console: Access the AWS Management Console and go to the S3 service.

  2. Create bucket: Click "Create bucket."

  3. Bucket name: Choose a globally unique name (e.g., your-unique-name-eventbridge-bucket). It must be lowercase and globally unique. Avoid periods (.) in the name.

  4. Region: Select a region geographically close to your users.

  5. Object Ownership: Choose "Bucket owner enforced."

  6. Versioning: Consider enabling versioning for data protection.

  7. Encryption: Enable server-side encryption (SSE-S3 or SSE-KMS) to protect your data at rest.

  8. Block Public Access: Crucially, ensure "Block all public access" is enabled. This prevents unauthorized access to your bucket.

  9. Tags (Optional): Add tags for organization and cost allocation.

  10. Create bucket: Click "Create bucket."

Image description

Step 2: Create the Lambda Function (Node.js)

  1. Navigate to the Lambda console: Go to the AWS Lambda service.

  2. Create function: Click "Create function."

  3. Author from scratch: Choose this option.

  4. Function name: Use a descriptive name (e.g., processS3Upload).

  5. Runtime: Select Node.js 16.x (or a compatible version).

  6. Permissions:

    • Create a new role: Choose this option.

    • Role name: Give it a descriptive name (e.g., lambda_s3_eventbridge_role).

    • Policy: Create a custom policy or use a managed policy and add necessary permissions. The policy must grant permissions to:

      • s3:GetObject (to read objects from S3)

      • logs:CreateLogGroup, logs:CreateLogStream, logs:PutLogEvents (to write logs to CloudWatch)

  7. Code:

   const AWS = require('aws-sdk');
   const s3 = new AWS.S3();

   exports.handler = async (event) => {
       try {
           const record = event.Records[0];
           const bucketName = record.s3.bucket.name;
           const key = decodeURIComponent(record.s3.object.key.replace(/\+/g, ' ')); // Decode URL-encoded key

           console.log(`File ${key} uploaded to bucket ${bucketName}`);

           const params = { Bucket: bucketName, Key: key };
           const data = await s3.getObject(params).promise();
           // Process the file data from data.Body.  Example:
           const fileContent = data.Body.toString();
           console.log(`File content: ${fileContent}`); // Or perform more complex processing

           return { statusCode: 200, body: 'File processed successfully' };
       } catch (error) {
           console.error('Error processing file:', error);
           return { statusCode: 500, body: 'Error processing file' }; // Handle errors appropriately
       }
   };
  1. Create function: Click "Create function."

Image description

Step 3: Create the EventBridge Rule

  1. Navigate to the EventBridge console: Go to the AWS EventBridge service.

  2. Create rule: Click "Create rule."

  3. Name: Give it a name (e.g., s3FileUploadRule).

  4. Event source: Select "AWS Events."

  5. Event pattern: Use this JSON pattern (replace with your bucket name):

   {
       "source": ["aws.s3"],
       "detail-type": ["Object Created"],
       "detail": {
           "bucket": {
               "name": ["your-unique-name-eventbridge-bucket"]
           }
       }
   }
  1. Target:

    • Choose a target: Select "Lambda function."

    • Select function: Choose your Lambda function (processS3Upload).

  2. Create rule: Click "Create rule."

Image description

Step 4: Test the Setup

  1. Upload a file to your S3 bucket.

  2. Check CloudWatch Logs for your Lambda function. You should see logs indicating successful execution.

Step 5: Verify CloudWatch Logs

  1. Go to the CloudWatch console.

  2. Navigate to Logs.

  3. Find the log group for your Lambda function.

  4. Verify that the logs show the event details (bucket name, file name) and the output of your Lambda function.

Image description

Additional Enhancements:

  • Error Handling: The improved Lambda code includes error handling. Consider adding more robust error handling and logging.

  • Dead-Letter Queue (DLQ): Configure a DLQ for your EventBridge rule to handle failed events.

  • Asynchronous Processing: For long-running tasks, use SQS or another asynchronous mechanism to avoid Lambda timeouts.

  • Security Best Practices: Regularly review and update IAM permissions to ensure least privilege access.

0
Subscribe to my newsletter

Read articles from Abigeal Afolabi directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Abigeal Afolabi
Abigeal Afolabi

๐Ÿš€ Software Engineer by day, SRE magician by night! โœจ Tech enthusiast with an insatiable curiosity for data. ๐Ÿ“ Harvard CS50 Undergrad igniting my passion for code. Currently delving into the MERN stack โ€“ because who doesn't love crafting seamless experiences from front to back? Join me on this exhilarating journey of embracing technology, penning insightful tech chronicles, and unraveling the mysteries of data! ๐Ÿ”๐Ÿ”ง Let's build, let's write, let's explore โ€“ all aboard the tech express! ๐Ÿš‚๐ŸŒŸ #CodeAndCuriosity