AWS Access Types — Programmatic and Management Console Access

In this article, we are going to learn AWS Access Types — Programmatic and Management Console Access when developing Serverless E-Commerce application.

AWS Access Types — Programmatic and Management Console Access

As you know that, in the previous article, when we create a user, we have an option about AWS access types and we have select both

  • Programmatic Access and
  • AWS Management Console Access

Step by Step Design AWS Architectures w/ Course

I have just published a new course — AWS Serverless Microservices with Patterns & Best Practices.

In this course, we’re going to learn how to Design and Develop AWS Serverless Event-driven Microservices with using AWS Lambda, AWS DynamoDB, AWS API Gateway, AWS EventBridge, AWS SQS, AWS CDK for IaCInfrastructure as Code tool and AWS CloudWatch for monitoring.

Source Code

Get the Source Code from Serverless Microservices GitHub — Clone or fork this repository, if you like don’t forget the star. If you find or ask anything you can directly open issue on repository.

Select AWS Account Type

You can also see the option when creating user. There is a “Select AWS Account Type” section, and in this section we can select access types.

If you read detail of “Programmatic access” you can see that

  • Enables access key ID and secret access key for the AWS API, CLI, SDK, and other development tools.

So you can see these important keywords; AWS API, CLI, SDK and other development tools.

So let me deep dive what is this access types and when we use this access types. Also when developing our Serverless E-commerce application, we will almost use all of these programmatic access types and of course use AWS Management Console every time.

Access AWS Resources with APIs

Lets think about AWS core services into the one box. This box will represent whole AWS cloud services implementation from AWS. You can see in the below image, There are lots of services into AWS but I put some of them in here.

And AWS give us some APIs to create and manage some resources on AWS Cloud. So that means AWS exposes APIs in order to give ability to manage resources.
You can see the image above,

  • AWS expose APIs that we can invoke create and manage AWS services,
    for example create S3 bucket, invoke lambda function asynchronously,
    publish event to event bridge and so on.

So how we can invoke this AWS APIs for interacting actual AWS resources ?

Invoke AWS APIs with Different Ways

Aws gives us 2 main way to call their APIs.

1- AWS Management Console Access; which we have already see that you can think as a web application allows us to manage AWS resources for particular AWS accounts.
2- Programmatic Access; which gives us to manage AWS resources from our development environments and manage by writing codes.

So these 2 access is the only way to interact AWS resources.

AWS Management Console Access

First one is very common and everyone reach the AWS management console, right after the account creation. So I am not going to give deep explanation for it, you can think this is an AWS web application that consumes AWS cloud backend services in order to manage actual infrastructure cloud resources.

Programmatic Access

Second one is Programmatic access and it is also very important when it comes to develop enterprise level applications on AWS.

Programmatic access; which gives us to manage AWS resources from our development environments and manage by writing codes.

This part is really helpful when you manage large scale of resources on AWS.

I would like to show breakdowns of Programmatic accesses;

Programmatic access of AWS

AWS CLI

The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.

First you should download AWS CLI and you can use commands very easily;
$ aws ec2 describe-instances
$ aws ec2 start-instances — instance-ids i-1348636c

AWS SDK

AWS SDK — software development kit simplifies use of AWS Services by providing a set of libraries that are consistent and familiar for developers.
It provides support for APIs of AWS.
And there are several programming languages AWS SDK packages that you can use, like Java, NodeJS, JavaScript, .NET, go and so on..

https://aws.amazon.com/blogs/developer/modular-aws-sdk-for-javascript-release-candidate/

Also you can see Tools to Build on AWS. Tools for developing and managing applications on AWS. Let open website and see all tools for managing resources on AWS;
https://aws.amazon.com/tools/

We can browse with 2 types;

  • Browse by Programming Language
  • Browse by Tool Type

Most common use case of AWS SDKs, when you have infrastructure exist on AWS, you can access these infrastructure resource from your development repositories.
For example, if you have DynamoDB database under your AWS account,
you can perform crud operations in your application code with using AWS SDK libraries. We will also use AWS SDK in our microservices codes when interacting with AWS DynamoDB, EventBridge and SQS.

AWS CloudFormation — IaC

AWS CloudFormation is an infrastructure as code (IaC) service that allows you to easily model, provision, and manage AWS resources. AWS CloudFormation provides easy way to create a collection of related AWS resources, and provision and manage them. This is a devops tool that provide to create infrastructure as code.

https://aws.amazon.com/cloudformation/

Under “AWS CloudFormation” we have 2 breakdowns;

  • AWS SAM
  • AWS CDK

These are the tools that use AWS CloudFormation behind the scenes.
But also provide great benefits to developers when creating collection of resources.

When developing our Serverless E-Commerce application, I am not going to use “AWS SAM”. Instead, we will focus on “AWS CDK”.

AWS CDK

The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define your cloud application resources using familiar programming languages.

Use AWS CDK to Write Amazon API Gateway service for Uploading Objects to AWS  S3 | by Utkarsha Bakshi | Geek Culture | Medium

We can Provisioning cloud infrastructure with using Java, Typescript, JavaScript, .NET, go and so on.

When developing our Serverless E-commerce application, we will install and use all of these access types and interact with AWS resources.

Let me recap all these information for our project development in the course.

First of all we will use “AWS Management Console” when exploring AWS services, like when we learning AWS EventBridge, we will define rules and targets via “AWS Management Console”.
But this is only exploration.

So when it comes to developing Serverless projects,

we will follow 2 best practices,
1- Infrastructure as code (IaC) with using AWS CDK — of course AWS CDK uses CloudFormation behind the scene. Basically we developed whole picture with typescript coding using AWS CDK.

2- Developing Microservices Interact AWS resources with AWS SDK (Software Development Kit). So that means after infrastructure ready and its up and running, we will connect and perform our use cases.
For example we have use case about e-commerce basket which's is add basket / remove basket and checkout basket. So when we adding item into basket, we will interact with basket table in DynamoDB from our basket microservices lambda functions.

AWS Serverless Microservices for Ecommerce Application Architecture

Here, you can find the main overall Serverless Architecture for our application that we will follow these steps and build tihs Serverless E-Commerce Microservices Architecture.

This is the big picture of what we are going to develop together for AWS Serverless Event-driven E-commerce Microservices application that is Step by Step Implementation together.

Serverless Event-driven E-commerce Microservices Architecture

We have followed the reference architecture above which is a real-world serverless e-commerce application and it includes;

  • REST API and CRUD endpoints with using AWS Lambda, API Gateway
  • Data persistence with using AWS DynamoDB
  • Decouple microservices with events using AWS EventBridge
  • Message Queues for cross-service communication using AWS SQS
  • Cloud stack development with IaC using AWS CloudFormation CDK

Step by Step Design AWS Architectures w/ Course

I have just published a new course — AWS Serverless Microservices with Patterns & Best Practices.

In this course, we’re going to learn how to Design and Develop AWS Serverless Event-driven Microservices with using AWS Lambda, AWS DynamoDB, AWS API Gateway, AWS EventBridge, AWS SQS, AWS CDK for IaCInfrastructure as Code tool and AWS CloudWatch for monitoring.

Source Code

Get the Source Code from Serverless Microservices GitHub — Clone or fork this repository, if you like don’t forget the star. If you find or ask anything you can directly open issue on repository.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mehmet Ozkaya

Mehmet Ozkaya

Software/Solutions Architect, Udemy Instructor, Working on Cloud-Native and Serverless Event-driven Microservices Architectures https://github.com/mehmetozkaya