Python Function on AWS Lambda with API Gateway Endpoint

Step-by-step journal with best practice of AWS and more…

Let’s begin our project by introducing AWS Lambda. AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume.

With Lambda, you can run code for virtually any type of application or backend service — all with zero administration. Just upload your code and Lambda takes care of everything required to run and scale your code with high availability. You can set up your code to automatically trigger from other AWS services or call it directly from any web or mobile app.

In this project, we will be doing the following 4 steps:

1. Write a simple Python Function
2. Create AWS Lambda function through AWS Console
3. Test the function
4. Create and Configure API Gateway connecting to AWS Lambda

Python script

This simple function returns a text when invoked

import json
def main_handler(event, context):
    return {
        "statusCode": 200,
        "body": json.dumps('Cheers from AWS Lambda!!')
    }

Here we will discuss the basic elements of AWS Lambda function. We need a handler which gets invoked when an event is triggered. Here, I namedit main_handler but it could be any name.

event parameter passes event data to the handler

context provides various information about the lambda function during the execution like: time remaining for function termination, CloudWatch log group and stream etc. The details can be accessed with context.log_stream_name , context.memory_limit_in_mb , context.get_remaining_time_in_millis() etc. You can get more idea about context object from this aws doc.

return type is optional for the function

AWS Lambda function

Just in case you’re not familiar with AWS services, please follow instructions below to create account and an admin user rather than a root user, which is following the best security practice of AWS.

Go to the website https://aws.amazon.com/.

Click ‘Create a Free AWS account’. If you already have an Amazon shopping account, you can login using your existing account.

Create an account

Enter your contact details.

Fill in contact info

We will be using the AWS free tier, so you won’t be charged anything. However, AWS still required your credit card information.

Credit card info required

Verify your identity with Amazon.

Phone verification

Choose the free support plan.

Free plan chosen

Once the sign up process is complete. Click ‘Sign in to the console’ and log in.

Let’s create an administrator account. In the AWS console, click Services. This will open up a huge dropdown listing all the services that are available. In the search bar, type and click IAM, which stands for Identity & Access & Management.

Iam

Under IAM service, click users under access management

Add user

Create a user with both Programmatic and Console access

Notes: Following the best practice of AWS, you may not use any AWS services under root user.

Access chosen

Create a user group with administrator access

Administrator access

User group created with attached policies

Policies attached

Review and create the user

Review and create user

Credentials given and you need to store them

Notes: For best AWS security practice, these credentials will not appear again, so you must store them in a safe place for use in the future, downloading a .csv file is highly recommended

Credentials

Up to this point, we have completed our user creation process in AWS with the best practice

Are you a little bit overwhelmed? It sounds a little bit complicated in the first place, but it is always better to follow the best practice when starting to use a tool. Otherwise, a big security concern might be down the road

After logging in as admin user, we’ll get started to create our Lambda function

Type in lambda in search bar

Lambda

Create function under Lambda service

Create function

Please choose “Author from Scratch” and then use below image as a reference for the information AWS may require

Lambda settings

Now, create the new function.

Paste our simple function to the text editor and give handler lambda_function.main_handler

Script provided

Testing Lambda Function

Click on “Test” button at top right corner where we need to configure test event. As we are not sending any events, just give event a name, keep “Hello World” template as it is and “Create” it.

Testing

Now, when you hit “Test” button again, it runs through testing the function we created earlier and returns the configured value which can be seen on drop down and below the text editor.

Test outcome

Test outcome (text editor)

The test result shows not only the response of the function but also its exit status, memory used, time taken for execution, Billed duration etc.

Create and Configure API Gateway connecting to AWS Lambda

We are done with creating Lambda Function but how to invoke the function from external world? We need an endpoint, right? Here comes Amazon API Gateway. The gateway is also fully managed service which acts as “front door” for applications sitting behind on Lambda, EC2. It abstracts traffic management, authorization and access control, monitoring, and API version management providing a https gateway URL that make it easy to serve applications in few minutes.

Head over to API Gateway and we will choose HTTP API for this project. However, you’re free to explore all four options provided by AWS.

API gateway

Fill in information as shown below

Create an API

Since we only need “GET” function in our project

Configure routes

Stages

Review and create

Going back to our Lambda function and add a trigger under API Gateway

Trigger

Fill in values as shown below

Trigger settings

Find API endpoint we created at the bottom of the page

MyAPI

Click API endpoint URL to test our function

Test successfully

Voila, c’est fini

Conclusions:

Before we call the end, let us either delete or terminate services we deployed previously using AWS to avoid potential cost.

API deletion

Function deletion

Notes: If you are interested in more about charge of AWS service, here is a basic introduction in regards to services that we may need to check out after completing a project (if it is not for production purpose)

As we still have a fresh memory about our project, let us terminate/destroy/ stop our AWS resources in order to make sure that no unwanted charges take place after completing this project. Please check out the following AWS resources and make sure you stop your instance, detached volumes attached to the instance. Also, S3 bucket should leave without any resources that consumes storage. And you EIP should be disassociated with the VPC.

Stop instance

Detach volumes attached to EC2

Delete objects in S3

Disassociate EIP

Notes: Make sure you do check out all resources applied in different regions since a great number of AWS services are actually region based.

As we wrap it up for this project, let’s us discuss the tools and services we employed.

AWS Lambda is a serverless service, which allows us to deploy our function without building up EC2 and a great number of other resources prior to the function.

API Gateway, however, provides a platform for building up API 4 different forms of APIs , including HTTP API, which works with Lambda, HTTP backends; WebSocket API, which works with Lambda, HTTP, AWS Services; REST API, which works with Lambda, HTTP, AWS Services and REST API, which works with Lambda, HTTP, AWS Services.

Then we may use API Gateway as a trigger to invoke Lambda function, which accomplishes automating process.

Last but not least, Python, as a human and machine readable high level, programming language, makes the automation with ease.

If you are interested in more in-depth DevOps automation with Python, why not check out this Udemy course.