Aurora Serverless Data API with TypeORM
As a young developer I like building stuff during my free time. Since the start of my placement I got pretty interested in deploying my APIs/Applications and learning how to do that more efficiently and conveniently from a developer point of view.
My biggest drawback in deploying pet projects apps is that it costs money. That’s why I generally try to find the cheapest solution out there. This is what initially attracted me to serverless technologies. The idea that you only pay for what you use and you also get a lot of freebies allows a young person to have fun with trying different infrastructure configurations without breaking bank on cloud resources.
I’ve been using Lambda for a while and if I wanted to have an SQL database running I would use a provisioned Aurora cluster and stick my lambdas in a VPC. This provides a lot of overhead over the traditional, simple serverless infrastructure that we all desire. Well, Amazon came around and decided to give us the cost efficiency of a serverless storage layer like DynamoDB with the querying capabilities of a standard RDBMS. Meet the Data API for Aurora Serverless.
The selling point of this new technology is that instead of having to connect to an SQL database yourself, which in the serverless world would require you to stick yours lambdas in a VPC, AWS promises to handle the connections for you and offers an HTTP API that you can leverage to query the database in a completely stateless manner. Combine that with the auto-sleep functionality in Amazon Aurora and you have a setup that has only cost me under 2£ for the entire month of April. Before you go crazy at the savings that I have made keep in mind that I am only using the database occasionally over my weekend programming sessions. If you plan to do constant heavy lifting then Aurora Serverless may not be your best option.
For starters we need to create an Aurora Serverless cluster, you can do so by going to the RDS dashboard within the AWS console. Make sure to use one of the regions that currently support Data API.
The next step is to choose Amazon Aurora as your engine type and MySQL as the dialect to use.
Make sure to select the Serverless option from the “Database features” section. Make sure to enable automatic pause within the “Capacity settings” section if you want to benefit from those lovely cost savings that I was talking about.
You can leave everything else in the connectivity section as default but make sure to enable “Data API”, this is what we are here for after all. ;)
Make sure to give your initial database a name, otherwise Aurora will omit database creation as part of this step.
After Amazon is done creating your provisioned cluster it’s time to create our first user. You can have a play with the Query Editor whenever you want after this step. Make sure to take a note of the username and password you have set for this user, you will need them in the next step.
Now it’s time to create a secret that will store our database credentials within the AWS Secrets Manager. Go ahead and press the store new secret button and select “Credentials for RDS database” as your secret type. The credentials will be the ones you have created in the previous step and the DB instance will bear the name of the cluster you have created, not the initial database name you have set in the cluster configuration phase.
When viewing the secret details make sure to take note of the secret ARN, this is what you will use to let AWS know which secret you want to use when connecting to the database. Let’s try connecting to the database with the Query Editor to make sure that we have created the secret correctly. Follow the same steps as before but instead of creating new credentials choose to connect with the Secrets Manager ARN you have noted previously.
You are nearly ready to create a new TypeORM project and connect to your Aurora cluster, but first I want to make sure that you know how to create an IAM user with the correct policies attached to it. We will start by creating the policy that we will attach to our user. Go the policies tab of your IAM Dashboard and click “Create policy”. Go to the JSON tab and paste the following policy:
Replace <secret-arn> with the ARN you used to authenticate through the Query Editor and <database-arn> with your aurora cluster resource ARN, you can find it in the configuration tab of your RDS cluster. This policy allows the entity that it is attached to to get the credentials from the given secret and perform operations on the RDS database.
After you have created the policy it’s time to create a user. You can do so by going to the users tab in the IAM Dashboard and clicking “Add user”. Make sure to enable programmatic access when giving your user a name. In the next section choose to attach an existing policy directly and search for the policy that you have just created.
The next couple of steps don’t matter that much so I’ll let you figure them out on your own. It is very important that you take note of the “Access key ID” and “Secret access key” provided in the last step, that’s what you’re going to use to connect to your database.
If you don’t have it already create a credentials file at ~/.aws/credentials for Linux and %UserProfile%\.aws\credentials for Windows. And add the following lines to it. Replace <accessKey> and <secretKey> with the credentials of your newly created user.
Now it’s time for the fun part. Running queries locally with TypeORM, if you don’t have it installed already you can do so by running npm install -g typeorm. After that create a directory for your project and run typeorm init to create the necessary boilerplate.
We will be using a custom driver for TypeORM that allows it to connect to and query an RDS cluster through Data API. You can install it by running npm install --save aws-sdk typeorm-aurora-data-api-driver .
Change the contents of your ormconfig.json file to look like the ones below. Replace <secretARN> with the ARN of the secret you have created previously,<resourceARN> with the ARN of your Aurora cluster, <database> with the initial database name you have chosen during cluster creation and <region> with the region you have created your cluster in.
Install the necessary dependencies with npm install and then run the example in src/index.ts with AWS_PROFILE="data-api" npm start , if you get an error about BadRequestException: Communications link failure try running it again and everything should hopefully resolve.
If you go to the query editor now and try to query the user table you should see something similar to the following output. (when running SELECT * FROM user; )
Congratulations! You have just connected a Node.js app to an Aurora Serverless cluster through Data API. Now you can have fun with dirt cheap deployments of your hobby projects on AWS.
I hope you liked this article and if there is anything I could improve upon in the future please let me know in the comments. I would like to write a series of articles about automatically deploying a full stack serverless application on AWS using Terraform, let me know if you would have any interest in that.
