Bye bye Kubernetes, hello Serverless! Follow my channel to learn how to develop serverless applications in the cloud. I’m a big fan of serverless applications and making the most out of every managed service that cloud providers can provide. The cloud provider that I’ll make use of is AWS.
My videos are aimed at developers just getting started with programming in general, and cloud development. I will also make videos for the more experienced developers where I explain best practices and deep dive into infrastructure as code, using The Serverless Framework and Terraform.
I will try to post new videos on a two-week basis on Mondays, but some videos may be delayed a week if I have too much else going on or if it is a topic that require more research on my part.
AWSLambdaSQSQueueExecutionRole is such a misleading and st*pid way to name a policy, you would think it allows Lamda to send message to SQS. But it only allows Lambda to read from SQS. Damn AWS really is bad at naming stuff.
So true 😅 The only AWS managed policy that allows it (that I know of) is the "AmazonSQSFullAccess". Then again this way too wide of a policy to use in a production environment.
I’m glad you found it helpful😄 btw I have created an updated version of this video, which also includes how to set it all up using Terraform: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-U9n6N56neuo.html
2 месяца назад
Perfect. Saved my life. I needed it and was doing it wrong. Thank you very much.👏👏👏
Thank you so much. I spent a lot of time searching Google without finding a solution, but after following your video, I finally managed to apply SSL to my website. I really appreciate your help!
When you regiter a domain from aws, it creates hostedzone automatically^ To those who're new to all purchasing domains. It will help you out. Look in the left panel of Route53 and you can find Register Domain option.
Yes that’s right, that way you also don’t need to manually register the name servers of your Hosted Zone with your domain prover. The reason why I didn’t register it with AWS was that it at that time were cheaper to register it elsewhere 😊
Good tutorial, short, conceptual, and easy to understand, brother. I wonder about activating S3 static website hosting and blocking all public access. How can I set up my CloudFront to access objects in the bucket? The official documentation does not provide this scenario.
Hi, I'm sorry for the late response. Thank you so much! 😄 Just to clarify, you have enabled the "Static website hosting" feature on tour S3 bucket and also want to use CloudFront? If this is the case, I would say that enabling the "Static website hosting" feature on the S3 bucket partially defeats the purpose of setting up CloudFront in front of your S3 bucket. This is because the content will then be available on the S3 bucket URL anyways (bypassing CloudFront all together) without you being able to restrict who can assess it. I would suggest using a private bucket (as in my video), and setting up CloudFront. You could also set up WAF (docs.aws.amazon.com/waf/latest/developerguide/cloudfront-features.html) to further limit who can assess the content. I hope this was helpful, and please let me know if I misunderstood your question 😄
Hi 😄 Yes It can be quite simple to do that for HTTP GET requests 🙌 Depending on your requirements, doing redirects for POST requests may not be as simple. Do you want your users to be redirected as a respons for your POST request (this can be achieved quite easily)? Or do you want the POST request itself to be redirected to another API?
@@EndreSynnes I wanted to modify the parameters they sent in their POST request and return a redirect with the updated params so they would make an updated POST request. In the end, I just did it for them and returned the response. But I'm still curious if it's possible to say 'naw, send your POST request here instead of to me. '
@@deemon710 I see, my initial thought is that you have to handle this on the client/front-end🤔 I’m not sure a web browser is “smart enough” to perform the same POST request to another API given a 3xx response by itself 😅 Alternatively if you control both domains for the two applications, I guess you could just point the old domain to the new application as well, using for example Route53? Then again you wouldn’t be able to manipulate the parameters before hitting the new API. Unless you intend use a lambda function (or similar) to forward the http request to the new API🙈
Amazing video! I'm doing a university assignment where i have to create a URL-shortener using AWS, and after watching hours of content about redirects and APIs and not understanding anything, it's amazing how simple and well-paced this video is!
Thank you so much!😄 That sounds like an interesting assignment, especially that you are using AWS to do that😄 Thank you, it's great to see that people find my videos helpful!
Hi😄 What do you mean without the “hello”? The default root object: hello.html points to the hello.html inside the S3 bucket. You can of course change this to any file you want inside your S3 bucket😊 If you don’t set a default root object in CloudFront, then your user have to specify it when accessing your website (which isn’t ideal)😅 Please let me know if I misunderstood what you meant😊
Great video, wish to see lots of videos on AWS Terraform in details with step by step explanations, please kindly make videos on AWS NETWORKING, S3,EC2, Backups, IAM Roles and everything related to AWS Infrastructure configuration and management using Terraform in details
I was hoping there was a way to send the message to the SQS queue without needing to know the exact SQS URL. Similar to how you can call other Lambdas without hitting the function URL when already in a Lambda.
Hi 😄 I would also like that, but the only way to do that (that I have seen), is to first call the "get_queue_url" function: boto3.amazonaws.com/v1/documentation/api/latest/reference/services/sqs/client/get_queue_url.html
Hi 😄 I'm sorry for the late response. What do you mean you're not able to get HTTPS? Have you made use of the certificate in for example your CloudFront distribution or API Gateway?
Hello Endre , I have created s3 bucket and uploaded index.html file that is website , created custom url under object url, now custom url is not working , showing Not Found The requested URL was not found on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. Could you give me any solutions?
Hi, I'm sorry the late respons. Were you able to figure out the issue? It's hard for me to tell what the issue could be without seeing the configuration, but It may be some missing permissions where CloudFront can't access the S3 content. I will be publishing a new video replacing this one today (11am CET). It will among other things contain an update regarding how CloudFront access content in S3.
I have one qq related the redirect .. I have UI Application running on ECS and the Authentication is set in the Application using OAUTH2 .. I am accessing this application using route53 -> API Gateway -> NLB -> ALB -> ECS .. the first index page loads perfectly and then when I click login button with OAUTH2 ... authentication is successful and the OAUTH server is sending a redirect URL .. but after that second page is not loading ..its saying page cannot be found ... have you seen this issue before we have VPC Integration with API gateway and Lambda Authorizer is also enabled with API Gateway
Hi, I'm sorry for the late response. Thanks for the question and explanation of your setup. Still, it's kind of hard to know exactly where this can go wrong since there are a lot of services and config in play 🤔 Did you manage to figure out the issue?
Looks great. Can you create a service which can consume database (prefer Aurora RDS ) CRUD operations events and pass to a lambda function to trigger a notification.
Thank you so much!😄 I’m not sure exactly what you mean, do wonder if you can perform CRUD operations to an Aurora RDS database from a lambda function, or do you want a lambda function to somehow listen to CRUD operations against an RDS database performed by some other application? Please let me know if I misunderstood 😄
Hi, I assume you mean having multiple sub domains registered to one CloudFront distribution? I haven't done that for a long time myself, but as I recall there shouldn't be any reason why you can't just add another sub-domain under "Alternate domain name (CNAME)", as long as the certificate you are using also include that sub-domain😄 Please let me know if this was unclear or if you have any issues with this 😄
Fully followed the instructions, but it was done for the existing bucket and the site is still showing: Not Secure. I assume that some sort of record had to be deleted from the old set of records, but can't figure out which one
Hello Sir, Sir I want to share the message the members those are present in the dynamDb table, there the phone number is available. Then please tell me what should the process that i should follow to send the message.
@@EndreSynnes Thank you for replying to me. Yes, I have a Dynamodb where the mobile numbers are stored. Using those numbers I want to send the Sms to those people whose details are available in the Dynamodb table. In the message I want to share some other information that is present in the Dynamodb table. For example: Hello Mr.Deo We got the subscription fee of 499 on 19/12/23. Thank you. So the above information need to be updated in the message these informations are stored in the database. Sir please tell if it is possible to do it in AWS.
Hi, thank you so much!😄 Usually it takes a few minutes (maybe 5-10), but it could also take a couple hours. If it’s not valid by now (and you have followed all the steps mentioned in the video), I would assume there is a validation issue.
Hi😄 Sorry for the late response, but yes you won't find OAI in the menu anymore. Since uploading this video, AWS have replaced OAI with OAC. I will create a new video using OAC sometime in the future, but for now, I recommend reading this blog post from AWS: aws.amazon.com/blogs/networking-and-content-delivery/amazon-cloudfront-introduces-origin-access-control-oac/ I hope this was helpful😄
hmm seems not working with a wordpress site... unbelievable how much time you have to spend get a SSL certificate in CHATGPT-age ... thanks anyway for your video
Hi😄 I see, I haven't tried it with a Wordpress site myself, but did you manage to get a valid certificate for your domain? In other words, does it say it's valid in AWS Certificate Manager? 😄
Hi, I'm sorry for the late response. Thank you for the request, but I currently don't do freelance work. I will gladly make videos on topics that you, my viewers suggest, and I will gladly try to answer any question related to my videos here on RU-vid 😄
For anyone who has problem with validation timeout: You need also to set CNAME record to hosted zone. Once the validation is triggered open details of the request and you will see columns with CNAME name and CNAME value - this needs to be added for aws for validation.
Yes, as shown in the video from 4:40 and onwards 😄 You could also manually create the Hosted Zone CNAME records by copying the values from the columns CNAME name and CNAME value. This way you can validate a certificate even if the Hosted Zone isn't in the same AWS account as the certificate 😄
@@EndreSynnes sure, but considering few people here had issues with timeouts, i suppose they had watched in the same manner as I did and forgot to set it up😅
Thank you 😄 Yes you are right, I didn't make use of the domain or certificate in this video. This video was only intended to show how to deploy a hosted zone (domain) and how to create and validate a certificate for that domain. How to enable HTTPS on your applications depends on how the application is deployed. Therefore I have created separate videos on this, both for API Gateways (ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-JKI0td7QXTQ.html) and CloudFront distributions (ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-M0GfSXr75iU.html). Keep in mind that CloudFront have had some updates since I uploaded this video, so I will create a new one at some point. Still it's highly relevant and could be used as a guide for enabling HTTPS. I hope this was somewhat clarifying? 😄
Thanks Endre, helpful video, and what I'm looking for is that can we create a queue for the files that drop to an s3 bucket, I want those files to be processed in order, as far as I know, whenever new files drop to a bucket, the attached lambda triggers the function and runs for each file separetely with files are unaware of each other (tell me if I'm wrong). For example when I upload 10 files to a bucket at the same time, I want second file to trigger lambda (or whatsoever) after the first file is completely processed and so on, is there a way to do that, all I can find is that we can use SQS to trigger lambda, but I don't think this is what I'm looking for.
Sorry for the late response! Thank you so much! 😄 Well, this may be a bit complicated to answer in a RU-vid comment, but I'll try 😅 There is of course several ways to solve this (also if you really need to have sequential processing), but one way could be: First to have a Lambda function that triggers on upload to S3 and only stores a record containing the filename, upload-timestamp and a status ("new_file") in a DynamoDB table. Then maybe another function that looks for the oldest files (by timestamp) with status "new_file" and starts processing it from S3. Once finished processing the file, update the DynamoDB record with status as complete. Also, it could after that look for other records with status "new_file" and send an event which trigger the processing of the next record, until all records are marked as "complete". This may not be the best solution, but It may work if I understood your use case correctly😄
Hi 😄 I assume you mean sending to multiple SNS topics from one Lambda function? In that case, I haven't tried that myself, but I can't see any reason why you shouldn't be able to do that. I guess you could just use the Boto3 library as I have done here, and just send to multiple SNS topics. Then again what is the use case for this? Maybe EventBridge could be an alternative, with custom rules depending on the content of each message/record?
Wow your explanantions are so simple, elegant and practical! I have been searching high and low for a video to explain API Gateway to me but everything else has been a waste of time compared to this.. please tell me you have a udemy course or something!
