Lambda with API Gateway

nao1215 · Feb 9, 2024 · 47ed7e7 · 47ed7e7
1 parent fadaeee
commit 47ed7e7
Show file tree

Hide file tree

Showing 5 changed files with 137 additions and 0 deletions.
diff --git a/cloudformation/api-gateway-with-lambda/.gitignore b/cloudformation/api-gateway-with-lambda/.gitignore
@@ -0,0 +1 @@
+/bootstrap
diff --git a/cloudformation/api-gateway-with-lambda/Makefile b/cloudformation/api-gateway-with-lambda/Makefile
@@ -0,0 +1,28 @@
+.DEFAULT_GOAL := help
+
+BINARY_NAME = bootstrap
+AWS_STACK_NAME = lambda-batch
+TEMPLATE_FILE = template.yml
+
+.PHONY: help clean dependency_check build deploy
+help:  ## Show this help message  
+	@grep -E '^[0-9a-zA-Z_-]+[[:blank:]]*:.*?## .*$$' $(MAKEFILE_LIST) | sort \
+	| awk 'BEGIN {FS = ":.*?## "}; {printf "\033[1;32m%-15s\033[0m %s\n", $$1, $$2}'
+
+clean: ## Clean project
+	-rm -rf $(BINARY_NAME)
+
+dependency_check:  ## Check dependencies
+	@command -v sam > /dev/null 2>&1 || { echo "Error: sam is not installed. See https://github.com/aws/aws-sam-cli"; exit 1; }
+
+build:  ## Build binary
+	@echo "Building for Lambda execution environment (Linux/ARM64)"
+	GOOS=linux GOARCH=arm64 go build -o $(BINARY_NAME) main.go
+
+deploy: dependency_check build ## Deploy CloudFormation Template
+	sam deploy --stack-name $(AWS_STACK_NAME) --template-file $(TEMPLATE_FILE) \
+	--capabilities CAPABILITY_IAM --resolve-s3 --region ap-northeast-1  || { echo "SAM deployment failed"; exit 1; }
+
+test-deploy: build ## Deploy CloudFormation Template for test
+	samlocal deploy --stack-name $(AWS_STACK_NAME) --template-file $(TEMPLATE_FILE) \
+	--capabilities CAPABILITY_IAM --resolve-s3 --region ap-northeast-1 || { echo "SAM deployment failed"; exit 1; }
diff --git a/cloudformation/api-gateway-with-lambda/README.md b/cloudformation/api-gateway-with-lambda/README.md
diff --git a/cloudformation/api-gateway-with-lambda/main.go b/cloudformation/api-gateway-with-lambda/main.go
@@ -0,0 +1,37 @@
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"log"
+
+	"github.com/aws/aws-lambda-go/events"
+	"github.com/aws/aws-lambda-go/lambda"
+)
+
+// HealthResponse struct defines the response structure
+type HealthResponse struct {
+	Status string `json:"status"`
+}
+
+// Handler is the Lambda function handler
+func Handler(_ context.Context) (events.APIGatewayProxyResponse, error) {
+	// Create a response
+	responseBody, err := json.Marshal(HealthResponse{Status: "healthy"})
+	if err != nil {
+		log.Printf("Error marshalling JSON response: %v", err)
+		return events.APIGatewayProxyResponse{StatusCode: 500}, err
+	}
+
+	// Return API Gateway response
+	return events.APIGatewayProxyResponse{
+		StatusCode: 200,
+		Headers:    map[string]string{"Content-Type": "application/json"},
+		Body:       string(responseBody),
+	}, nil
+}
+
+func main() {
+	// Start the Lambda handler
+	lambda.Start(Handler)
+}
diff --git a/cloudformation/api-gateway-with-lambda/template.yml b/cloudformation/api-gateway-with-lambda/template.yml
@@ -0,0 +1,71 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Transform:
+  - AWS::Serverless-2016-10-31
+Description: "API Gateway with Lambda"
+
+Resources:
+  LambdaFuncttion:
+    Type: "AWS::Serverless::Function"
+    Properties:
+      FunctionName: lambda-function
+      Handler: "handler"
+      Runtime: provided.al2
+      Architectures: [arm64]
+      Timeout: 10
+      CodeUri: ./
+      MemorySize: 128
+      Policies:
+        - AWSLambdaBasicExecutionRole
+      Events:
+        GetApi:
+          Type: Api
+          Properties:
+            Path: /health
+            Method: get
+            RestApiId: !Ref API
+
+  API:
+    Type: "AWS::Serverless::Api"
+    Properties:
+      Name: sam-test-get-api
+      EndpointConfiguration: REGIONAL
+      StageName: dev
+
+  LambdaLogGroup:
+    Type: "AWS::Logs::LogGroup"
+    DeletionPolicy: Retain
+    UpdateReplacePolicy: Retain
+    Properties:
+      LogGroupName: !Sub "/aws/lambda/${LambdaFuncttion}"
+      RetentionInDays: 7
+      KmsKeyId: !GetAtt LambdaLogGroupKMSKey.Arn
+
+  LambdaLogGroupKMSKey:
+    Type: AWS::KMS::Key
+    UpdateReplacePolicy: Retain
+    DeletionPolicy: Retain
+    Properties:
+      Description: "KMS key for encrypting CloudWatch Logs"
+      EnableKeyRotation: true
+      KeyPolicy:
+        Version: "2012-10-17"
+        Id: "key-default"
+        Statement:
+          - Sid: "Allow administration of the key"
+            Effect: "Allow"
+            Principal:
+              AWS: !Sub "arn:aws:iam::${AWS::AccountId}:root"
+            Action:
+              - "kms:*"
+            Resource: "*"
+          - Sid: "Allow use of the key"
+            Effect: "Allow"
+            Principal:
+              Service: "logs.ap-northeast-1.amazonaws.com"
+            Action:
+              - "kms:Encrypt"
+              - "kms:Decrypt"
+              - "kms:ReEncrypt*"
+              - "kms:GenerateDataKey*"
+              - "kms:DescribeKey"
+            Resource: "*"