Add an example for API Gateway with CORS, and CRUD Lambdas with DynamoDB (aws-samples#38)

Author: simalexan

README.md

@@ -20,6 +20,7 @@ $ cdk destroy
 
 | Example | Description |
 |---------|-------------|
+| [api-cors-lambda-crud-dynamodb](https://github.com/aws-samples/aws-cdk-examples/tree/master/typescript/api-cors-lambda-crud-dynamodb/) | Creating a single API with CORS, and five Lambdas doing CRUD operations over a single DynamoDB |
 | [application-load-balancer](https://github.com/aws-samples/aws-cdk-examples/tree/master/typescript/application-load-balancer/) | Using an AutoScalingGroup with an Application Load Balancer |
 | [classic-load-balancer](https://github.com/aws-samples/aws-cdk-examples/tree/master/typescript/classic-load-balancer/) | Using an AutoScalingGroup with a Classic Load Balancer |
 | [custom-resource](https://github.com/aws-samples/aws-cdk-examples/tree/master/typescript/custom-resource/) | Shows adding a Custom Resource to your CDK app |

typescript/api-cors-lambda-crud-dynamodb/README.md

@@ -0,0 +1,53 @@
+# API GW with CORS five Lambdas CRUD with DynamoDB
+
+This an example of an API GW with CORS enabled, pointing to five Lambdas doing CRUD operations with a single DynamoDB table.
+
+## Build
+
+To build this app, you need to be in this example's root folder. Then run the following:
+
+```bash
+npm install -g aws-cdk
+npm install
+npm run build
+```
+
+This will install the necessary CDK, then this example's dependencies, and then build your TypeScript files and your CloudFormation template.
+
+## Deploy
+
+Run `cdk deploy`. This will deploy / redeploy your Stack to your AWS Account.
+
+After the deployment you will see the API's URL, which represents the url you can then use.
+
+## The Component Structure
+
+The whole component contains:
+
+- an API, with CORS enabled on all HTTTP Methods. (Use with caution, for production apps you will want to enable only a certain domain origin to be able to query your API.)
+- Lambda pointing to `src/create.ts`, containing code for storing an item  into the DynamoDB table.
+- Lambda pointing to `src/delete-one.ts`, containing code for deleting an item from the DynamoDB table.
+- Lambda pointing to `src/get-all.ts`, containing code for getting all items from the DynamoDB table.
+- Lambda pointing to `src/get-one.ts`, containing code for getting an item from the DynamoDB table.
+- Lambda pointing to `src/update-one.ts`, containing code for updating an item in the DynamoDB table.
+- a DynamoDB table `items` that stores the data.
+- five LambdaIntegrations that connect these Lambdas to the API.
+
+## CDK Toolkit
+
+The [`cdk.json`](./cdk.json) file in the root of this repository includes
+instructions for the CDK toolkit on how to execute this program.
+
+After building your TypeScript code, you will be able to run the CDK toolkits commands as usual:
+
+    $ cdk ls
+    <list all stacks in this program>
+
+    $ cdk synth
+    <cloudformation template>
+
+    $ cdk deploy
+    <deploy stack to your account>
+
+    $ cdk diff
+    <diff against deployed stack>

typescript/api-cors-lambda-crud-dynamodb/cdk.json

@@ -0,0 +1,3 @@
+{
+    "app": "node index"
+}

typescript/api-cors-lambda-crud-dynamodb/index.ts

@@ -0,0 +1,130 @@
+import apigateway = require('@aws-cdk/aws-apigateway'); 
+import dynamodb = require('@aws-cdk/aws-dynamodb');
+import lambda = require('@aws-cdk/aws-lambda');
+import cdk = require('@aws-cdk/cdk');
+
+export class ApiLambdaCrudDynamoDBStack extends cdk.Stack {
+  constructor(app: cdk.App, id: string) {
+    super(app, id);
+
+    const dynamoTable = new dynamodb.Table(this, 'items', {
+      partitionKey: {
+        name: 'itemId',
+        type: dynamodb.AttributeType.String
+      },
+      tableName: 'items'
+    });
+
+    const getOneLambda = new lambda.Function(this, 'getOneItemFunction', {
+      code: new lambda.AssetCode('src'),
+      handler: 'get-one.handler',
+      runtime: lambda.Runtime.NodeJS810,
+      environment: {
+        TABLE_NAME: dynamoTable.tableName,
+        PRIMARY_KEY: 'itemId'
+      }
+    });
+
+    const getAllLambda = new lambda.Function(this, 'getAllItemsFunction', {
+      code: new lambda.AssetCode('src'),
+      handler: 'get-all.handler',
+      runtime: lambda.Runtime.NodeJS810,
+      environment: {
+        TABLE_NAME: dynamoTable.tableName,
+        PRIMARY_KEY: 'itemId'
+      }
+    });
+
+    const createOne = new lambda.Function(this, 'createItemFunction', {
+      code: new lambda.AssetCode('src'),
+      handler: 'create.handler',
+      runtime: lambda.Runtime.NodeJS810,
+      environment: {
+        TABLE_NAME: dynamoTable.tableName,
+        PRIMARY_KEY: 'itemId'
+      }
+    });
+
+    const updateOne = new lambda.Function(this, 'updateItemFunction', {
+      code: new lambda.AssetCode('src'),
+      handler: 'update-one.handler',
+      runtime: lambda.Runtime.NodeJS810,
+      environment: {
+        TABLE_NAME: dynamoTable.tableName,
+        PRIMARY_KEY: 'itemId'
+      }
+    });
+
+    const deleteOne = new lambda.Function(this, 'deleteItemFunction', {
+      code: new lambda.AssetCode('src'),
+      handler: 'delete-one.handler',
+      runtime: lambda.Runtime.NodeJS810,
+      environment: {
+        TABLE_NAME: dynamoTable.tableName,
+        PRIMARY_KEY: 'itemId'
+      }
+    });
+    
+    dynamoTable.grantReadWriteData(getAllLambda);
+    dynamoTable.grantReadWriteData(getOneLambda);
+    dynamoTable.grantReadWriteData(createOne);
+    dynamoTable.grantReadWriteData(updateOne);
+    dynamoTable.grantReadWriteData(createOne);
+    dynamoTable.grantReadWriteData(deleteOne);
+
+    const api = new apigateway.RestApi(this, 'itemsApi', {
+      restApiName: 'Items Service'
+    });
+
+    const items = api.root.addResource('items');
+    const getAllIntegration = new apigateway.LambdaIntegration(getAllLambda);
+    items.addMethod('GET', getAllIntegration);
+
+    const createOneIntegration = new apigateway.LambdaIntegration(createOne);
+    items.addMethod('POST', createOneIntegration);
+    addCorsOptions(items);
+
+    const singleItem = items.addResource('{id}');
+    const getOneIntegration = new apigateway.LambdaIntegration(getOneLambda);
+    singleItem.addMethod('GET', getOneIntegration);
+
+    const updateOneIntegration = new apigateway.LambdaIntegration(updateOne);
+    singleItem.addMethod('PATCH', updateOneIntegration);
+
+    const deleteOneIntegration = new apigateway.LambdaIntegration(deleteOne);
+    singleItem.addMethod('DELETE', deleteOneIntegration);
+    addCorsOptions(singleItem);
+  }
+}
+
+export function addCorsOptions(apiResource: apigateway.IResource) {
+  apiResource.addMethod('OPTIONS', new apigateway.MockIntegration({
+    integrationResponses: [{
+      statusCode: '200',
+      responseParameters: {
+        'method.response.header.Access-Control-Allow-Headers': "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent'",
+        'method.response.header.Access-Control-Allow-Origin': "'*'",
+        'method.response.header.Access-Control-Allow-Credentials': "'false'",
+        'method.response.header.Access-Control-Allow-Methods': "'OPTIONS,GET,PUT,POST,DELETE'",
+      },
+    }],
+    passthroughBehavior: apigateway.PassthroughBehavior.Never,
+    requestTemplates: {
+      "application/json": "{\"statusCode\": 200}"
+    },
+  }), {
+    methodResponses: [{
+      statusCode: '200',
+      responseParameters: {
+        'method.response.header.Access-Control-Allow-Headers': true,
+        'method.response.header.Access-Control-Allow-Methods': true,
+        'method.response.header.Access-Control-Allow-Credentials': true,
+        'method.response.header.Access-Control-Allow-Origin': true,
+      },  
+    }]
+  })
+}
+
+const app = new cdk.App();
+new ApiLambdaCrudDynamoDBStack(app, 'ApiLambdaCrudDynamoDBExample');
+app.run();

typescript/api-cors-lambda-crud-dynamodb/package.json

@@ -0,0 +1,26 @@
+{
+  "name": "api-lambda-crud-dynamodb",
+  "version": "0.23.0",
+  "description": "Running an API Gateway with four Lambdas to do CRUD operations on DynamoDB",
+  "private": true,
+  "scripts": {
+    "build": "tsc",
+    "watch": "tsc -w",
+    "cdk": "cdk"
+  },
+  "author": {
+    "name": "Aleksandar Simovic <[email protected]>",
+    "url": "https://serverless.pub"
+  },
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^8.10.38",
+    "typescript": "^3.2.4"
+  },
+  "dependencies": {
+    "@aws-cdk/aws-apigateway": "*",
+    "@aws-cdk/aws-dynamodb": "*",
+    "@aws-cdk/aws-lambda": "*",
+    "@aws-cdk/cdk": "*"
+  }
+}

typescript/api-cors-lambda-crud-dynamodb/src/create.ts

@@ -0,0 +1,30 @@
+const AWS = require('aws-sdk');
+const db = new AWS.DynamoDB.DocumentClient();
+const uuidv4 = require('uuid/v4');
+const TABLE_NAME = process.env.TABLE_NAME || '';
+const PRIMARY_KEY = process.env.PRIMARY_KEY || '';
+
+const RESERVED_RESPONSE = `Error: You're using AWS reserved keywords as attributes`,
+  DYNAMODB_EXECUTION_ERROR = `Error: Execution update, caused a Dynamodb error, please take a look at your CloudWatch Logs.`;
+
+export const handler = async (event: any = {}) : Promise <any> => {
+
+  if (!event.body) {
+    return { statusCode: 400, body: 'invalid request, you are missing the parameter body' };
+  }
+  const item = typeof event.body == 'object' ? event.body : JSON.parse(event.body);
+  item[PRIMARY_KEY] = uuidv4();
+  const params = {
+    TableName: TABLE_NAME,
+    Item: item
+  };
+
+  try {
+    await db.put(params).promise();
+    return { statusCode: 201, body: '' };
+  } catch (dbError) {
+    const errorResponse = dbError.code === 'ValidationException' && dbError.message.includes('reserved keyword') ?
+    DYNAMODB_EXECUTION_ERROR : RESERVED_RESPONSE;
+    return { statusCode: 500, body: errorResponse };
+  }
+};

typescript/api-cors-lambda-crud-dynamodb/src/delete-one.ts

@@ -0,0 +1,26 @@
+const AWS = require('aws-sdk');
+const db = new AWS.DynamoDB.DocumentClient();
+const TABLE_NAME = process.env.TABLE_NAME || '';
+const PRIMARY_KEY = process.env.PRIMARY_KEY || '';
+
+export const handler = async (event: any = {}) : Promise <any> => {
+
+  const requestedItemId = event.pathParameters.id;
+  if (!requestedItemId) {
+    return { statusCode: 400, body: `Error: You are missing the path parameter id` };
+  }
+
+  const params = {
+    TableName: TABLE_NAME,
+    Key: {
+      [PRIMARY_KEY]: requestedItemId
+    }
+  };
+
+  try {
+    await db.delete(params).promise();
+    return { statusCode: 200, body: '' };
+  } catch (dbError) {
+    return { statusCode: 500, body: JSON.stringify(dbError) };
+  }
+};

typescript/api-cors-lambda-crud-dynamodb/src/get-all.ts

@@ -0,0 +1,17 @@
+const AWS = require('aws-sdk');
+const db = new AWS.DynamoDB.DocumentClient();
+const TABLE_NAME = process.env.TABLE_NAME || '';
+
+export const handler = async () : Promise <any> => {
+
+  const params = {
+    TableName: TABLE_NAME
+  };
+
+  try {
+    const response = await db.scan(params).promise();
+    return { statusCode: 200, body: JSON.stringify(response.Items) };
+  } catch (dbError) {
+    return { statusCode: 500, body: JSON.stringify(dbError)};
+  }
+};

typescript/api-cors-lambda-crud-dynamodb/src/get-one.ts

@@ -0,0 +1,26 @@
+const AWS = require('aws-sdk');
+const db = new AWS.DynamoDB.DocumentClient();
+const TABLE_NAME = process.env.TABLE_NAME || '';
+const PRIMARY_KEY = process.env.PRIMARY_KEY || '';
+
+export const handler = async (event: any = {}) : Promise <any> => {
+
+  const requestedItemId = event.pathParameters.id;
+  if (!requestedItemId) {
+    return { statusCode: 400, body: `Error: You are missing the path parameter id` };
+  }
+
+  const params = {
+    TableName: TABLE_NAME,
+    Key: {
+      [PRIMARY_KEY]: requestedItemId
+    }
+  };
+
+  try {
+    const response = await db.get(params).promise();
+    return { statusCode: 200, body: JSON.stringify(response.Item) };
+  } catch (dbError) {
+    return { statusCode: 500, body: JSON.stringify(dbError) };
+  }
+};

typescript/api-cors-lambda-crud-dynamodb/src/update-one.ts

@@ -0,0 +1,51 @@
+const AWS = require('aws-sdk');
+const db = new AWS.DynamoDB.DocumentClient();
+const TABLE_NAME = process.env.TABLE_NAME || '';
+const PRIMARY_KEY = process.env.PRIMARY_KEY || '';
+
+const RESERVED_RESPONSE = `Error: You're using AWS reserved keywords as attributes`,
+  DYNAMODB_EXECUTION_ERROR = `Error: Execution update, caused a Dynamodb error, please take a look at your CloudWatch Logs.`;
+
+export const handler = async (event: any = {}) : Promise <any> => {
+
+  if (!event.body) {
+    return { statusCode: 400, body: 'invalid request, you are missing the parameter body' };
+  }
+
+  const editedItemId = event.pathParameters.id;
+  if (!editedItemId) {
+    return { statusCode: 400, body: 'invalid request, you are missing the path parameter id' };
+  }
+
+  const editedItem: any = typeof event.body == 'object' ? event.body : JSON.parse(event.body);
+  const editedItemProperties = Object.keys(editedItem);
+  if (!editedItem || editedItemProperties.length < 1) {
+      return { statusCode: 400, body: 'invalid request, no arguments provided' };
+  }
+
+  const firstProperty = editedItemProperties.splice(0,1);
+  const params: any = {
+      TableName: TABLE_NAME,
+      Key: {
+        [PRIMARY_KEY]: editedItemId
+      },
+      UpdateExpression: `set ${firstProperty} = :${firstProperty}`,
+      ExpressionAttributeValues: {},
+      ReturnValues: 'UPDATED_NEW'
+  }
+  params.ExpressionAttributeValues[`:${firstProperty}`] = editedItem[`${firstProperty}`];
+
+  editedItemProperties.forEach(property => {
+      params.UpdateExpression += `, ${property} = :${property}`;
+      params.ExpressionAttributeValues[`:${property}`] = editedItem[property];
+  });
+
+  try {
+    await db.update(params).promise();
+    return { statusCode: 204, body: '' };
+  } catch (dbError) {
+    const errorResponse = dbError.code === 'ValidationException' && dbError.message.includes('reserved keyword') ?
+    DYNAMODB_EXECUTION_ERROR : RESERVED_RESPONSE;
+    return { statusCode: 500, body: errorResponse };
+  }
+};