Deployment and Verification Using CloudFormation

This document describes how to deploy the sample code from this catalog using AWS CloudFormation and verify its operation. We will deploy resources to AWS using AWS CloudFormation.

Deployment Architecture

Deployment Steps

1. Verify IAM Role and Permissions Used for Deployment

Please verify the permissions of the instance role assigned to the instance created with AMI. The recommended approach is to execute with Administrator permissions first, then use AWS IAM Access Analyzer to narrow down and apply the necessary permissions.

For details on AWS IAM Access Analyzer, please refer to the relevant official documentation.

2. VPC Deployment

First, execute the CloudFormation deployment using aws-cli to deploy the VPC. After running the command, wait for the deployment to succeed from the AWS Management Console. Please enter your preferred values for --stack-name, AppName, and EnvName according to your environment.

[ec2-user ~]aws cloudformation create-stack \
--region us-east-1 \
--stack-name vpc \
--template-body file://deploy/cloudformation/vpc.yaml \
--parameters \
ParameterKey=AppName,ParameterValue=myapp \
ParameterKey=EnvName,ParameterValue=dev \
--capabilities CAPABILITY_NAMED_IAM

After deployment completion, open the output tab in the Management Console and check the following values. These values will be used in subsequent stack deployments.

3. Database Deployment

Deploy Amazon Aurora PostgreSQL within the VPC that was deployed earlier.

[ec2-user ~]aws cloudformation create-stack \
--region us-east-1 \
--stack-name db \
--template-body file://deploy/cloudformation/db.yaml \
--parameters \
ParameterKey=AppName,ParameterValue=myapp \
ParameterKey=EnvName,ParameterValue=dev \
ParameterKey=DBUserName,ParameterValue=postgreAdmin \ # Enter your preferred value
ParameterKey=DBUserPassword,ParameterValue=SuperSecurePass123 \ # Enter your preferred value with 8 or more characters
ParameterKey=VpcId,ParameterValue=vpc-01187493c944a7ff0 \ # Enter the value from the VPC output tab
ParameterKey=PrivateSubnet1,ParameterValue=subnet-0ba1ff7efe656281e \ # Enter the value from the VPC output tab
ParameterKey=PrivateSubnet2,ParameterValue=subnet-0007df266992e3a06 \ # Enter the value from the VPC output tab
--capabilities CAPABILITY_NAMED_IAM

After the database deployment is complete, check the Aurora cluster's writer instance endpoint from the output tab in the Management Console.

4. API Gateway + Lambda CloudFormation Stack Deployment

Similarly, deploy the stack using aws-cli.

[ec2-user ~]aws cloudformation create-stack \
--regio us-east-1 \
--stack-name apigateway-lambda \
--template-body file://deploy/cloudformation/apigateway-lambda.yaml \
--capabilities CAPABILITY_NAMED_IAM \
--parameters \
ParameterKey=AppName,ParameterValue=myapp \
ParameterKey=EnvName,ParameterValue=dev \
ParameterKey=VpcId,ParameterValue=vpc-01187493c944a7ff0 \
ParameterKey=PrivateSubnet1,ParameterValue=subnet-0ba1ff7efe656281e \
ParameterKey=PrivateSubnet2,ParameterValue=subnet-0007df266992e3a06 \
ParameterKey=S3SourceCodeBucket,ParameterValue=$BUCKET_NAME \
ParameterKey=S3SourceCodeKey,ParameterValue=sample_api.zip \
ParameterKey=DbHost,ParameterValue=db-postgresql-rqoopbocmcqq.cluster-chptakso6oan.us-east-1.rds.amazonaws.com \ # Aurora cluster writer instance endpoint
ParameterKey=DbUser,ParameterValue=postgreAdmin \
ParameterKey=DbPassword,ParameterValue=SuperSecurePass123 \
ParameterKey=DbName,ParameterValue=mydb

When the deployment succeeds, the API endpoint will be displayed in the output tab. Let's use this to verify the operation.

5. S3 Event + Lambda CloudFormation Stack Deployment

[ec2-user ~]aws cloudformation create-stack \
--region us-east-1 \
--stack-name s3-lambda \
--template-body file://deploy/cloudformation/s3-lambda.yaml \
--capabilities CAPABILITY_NAMED_IAM \
--parameters \
ParameterKey=AppName,ParameterValue=myapp \
ParameterKey=EnvName,ParameterValue=dev \
ParameterKey=VpcId,ParameterValue=vpc-01187493c944a7ff0 \
ParameterKey=PrivateSubnet1,ParameterValue=subnet-0ba1ff7efe656281e \
ParameterKey=PrivateSubnet2,ParameterValue=subnet-0007df266992e3a06 \
ParameterKey=S3SourceCodeBucket,ParameterValue=$BUCKET_NAME \
ParameterKey=S3SourceCodeKey,ParameterValue=sample_event.zip \
ParameterKey=DbHost,ParameterValue=db-postgresql-rqoopbocmcqq.cluster-chptakso6oan.us-east-1.rds.amazonaws.com \
ParameterKey=DbUser,ParameterValue=postgreAdmin \
ParameterKey=DbPassword,ParameterValue=SuperSecurePass123 \
ParameterKey=DbName,ParameterValue=mydb

When the deployment succeeds, an S3 bucket that triggers events will be created. When you upload a CSV file with user data here, the Lambda function will be triggered and data will be created in the database.

Operation Verification

Great work! You can perform operation verification from this page.

Deployment Architecture​

Deployment Steps​

1. Verify IAM Role and Permissions Used for Deployment​

2. VPC Deployment​

3. Database Deployment​

4. API Gateway + Lambda CloudFormation Stack Deployment​

5. S3 Event + Lambda CloudFormation Stack Deployment​

Operation Verification​