anomalyinnovations / serverless-stack-demo-api Goto Github PK

I would love to see a tutorial on how to do per function IAM role to added to the website.
This https://serverless.com/framework/docs/providers/aws/guide/iam/#custom-iam-roles but explained in a much better way :)

https://github.com/awslabs/aws-serverless-express

Just curious, with the above package you still have APIG and Lambda, but you forward any HTTP call from APIG and lean into express for all the routing and middleware needs.

That seems so much easier than having to add extra stuff to serverless.yml, and gets you the full power of express but you keep all the benefits of APIG like caching and auth.

I find it quite useful to use TS with the AWS SDK, I was wondering if we should look at doing it here? It works with serverless webpack I believe.

Following this page: https://serverless-stack.com/chapters/add-a-create-note-api.html

When running: serverless invoke local --function create --path mocks/create-event.json
It returns:

{
    "statusCode": 500,
    "headers": {
        "Access-Control-Allow-Origin": "*",
        "Access-Control-Allow-Credentials": true
    },
    "body": "{\"status\":false}"
}

I checked:
~/.aws/credentials

• it only contains 1 credential

~/.aws/config
region=us-east-1

In serverless.yml:
region=us-east-1 as well

In create.js:
region=us-east-1 as well

There are no other helpful messages that tell me why it returned statusCode 500.

Please help. Thanks.

Using the cognitoIdentityId as the userId key in the table can cause an issue, as the cognitoIdentityId can change.

If you go on to implement forgot password functionality, you will find that the cognitoIdentityId will change during a password reset. This means any notes you had with the old cognitoIdentityId will not be retrieved for the user who has changed password.

I'm thinking to store the cognito username as the userId key instead, as this seems to persist even if you do a password reset.

Has anyone else run into this issue? Any suggestions?

Hi Team,

I am following second part of serverless-stack where i want to change the env.example to env.yml to save stripesecuritykey. As per the documentation since it is Test version of stripe we have only one secret key which we need to keep for both prod and default in env.yml . But when triggering serverless invoke local --function billing --path mocks/billing-event.json command i am getting Duplicated mapping key error.

How can i resolve this ?

Thanks

Can you post the schema for the DynamoDB table or add it to serverless.yml please?

Looks as if you perhaps have a GSI on userId to make it work but it's unclear.

Thanks

Hi!

I am hitting this error trying to delete an s3 object:

  try {
    s3ObjectKey = `/private/${event.requestContext.identity.cognitoIdentityId}/${getResponse.Item.content[contentType][contentId].source['key']}`;

    s3Response = await new AWS.S3({
      apiVersion: '2006-03-01',
    })
    .deleteObject({
      Bucket: 'source-bucket',
      Key: s3ObjectKey,
    }).promise();
  } catch (error) {
    return failure({
      ...error,
      event: 's3Response',
      s3ObjectKey: s3ObjectKey,
      getResponse: getResponse
    });
  }

How does the data.attachment get uploaded to S3? Is it some Amazon magic?

getting this error:

 Error --------------------------------------------------
 
  Cannot find module 'serverless-webpack'
 
     For debugging logs, run again after setting the "SLS_DEBUG=*" environment variable.
 
  Get Support --------------------------------------------
     Docs:          docs.serverless.com
     Bugs:          github.com/serverless/serverless/issues
     Forums:        forum.serverless.com
     Chat:          gitter.im/serverless/serverless
 
  Your Environment Information -----------------------------
     OS:                     darwin
     Node Version:           6.9.1
     Serverless Version:     1.17.0

Following guide, on this step: http://serverless-stack.com/chapters/deploy-the-apis.html

Running this piece returns tokens just fine

aws cognito-idp admin-initiate-auth \
  --region us-east-1 \
  --user-pool-id $MY_COGNITO_USER_POOL_ID \
  --client-id $MY_COGNITO_APP_CLIENT_ID \
  --auth-flow ADMIN_NO_SRP_AUTH \
  --auth-parameters [email protected],PASSWORD=Passw0rd!

I take the value of idToken returned and put into the example call from the same page of the guide, replacing my values as necessary. Looks similar to:

curl https://<my-app-id>.execute-api.us-west-2.amazonaws.com/prod/notes/ \
  -H "Authorization: <my-identity-token>" \
  -d "{\"content\":\"hello world\",\"attachment\":\"hello.jpg\"}

But I get back a 500 error with the body of {success: false}

Tests run from CLI using event.json worked fine.

How could I debug this? Typically I would toss a console.log around here: https://github.com/AnomalyInnovations/serverless-stack-demo-api/blob/master/get.js#L27

Description

Can not create new users

Steps for reproduce

• Clone this repo and deploy with serverless deploy -v
• Clone the frontend api for this repo and add the configuration params from your serverless backend
• Try to create a new user

Actual result

{"__type":"NotAuthorizedException","message":"Incorrect username or password."}

Hi,
If I use the Serverless Stack back-end, the demo client works.
But with mine, I have an error 500 for AWS Api Gateway.
The problem is that the logs give nothing wrong ???

09:20:08
START RequestId: 6de0cdf1-88d9-11e8-89f5-6d79f4ef986f Version: $LATEST
START RequestId: 6de0cdf1-88d9-11e8-89f5-6d79f4ef986f Version: $LATEST

09:20:08
END RequestId: 6de0cdf1-88d9-11e8-89f5-6d79f4ef986f
END RequestId: 6de0cdf1-88d9-11e8-89f5-6d79f4ef986f

09:20:08
REPORT RequestId: 6de0cdf1-88d9-11e8-89f5-6d79f4ef986f Duration: 409.20 ms Billed Duration: 500 ms Memory Size: 1024 MB Max Memory Used: 65 MB
REPORT RequestId: 6de0cdf1-88d9-11e8-89f5-6d79f4ef986f Duration: 409.20 ms Billed Duration: 500 ms Memory Size: 1024 MB Max Memory Used: 65 MB

09:23:55
START RequestId: f67a705a-88d9-11e8-b160-457217d174dc Version: $LATEST
START RequestId: f67a705a-88d9-11e8-b160-457217d174dc Version: $LATEST

09:23:56
END RequestId: f67a705a-88d9-11e8-b160-457217d174dc
END RequestId: f67a705a-88d9-11e8-b160-457217d174dc

09:23:56
REPORT RequestId: f67a705a-88d9-11e8-b160-457217d174dc Duration: 338.56 ms Billed Duration: 400 ms Memory Size: 1024 MB Max Memory Used: 66 MB
REPORT RequestId: f67a705a-88d9-11e8-b160-457217d174dc Duration: 338.56 ms Billed Duration: 400 ms Memory Size: 1024 MB Max Memory Used: 66 MB

09:31:44
START RequestId: 0dbbd8c2-88db-11e8-86a8-53b47e299358 Version: $LATEST
START RequestId: 0dbbd8c2-88db-11e8-86a8-53b47e299358 Version: $LATEST

09:31:44
END RequestId: 0dbbd8c2-88db-11e8-86a8-53b47e299358
END RequestId: 0dbbd8c2-88db-11e8-86a8-53b47e299358

09:31:44
REPORT RequestId: 0dbbd8c2-88db-11e8-86a8-53b47e299358 Duration: 299.65 ms Billed Duration: 300 ms Memory Size: 1024 MB Max Memory Used: 66 MB
REPORT RequestId: 0dbbd8c2-88db-11e8-86a8-53b47e299358 Duration: 299.65 ms Billed Duration: 300 ms Memory Size: 1024 MB Max Memory Used: 66

Hi folks!

After running serverless deploy -v I get the following error:

An error occurred: NotesTable - Encountered unsupported property AttributeDefinitons..

When I get the logs it printed out:

Trying to populate non string value into a string for variable ${deep:0}. Please make sure the value of the property is a string.

Any idea what the problem might be?

My environment info:
OS: win32
Node Version: 8.11.2
Serverless Version: 1.29.0

I see this tutorial is using the serverless-offline package, where is this covered?

Hi,

Thanks for making this demo and the tutorial, its been an incredibly resource for learning AWS.

I am having a problem tho, and I am struggling to find a solution.

I have everything basically working. My problem is that the lambda function takes this event parameter, and for some of my end points, but not others, event is just the body payload of what I sent, and for others its { body: ..., pathParameters: ..., headers: ..., } like the serverless tutorial and the AWS documentation expect them to be.

It seems like the ones that take an actual body (POST, and PUT) lose this extra stuff, while the others (GET, DELETE) keep it. I am able to work around this, but in a kind of hacky way.

Does you know what I am doing wrong? Is there a model specification I need to make?

If I'm building the backend for an MVP of my mobile app, would you recommend using the design pattern found in this repo, or a typical Express app on EC2 beanstalk instances?

I encountered this error when running yarn test in https://serverless-stack.com/chapters/unit-tests-in-serverless.html

Solved it by changing the script in package.json to

"scripts": {
    "test": "jest --env=node"
  },

there is this line in the package.json

"main": "handler.js",
but the handler file is not present in the project. is this a mistake? does this run?

thanks.

vincent

Hey, I'm following the Test The APIs steps from https://serverless-stack.com/chapters/test-the-apis.html, and I am not able to succeed. Running this command (obv with my own creds):

$ apig-test \ --username='[email protected]' \ --password='Passw0rd!' \ --user-pool-id='YOUR_COGNITO_USER_POOL_ID' \ --app-client-id='YOUR_COGNITO_APP_CLIENT_ID' \ --cognito-region='YOUR_COGNITO_REGION' \ --identity-pool-id='YOUR_IDENTITY_POOL_ID' \ --invoke-url='YOUR_API_GATEWAY_URL' \ --api-gateway-region='YOUR_API_GATEWAY_REGION' \ --path-template='/notes' \ --method='POST' \ --body='{"content":"hello world","attachment":"hello.jpg"}'

Is returning this:

Getting temporary credentials
Making API request
/Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-cli-test/node_modules/aws-sdk/lib/request.js:31
            throw err;
            ^

TypeError: Cannot read property '1' of null
    at Object.apigClientFactory.newClient (/Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-client/dist/apigClient.js:65:57)
    at makeRequest (/Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-cli-test/index.js:157:38)
    at /Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-cli-test/index.js:150:5
    at /Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-cli-test/node_modules/aws-sdk/lib/credentials.js:123:23
    at Response.<anonymous> (/Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-cli-test/node_modules/aws-sdk/lib/credentials/cognito_identity_credentials.js:258:7)
    at Request.<anonymous> (/Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-cli-test/node_modules/aws-sdk/lib/request.js:364:18)
    at Request.callListeners (/Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-cli-test/node_modules/aws-sdk/lib/sequential_executor.js:105:20)
    at Request.emit (/Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-cli-test/node_modules/aws-sdk/lib/sequential_executor.js:77:10)
    at Request.emit (/Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-cli-test/node_modules/aws-sdk/lib/request.js:683:14)
    at Request.transition (/Users/danielkaczmarczyk/Desktop/serverless/notes-app-api/node_modules/aws-api-gateway-cli-test/node_modules/aws-sdk/lib/request.js:22:10)```



I was trying to figure out what's happening to no avail. Checked DynamoDb and Lambda - no resources are created nor any function is being invoked. please help!

I tried implementing this change, but I must be missing updating something in the setup. What package update enabled this change?

I compared all my dependencies in package.json, and they are all newer versions than the ones used in the working example that includes async without the callback. My version is working with async WITH the callback, but returns nothing if I modify to match the example.

Here are my dependencies from package.json 👍
"dependencies": {
"aws-sdk": "^2.245.1",
"babel-runtime": "^6.26.0",
"source-map-support": "^0.5.6"
},
"devDependencies": {
"babel-core": "^6.26.3",
"babel-loader": "^7.1.4",
"babel-plugin-source-map-support": "^2.0.1",
"babel-plugin-transform-runtime": "^6.23.0",
"babel-preset-env": "^1.7.0",
"babel-preset-stage-3": "^6.24.1",
"serverless-apigw-binary": "^0.4.4",
"serverless-apigwy-binary": "^0.1.0",
"serverless-offline": "^3.23.1",
"serverless-webpack": "^5.1.5",
"webpack": "^4.8.3",
"webpack-node-externals": "^1.7.2"

Hi,
When I do :
git clone https://github.com/AnomalyInnovations/serverless-stack-demo-api
npm i && sls deploy I have this error :
.......................................................................Serverless: Deployment failed!

Serverless Error ---------------------------------------

 An error occurred while provisioning your stack: ListLambdaFunction
 - Value of property Variables must be an object with
 String (or simple type) properties.

Am I the only one ?

Hi hackers!

I am hitting this error response when trying to delete an s3 object:

import AWS from "aws-sdk";
import * as dynamoDbLib from "../libs/dynamodb-lib";
import { success, failure } from "../libs/response-lib";

export async function main(event, context) {
  const contentId = event.pathParameters.noteContentId;
  const contentType = event.pathParameters.noteContentType;

  AWS.config.update({
    region: 'us-east-1',
    credentials: new AWS.CognitoIdentityCredentials({
      IdentityPoolId: 'us-east-1:...',
      IdentityId: event.requestContext.identity.cognitoIdentityId,
      RoleArn: 'arn:aws:iam::...'
    })
  });

  const getParams = {
    TableName: process.env.tableName,
    Key: {
      userId: event.requestContext.identity.cognitoIdentityId,
      noteId: event.pathParameters.noteId
    },
    ExpressionAttributeNames: {
      '#content': 'content',
      '#type': contentType,
      '#id': contentId,
    },
    ProjectionExpression: '#content.#type.#id',
  };

  try {
    const getResponse = await dynamoDbLib.call("get", getParams);

    try {
      const s3Response = await AWS.S3({
        apiVersion: '2006-03-01',
      })
      .deleteObject({
        Bucket: 'personal-development-source',
        Key: `private/${getResponse.Item.content[contentType][contentId].source['key']}`,
      }).promise();

      return success(s3Response);
    } catch (error) {
      return failure(error);
    }

    return success(getResponse.Item);
  } catch (error) {
    return failure(error);
  }
}

Probably I am missing something ;)

Thanks!

Hi,
I have created a local js file with its dependency getting import in the handler.js as below

import JsonValidator from './src/jsonvalidator'

Now when i run this on local for testing purpose using mock event json. I'm getting error import undrfined error

This is because i assume the code is not getting transpiled in local and only when it gets deployed.

So how do i transpile my code for local debugging and testing ?

I get this error when trying in command prompt.

Serverless Error ---------------------------------------

Missing "handler" property in function "resources". Please make sure you point to the correct lambda handler. For example: handler.hello. Please check the docs for more info

Hello,

I am trying to assume my identity pool user auth role when invoking my AWS REST API requests. I followed the same code setup for declaring my authentication pools/identity pools. The only change is I modified the Cognito Authenticated role to include permissions to access DynamoDB resources.

My cognito authenticated identity role:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "cognito-identity:*",
                "dynamodb:PutItem",
                "dynamodb:DeleteItem",
                "dynamodb:GetItem",
                "mobileanalytics:PutEvents",
                "dynamodb:Scan",
                "dynamodb:Query",
                "dynamodb:UpdateItem",
                "cognito-sync:*"
            ],
            "Resource": "*"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": "execute-api:Invoke",
            "Resource": "arn:aws:execute-api:us-east-1:xxxx:xxxx/*"
        }
    ]
}

Using the serverless-stack-demo-client, I log in and I see it obtained the identity id and credentials.

My request.context.identity:

identity: {
      cognitoIdentityPoolId: 'us-east-1:xxxx',
      accountId: 'xxxx',
      cognitoIdentityId: 'us-east-xxx',
      caller: 'xxx:CognitoIdentityCredentials',
      sourceIp: 'xxx.x.xx.x.',
      principalOrgId: 'o-xxxx',
      accessKey: 'xxxxxxx',
      cognitoAuthenticationType: 'authenticated',
      cognitoAuthenticationProvider: 'cognito-idp.us-east-1.amazonaws.com/xxxxx,cognito-idp.us-east-1.amazonaws.com/us-east-xxx:CognitoSignIn:xxx-xxx-xx',
      userArn: 'arn:aws:sts::xxxx:assumed-role/CognitoAuthRole-xxx/CognitoIdentityCredentials',
      userAgent: 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36',
      user: 'xxxx:CognitoIdentityCredentials'
    },

Using the API from aws-amplify, I make a request, much like the notes list example. It sets the auth header as:

authorization: AWS4-HMAC-SHA256 Credential=xxxxx/20200729/us-east-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=xxxxxxxxx

In my cloudwatch response, I see the following error:

error: "User: arn:aws:sts::xxxx:assumed-role/example-us-east-1-lambdaRole/example-rest-api-dev-getProducts is not authorized to perform: dynamodb:Query on resource: arn:aws:dynamodb:us-east-1:xxxx:table/products-table"

My assumption is that it should be using the assumed role from the userArn specified above in the identity payload to make the request. However, it appears it is still using the lambda execution role instead still.

Am I missing a step here? Do I need to manually set it to assume the role in the requestContext.identity.userArn? I have tried just about everything to get this to work properly, but keep running into issues. Any help is appreciated!

When running

$ serverless invoke local --function create --path mocks/create-event.json
from
https://serverless-stack.com/chapters/add-a-create-note-api.html

I get

{
    "statusCode": 500,
    "headers": {
        "Access-Control-Allow-Origin": "*",
        "Access-Control-Allow-Credentials": true
    },
    "body": "{\"status\":false}"
}

I added a log and get:
{ UnrecognizedClientException: The security token included in the request is invalid.

I am trying to follow along with the exercises in the Serverless Stack PDF. So far it is a really great read and I am learning a lot. I am currently at the create note part (On the front end). Currently when a user tries to create a note they receive a 503 status code. When I looked in the logs on cloud watch I was given an error that said 'unable to import module create'. After seeing this issue I decided to run a test in the AWS console on the create lambda. When I did this I received this error "cannot find module 'runtime/regenerator'". From here I decided to try and update all the npm packages to their latest version and change babel config accordingly. After testing again I get the same error "Cannot find module '@babel/runtime/regenerator'''. Local function calls work but, not once it is on the actual Lambda. I have copied and pasted some files below. Thank you in advance for any help with this issue.

package.json

{ "name": "notes-app-api", "version": "1.1.0", "description": "A Node.js starter for the Serverless Framework with async/await and unit test support", "main": "handler.js", "scripts": { "test": "jest" }, "author": "", "license": "MIT", "repository": { "type": "git", "url": "https://github.com/AnomalyInnovations/serverless-nodejs-starter.git" }, "devDependencies": { "@babel/core": "^7.4.5", "@babel/plugin-transform-runtime": "^7.4.4", "@babel/preset-env": "^7.4.5", "aws-sdk": "^2.485.0", "babel-loader": "^8.0.6", "babel-plugin-source-map-support": "^2.0.1", "jest": "^21.2.1", "serverless": "^1.46.1", "serverless-offline": "^5.3.3", "serverless-webpack": "^5.3.1", "webpack": "^4.35.0", "webpack-node-externals": "^1.7.2" }, "dependencies": { "@babel/runtime": "^7.4.5", "ajv": "^6.10.0", "source-map-support": "^0.5.12", "uuid": "^3.3.2" } }

babelrc.

{ "plugins": ["babel-plugin-source-map-support", "@babel/plugin-transform-runtime"], "presets": [ ["@babel/preset-env"], ] }

webpack.config.js

`
const slsw = require("serverless-webpack");
const nodeExternals = require("webpack-node-externals");

module.exports = {
entry: slsw.lib.entries,
target: "node",
// Generate sourcemaps for proper error messages
devtool: 'source-map',
// Since 'aws-sdk' is not compatible with webpack,
// we exclude all node dependencies
externals: [nodeExternals()],
mode: slsw.lib.webpack.isLocal ? "development" : "production",
optimization: {
// We do not want to minimize our code.
minimize: false
},
performance: {
// Turn off size warnings for entry points
hints: false
},
// Run babel on all .js files and skip those in node_modules
module: {
rules: [
{
test: /.js$/,
loader: "babel-loader",
include: __dirname,
exclude: /node_modules/
}
]
}
};
`