Book Image

Building Serverless Architectures

By : Cagatay Gurturk
Book Image

Building Serverless Architectures

By: Cagatay Gurturk

Overview of this book

Over the past years, all kind of companies from start-ups to giant enterprises started their move to public cloud providers in order to save their costs and reduce the operation effort needed to keep their shops open. Now it is even possible to craft a complex software system consisting of many independent micro-functions that will run only when they are needed without needing to maintain individual servers. The focus of this book is to design serverless architectures, and weigh the advantages and disadvantages of this approach, along with decision factors to consider. You will learn how to design a serverless application, get to know that key points of services that serverless applications are based on, and known issues and solutions. The book addresses key challenges such as how to slice out the core functionality of the software to be distributed in different cloud services and cloud functions. It covers basic and advanced usage of these services, testing and securing the serverless software, automating deployment, and more. By the end of the book, you will be equipped with knowledge of new tools and techniques to keep up with this evolution in the IT industry.
Table of Contents (10 chapters)

Preparing the environment

Before we start digging into our project, we have to have an AWS account and the AWS CLI installed on our system. Even if you already have an AWS account, it is recommended that you open a new one because every new AWS account will come with a free tier available for 12 months following your AWS sign-up date. With the free tier, you will not have to pay for most of the resources we will install throughout the book. To set up a new account, perform the following steps:

  1. Open and then choose Create an AWS Account.
  2. Follow the online instructions.

Once you create your account, you will have to create security credentials for yourself. IAM (Identity and Access Management) is a service where you manage the security configuration of your AWS account. Here, you can create more than one user and allow them granularly to specific cloud resources. For every user, you can create up to two security credentials that you can use to access AWS APIs via different SDKs or the AWS CLI tool.

When you sign up a new AWS account, a root user is created, but usage of this account with security credentials should be avoided. This account has unlimited access to your account, and if you expose your security credentials accidentally to the public domain, such as a public git repository, your account can be compromised. For the sake of simplicity, we will create a new IAM user with administrator access.

The Internet is full of stories of stolen AWS keys. It is known that some malicious software is scanning every commit published to GitHub and when they detect AWS credentials accidentally published to a public repository, they spin up lots of virtual machines using those credentials to mine Bitcoins or for other purposes. While they make money with that, the owner of the AWS account is faced with excessive bills. Therefore, you should be very protective about access keys. Do not share them with anyone and restrict the usage right of AWS users using IAM policies. The credentials of the user we create here will not be hardcoded in any code and will be merely used to configure the AWS CLI. Even though the risk of granting administrator access to this user is relatively low in this case, we recommend that you be aware of potential issues.

To create the user, perform the following steps:

  1. Navigate to
  2. In the navigation pane, choose Users and then choose Create New Users.
  3. Type the user name for the user to be created. You can create up to five users at the same time, but we need only one for now.
  4. Make sure that the Generate an access key for each user checkbox is selected.
  5. Click on Create.
  6. On the next screen, you will be given the security credentials of the user you just created. This is the only opportunity to view the credentials. If you do not save them, you will need to create new access keys for the user. That's why it's important to save the Access Key ID and Secret Access Key now.

The user you just created does not have any access to AWS resources. AWS users gain the right to access depending on the IAM policies attached to them. Now we will attach an AdministratorAccess policy to that. To accomplish that, perform the following steps:

  1. In the Users section, click on the user that you created.
  2. On Permissions tab, click on the AttachPolicy button.
  3. Check the AdministratorAccess policy and click on the Attach Policy button in the bottom-right section.

We have completed creating a user with administrator rights.

Installing AWS CLI

We are going to proceed to installing AWS CLI (Command Line Interface). The AWS CLI is a tool to manage your AWS services. It is very a powerful tool that can control all the AWS services and it is the preferred method for programmatic access to AWS APIs via the command line. Although we will use Gradle to control our deployment and the cloud resource creation process, it is useful to have the AWS CLI installed on our system.


  • Linux, OS X, or Unix
  • Python 2 version 2.6.5+ or Python 3 version 3.3+

For Mac OS X and Linux, these three commands will install the AWS CLI on your system:

    $ curl "" -o
$ unzip $ sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

Once you have the AWS CLI installed, you can configure it with the security credentials you obtained previously. Type aws configure and follow the instructions. After you complete this step, your credentials will be saved at ~/.aws/configure and different programming platform SD's and the AWS CLI tool will use these credentials when they invoke AWS APIs.