https://github.com/trojan295/aws-sam-lambda-notes-example-app
An example Vue.js + Golang based Lambda backend app deployed using AWS SAM
https://github.com/trojan295/aws-sam-lambda-notes-example-app
codedeploy hook-functions lambda lambda-deployment rollback
Last synced: 6 months ago
JSON representation
An example Vue.js + Golang based Lambda backend app deployed using AWS SAM
- Host: GitHub
- URL: https://github.com/trojan295/aws-sam-lambda-notes-example-app
- Owner: Trojan295
- Created: 2020-09-02T08:12:45.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2020-09-04T09:51:30.000Z (over 5 years ago)
- Last Synced: 2025-04-08T22:32:25.314Z (9 months ago)
- Topics: codedeploy, hook-functions, lambda, lambda-deployment, rollback
- Language: Go
- Homepage:
- Size: 150 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# AWS Serverless Application Model Lambda Notes example application
## How to run it
1. Deploy the SAM package
```
cd backend
make deploy
```
2. Setup the repository in the created AWS Amplify app. You can use the AWS Console, so it will guide you through this
3. Browse to the created Amplify app webpage
## Lambda CodeDeploy deployments
SAM uses Lambda aliases to perform canary and linear deployments. This allows to gradually shift traffic to the new version and rollback in case errors are appearing.
This example shows two options how to perform checks on a new Lambda deployment and rollback it in case of failures:
1. Rollback triggered by Cloudwatch Alarms in the `AllowTraffic` stage. The following setup triggers a rollback of the deployment in case there are more that 5% of 5xx errors for 1 minute on the API Gateway during traffic shifting. Note that it means 5% of all Lambda calls and as SAM uses Lambda weighted alias you have to take it into account. For ex. if using `Canary10Percent5Minutes`, then 10% of the traffic is directed to the new Lambda, so with 5% error rate, 50% of the traffic to the new Lambda would need to error to trigger the rollback
```
NotesApiServerErrorAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
AlarmName: NotesApiServerErrorAlarm
EvaluationPeriods: 1
Metrics:
- Id: m1
MetricStat:
Metric:
Dimensions:
- Name: ApiName
Value: !Ref ApiName
MetricName: 5XXError
Namespace: AWS/ApiGateway
Period: !!int 60
Stat: Average
ComparisonOperator: GreaterThanThreshold
Threshold: 0.05
TreatMissingData: notBreaching
AddNote:
Type: AWS::Serverless::Function
Properties:
DeploymentPreference:
Type: Canary10Percent5Minutes
Alarms:
- !Ref NotesApiServerErrorAlarm
[...]
```
2. Hook triggered rollback. You can call a Lambda function in the `BeforeAllowTraffic` or `AfterAllowTraffic` stage, to verify the new Lambda function or run final tests. You muist call the `codedeploy:PutLifecycleEventHookExecutionStatus` API call to tell CodeDeploy about the status of the deployment. CodeDeploy will fail the deployment after 1 hour, if no call is made
```
GetNotes:
Type: AWS::Serverless::Function
Properties:
DeploymentPreference:
Hooks:
PostTraffic: !Ref ValidateAPI
[...]
ValidateAPI:
Type: AWS::Serverless::Function
Properties:
FunctionName: CodeDeployHook_ValidateAPI
Policies:
- Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- codedeploy:PutLifecycleEventHookExecutionStatus
Resource:
!Sub 'arn:aws:codedeploy:${AWS::Region}:${AWS::AccountId}:deploymentgroup:${ServerlessDeploymentApplication}/*'
[...]
```
Note that the hook Lambda function needs the IAM permissions to call the AWS API
## Notes about SAM
1. Hook functions must start with prefix "CodeDeployHook_" or you have to provide an custom IAM role for the CodeDeploy in `DeploymentPreference`
2. The hook functions must response to AWS API, if the hook passed or failed. CodeDeploy timeouts after 1 hour waiting resulting in a fail. You need to provide the policy to those functions, so they can all the API
3. The `Alarms` in `DeploymentPreference` can be used to rollback the deployment on Cloudwatch Alarm. The AWS docs suggest the other way - that they are triggered by a failed deployment