CloudSec Network

Building a Serverless App with AWS Lambda and S3

Share with

We’ll walk you through the steps to build a serverless application using AWS Lambda, S3, and Simple Email Service (SES). This guide covers creating necessary IAM roles, deploying a Lambda function, configuring SES for email notifications, and hosting a static site on S3.

1. Create an IAM Role with Necessary Permissions

First, we need to create an IAM role that our Lambda function will use to execute. This role needs permissions for Lambda, SES, and CloudWatch.

  1. Sign in to AWS Management Console and navigate to the IAM service.
  2. Create a new role:
    • Go to Roles > Create role.
    • Select AWS service as the trusted entity and choose Lambda.
  3. Attach policies:
    • Search for and attach the following policies:
      • AWSLambdaBasicExecutionRole
      • AmazonSESFullAccess
      • CloudWatchFullAccess
  4. Name the role (e.g., CSN-Lambda-Execution-Role) and complete the creation.

2. Create an Identity in SES

To send emails, we need to verify an email address in SES.

  1. Navigate to Amazon SES in the AWS Management Console.
  2. Verify an email address:
    • Navigate to Identities by the left-hand menu.
    • Select Email Addresses > Verify a New Email Address.
    • Enter your email address and complete the verification process by clicking the link sent to your email.

3. Create the Lambda Function

Next, we’ll create the Lambda function that will handle form submissions from our static site.

  1. Navigate to AWS Lambda in the AWS Management Console.
  2. Create a new function:
    • Choose Author from scratch.
    • Provide a name (e.g., CSN-Job-Application-Handler).
    • Choose Python 3.x as the runtime.
    • Set the execution role to the IAM role created in the previous step.
  3. Enable Function URLs:
    • Go to the Configuration tab > Function URL.
    • Enable the function URL, set Auth type to NONE, and enable CORS.
  4. Deploy the Python Code:
    • Replace the code with the content from CSN’s GitHub repository.
    • Update the region in the code to what is applicable for you.
    • Update the email address to the identity you verified on SES
    • Deploy the function.

4. Create an S3 Bucket

We will create an S3 bucket to host our static website.

  1. Navigate to Amazon S3 in the AWS Management Console.
  2. Create a new bucket:
    • Provide a unique bucket name (e.g., csn-job-application-site).
    • Enable public access.
  3. Download static files:
  4. Update the static files:
    • Update the apiUrl variable in script.js to the Lambda function URL.
  5. Upload the static files:
    • Upload all HTML, CSS, and JavaScript files to the S3 bucket.

5. Update S3 Bucket Policy

We need to set a bucket policy to allow public access to our files

  1. Go to the Permissions tab of the S3 bucket.
  2. Update the bucket policy:
    • Add the following policy, replacing YOUR-BUCKET-NAME with your bucket name:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::YOUR-BUCKET-NAME/*"
    }
  ]
}

6. Enable Static Website Hosting

Finally, we need to enable static website hosting for the S3 bucket.

  1. Go to the Properties tab of the S3 bucket.
  2. Enable static website hosting:
    • Specify index.html as the index document.
    • Optionally, specify 404.html as the error document.
  3. Copy the website endpoint URL.

Conclusion

Your site is now deployed and linked to the Lambda function URL. When a user submits the job application form, an email is sent to the applicant with the details of their submission.

Additional Notes

  • Enhancements: This project can be expanded to store submitted details in a database like DynamoDB, with an admin interface for retrieving applicant details secured via Cognito authentication.
  • SES Email Limitations: Only verified email addresses in SES can be used initially. To send emails to any address, you need to move out of SES sandbox mode.
  • Email Delivery Lag: There might be a delay in email delivery for some addresses, especially personal email addresses.

By following these steps, you can build a scalable, serverless application leveraging AWS services, enhancing your cloud security and development skills with CSN’s guidance.

Tagged in :

, , , , , , ,
More Articles & Posts