MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas & AWS Lambda

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Chris Munns – Senior Developer Advocate – AWS
Serverless
How to Build Applications
with MongoDB Atlas and AWS
Lambda

About me:
Chris Munns - munns@amazon.com, @chrismunns
• Senior Developer Advocate - Serverless
• New Yorker
• Previously:
• AWS Business Development Manager – DevOps, July ’15 - Feb ‘17
• AWS Solutions Architect Nov, 2011- Dec 2014
• Formerly on operations teams @Etsy and @Meetup
• Little time at a hedge fund, Xerox and a few other startups
• Rochester Institute of Technology: Applied Networking and Systems
Administration ’05
• Internet infrastructure geek

https://secure.flickr.com/photos/mgifford/4525333972
Why are we
here today?

No servers to provision
or manage
Scales with usage
Never pay for idle Availability and fault
tolerance built in
Serverless means…

SERVICES (ANYTHING)
Changes in
data state
Requests to
endpoints
Changes in
resource state
EVENT SOURCE FUNCTION
Node.js
Python
Java
C#
Go
Serverless applications

Anatomy of a Lambda function
Handler() function
Function to be executed
upon invocation
Event object
Data sent during
Lambda Function
Invocation
Context object
Methods available to
interact with runtime
information (request ID,
log group, etc.)
public String handleRequest(Book book, Context context) {
saveBook(book);
return book.getName() + " saved!";
}

Using AWS Lambda
Bring your own code
• Node.js, Java, Python,
C#, Go
• Bring your own libraries
(even native ones)
Simple resource model
• Select power rating from
128 MB to 3 GB
• CPU and network
allocated proportionately
Flexible use
• Synchronous or
asynchronous
• Integrated with other
AWS services
Flexible authorization
• Securely grant access to
resources and VPCs
• Fine-grained control for
invoking your functions

Using AWS Lambda
Authoring functions
• Cloud9
• WYSIWYG editor or
upload packaged .zip
• Third-party plugins
(Eclipse, Visual Studio)
Monitoring and logging
• Metrics for requests,
errors, and throttles
• Built-in logs to Amazon
CloudWatch Logs
• X-Ray integration
Programming model
• Use processes, threads,
/tmp, sockets normally
• AWS SDK built in
(Python and Node.js)
Stateless
• Persist data using
external storage
• No affinity or access to
underlying infrastructure

Common Lambda use cases
Web
Applications
• Static
websites
• Complex web
apps
• Packages for
Flask and
Express
Data
Processing
• Real time
• MapReduce
• Batch
Chatbots
• Powering
chatbot logic
Backends
• Apps &
services
• Mobile
• IoT
</></>
Amazon
Alexa
• Powering
voice-enabled
apps
• Alexa Skills
Kit
IT
Automation
• Policy engines
• Extending
AWS services
• Infrastructure
management

Create a unified
API frontend for
multiple micro-
services
Authenticate and
authorize
requests to a
backend
DDoS protection
and throttling for
your backend
Throttle, meter,
and monetize API
usage by 3rd
party developers
Amazon API Gateway

API Gateway integrations
Internet
Mobile Apps
Websites
Services
AWS Lambda
functions
AWS
API Gateway
Cache
Endpoints on
Amazon EC2
Amazon
CloudWatch
Monitoring
Amazon
CloudFront
Any other AWS
service
YOUR VPC
Endpoints in
Your VPC
Regional API Endpoints
All publicly accessible
endpoints
AWS Lambda
functions

Amazon Kinesis + Lambda
Amazon
Kinesis
AWS
Lambda 1
Amazon
CloudWatch
Amazon
DynamoDB
AWS
Lambda 2 Amazon
S3
Real Time Data Processing:
1. Real-time event data sent to Amazon Kinesis,
allows multiple AWS Lambda functions to
process the same events.
2. In AWS Lambda, Function 1 processes and
aggregates data from incoming events, then
stores result data in Amazon DynamoDB
3. Lambda Function 1 also sends values to
Amazon CloudWatch for simple monitoring of
metrics.
4. In AWS Lambda function, Function 2 does data
manipulation of incoming events and stores
results in Amazon S3
https://s3.amazonaws.com/awslambda-reference-architectures/stream-processing/lambda-refarch-streamprocessing.pdf

What is MongoDB Atlas?

MongoDB Atlas
Deploy, operate, and scale a MongoDB database in
the cloud with just a few clicks.
• Self Service & Elastic
• Global and highly available
• Secure by default
• Comprehensive Monitoring
• Managed Backup
• Multi-region and Multi-cloud

MongoDB Atlas - Capabilities
Fine grained monitoring
and alerts
Consolidated database
management
Real-time performance
panel
Performance Advisor Data Explorer Query-able backup
snapshots

Why DBaaS?
On-premises Database as a ServiceSelf-managed in the cloud
Hardware procurement
Install / rack servers
Configure Network
Audit data center / update inventory
Install operating system
Harden Security configuration
Install Database
Configure Database
Load Data
Test/Validate Configuration
Build a private network in the cloud
Set up security groups
Research and test instance types
to run the database
Configure for high availability
Launch instances
Install MongoDB automation agent
Configure SSL / TLS
Choose instance, hit “deploy”,
wait a few minutes
Time to Value: Weeks to Months
Complex Coordination
Time to Value: Hours to Days
Complex Coordination
Time to Value: Minutes
Entirely self-service

Secure your API
https://www.flickr.com/photos/modernrelics/1093797721/

Amazon API Gateway Security
Several mechanisms for adding Authz/Authn to our API:
• IAM Permissions
• Use IAM policies and AWS credentials to grant access
• Custom Authorizers
• Use Lambda to validate a bearer token(Oauth or SAML as
examples) or request parameters and grant access
• Cognito User Pools
• Create a completely managed user management system

Authentication type comparison
Feature AWS_IAM TOKEN REQUEST COGNITO
Authentication X X X X
Authorization X X X
SignatureV4 X
Cognito User Pools X X X
Third-Party
Authentication
X X
Multiple Header Support X
Additional Costs NONE Pay per
authorizer
invoke
Pay per authorizer
invoke
NONE

Cognito User Pools
Add user sign-up and sign-
in easily to your mobile and
web apps without worrying
about server infrastructure
Serverless Authentication
and User Management
Verify phone numbers and
email addresses and offer
multi-factor authentication
Enhanced Security
Features
Launch a simple, secure,
low-cost, and fully managed
service to create and
maintain a user directory
that scales to 100s of
millions of users
Managed User Directory
1 2 3

Where do you ..
https://secure.flickr.com/photos/stevendepolo/5749192025/

InternetMobile/Web
apps
AWS Lambda
functions
AWS
API Gateway
Basic API technology stack
MongoDB
Atlas

Meet
SAM!

AWS Serverless Application Model (SAM)
CloudFormation extension optimized for
serverless
New serverless resource types: functions, APIs,
and tables
Supports anything CloudFormation supports
Open specification (Apache 2.0)
- SAM Translator recently open sourced!
https://github.com/awslabs/serverless-application-model

SAM Template
AWSTemplateFormatVersion: '2010-09-09’
Transform: AWS::Serverless-2016-10-31
Resources:
GetHtmlFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: s3://sam-demo-bucket/todo_list.zip
Handler: index.gethtml
Runtime: nodejs4.3
Policies: AmazonDynamoDBReadOnlyAccess
Events:
GetHtml:
Type: Api
Properties:
Path: /{proxy+}
Method: ANY
ListTable:
Type: AWS::Serverless::SimpleTable

SAM Template
Tells CloudFormation this is a SAM
template it needs to “transform”
Creates a Lambda function with the
referenced managed IAM policy,
runtime, code at the referenced zip
location, and handler as defined.
Also creates an API Gateway and
takes care of all
mapping/permissions necessary
Creates a DynamoDB table with 5
Read & Write units
AWSTemplateFormatVersion: '2010-09-09’
Transform: AWS::Serverless-2016-10-31
Resources:
GetHtmlFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: s3://sam-demo-bucket/todo_list.zip
Handler: index.gethtml
Runtime: nodejs4.3
Policies: AmazonDynamoDBReadOnlyAccess
Events:
GetHtml:
Type: Api
Properties:
Path: /{proxy+}
Method: ANY
ListTable:
Type: AWS::Serverless::SimpleTable

From: https://github.com/awslabs/aws-serverless-samfarm/blob/master/api/saml.yaml
<-THIS
BECOMES THIS->
SAM Template

AWS SAM CLI SAM Local
Relaunched/GA’d on May 8th!
CLI tool for local building, validating, testing of
serverless apps
Works with Lambda functions and “proxy-style”
APIs
Response object and function logs available on
your local machine
Uses open source docker-lambda images to mimic
Lambda’s execution environment:
• Emulates timeout, memory limits, runtimes
https://github.com/awslabs/aws-sam-cli

AWS Cloud9

Today’s Lab:
• Generate data into Kinesis via:
https://github.com/awslabs/amazon-kinesis-data-generator
• Lambda digests Kinesis stream and puts into MongoDB Atlas
• Web front end -> API GW -> Lambda -> MongoDB to view data.
• Cloud9 to deploy AWS resources.
• Minimal Pre-requisties – Atlas account, AWS account, browser
• Use either Cloud9 or local laptop w/ AWS CLI, SAM CLI, and
an editor
• You will need administrative privileges on your AWS account
for this

InternetMobile/Web
apps
AWS Lambda
functions
AWS
API Gateway
Today’s Lab:
MongoDB
Atlas
Amazon
Kinesis
AWS Lambda
functions
Kinesis Generator AtlasVPC

InternetMobile/Web
apps
AWS Lambda
functions
AWS
API Gateway
Today’s Lab:
MongoDB
Atlas
Amazon
Kinesis
AWS Lambda
functions
Kinesis Generator AtlasVPC
Deployed
via Atlas
Dashboard
Ingest App Deployed via
SAM
Browser
based
app
hosted in
S3
WebApp API Deployed
via SAM

Chris Munns
munns@amazon.com
@chrismunnshttps://www.flickr.com/photos/theredproject/3302110152/

?
https://secure.flickr.com/photos/dullhunk/202872717/

MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas & AWS Lambda

More Related Content

Similar to MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas & AWS Lambda (20)

More from MongoDB (20)

Recently uploaded (20)

MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas & AWS Lambda