AWS 中国区Lambda 部署指南
serverless 框架中部署Lambda + API Gateway:
-
Lambda 服务目前只在北京区域(cn-north-1)上线,宁夏区域(cn-northwest-1)目前不支持。
-
API 部署时,需要为
API Gateway配置Principal,配置方法如下:resources: Resources: AppLambdaPermissionApiGateway: Properties: Principal: apigateway.amazonaws.com -
部署后的API 不能直接访问,需要配置一个在光环新网上备案的域名,或者使用
aws_iam方式访问接口,配置方法如下:functions: app: handler: index.handler events: - http: method: ANY path: / authorizer: aws_iam使用
Postman方式访问方法如下,Authorization 的方式选择 AWS Signature,然后使用IAM账户的AccessKey 和 SecretKey,AWS Region 填写 cn-north-1,Service Name 填写 execute-api:
-
不要在
provider和functions中配置environment,这一配置在cn-north-1区域不支持 -
以下是一个简单的 serverless 配置:
service: serverless-aap2 custom: tableName: 'users-table-${self:provider.stage}' dynamodb: start: migrate: true provider: name: aws runtime: nodejs8.10 stage: dev endpointType: REGIONAL region: cn-north-1 iamRoleStatements: - Effect: Allow Action: - dynamodb:Query - dynamodb:Scan - dynamodb:GetItem - dynamodb:PutItem - dynamodb:UpdateItem - dynamodb:DeleteItem Resource: - { "Fn::GetAtt": ["UsersDynamoDBTable", "Arn" ] } #environment: #USERS_TABLE: ${self:custom.tableName} plugins: - serverless-dynamodb-local - serverless-offline functions: app: handler: index.handler events: - http: method: ANY path: / authorizer: aws_iam - http: method: ANY path: '{proxy+}' authorizer: aws_iam resources: Resources: AppLambdaPermissionApiGateway: Properties: Principal: apigateway.amazonaws.com UsersDynamoDBTable: Type: 'AWS::DynamoDB::Table' Properties: AttributeDefinitions: - AttributeName: userId AttributeType: S KeySchema: - AttributeName: userId KeyType: HASH ProvisionedThroughput: ReadCapacityUnits: 1 WriteCapacityUnits: 1 TableName: ${self:custom.tableName}