Serverless Stack #sst

Pål Brattberg

03/30/2021, 5:43 PM

Hi! Any plans on warning on received, non-valid attributes? I just had a case where I defined my routes like this:

Copy code

'GET /myroute': { authorizationType: sst.ApiAuthorizationType.NONE, function: `services/${id}/timer.opt2`, timeout: 15 }

Of course, that's (mostly) wrong and will ignore the timeout. Now it's defined like this and all is well:

Copy code

'GET /myroute': { authorizationType: sst.ApiAuthorizationType.NONE, function: { handler: `services/${id}/timer.opt2`, timeout: 15 } }

Tyler Flint

03/31/2021, 3:16 AM

personally I’d love to remove the stack name from everything but I am curious why there’s an inconsistency there

thdxr

03/31/2021, 2:00 PM

go env GOCACHE

thdxr

03/31/2021, 2:01 PM

are you going with the dummy AWS_LAMBDA_RUNTIME_API approach or doing it a different way?

Tyler Flint

03/31/2021, 3:08 PM

this is probably a question for cdk, but I’d rather put my stack configuration in a folder like

cdk

instead of

lib

. Is it possible to change the location?

Mike McCall

04/01/2021, 4:59 AM

Using the AppSyncApi construct, it does not appear the underlying GraphqlApi is available. Unless I am missing something there is no way to output its properties? I am trying to output graphql url and api key.

Jesse Wynants

04/01/2021, 7:20 PM

Hey Guys, Maybe a pretty basic question, but I'm coding a cron that every day pushes tasks to SQS. And then I have a consumer function that does most of the work. Now, I'm building the consumer function first, that's the most complex. Is there an easy way to run this consumer function from console, instead of pushing tasks to SQS all the time to see if it works?

Tyler Flint

04/02/2021, 1:19 PM

Is it possible to disable esbuild for

sst start

? I’ve already disabled bundling which works for deploy, but during

sst start

it still runs everything through esbuild which messes with my source map. (This is an existing app with a complex webpack config, so I webpack build first, then point the function to the result).

Tyler Flint

04/02/2021, 2:42 PM

ok now I’m running into another issue. It appears that setting

bundle: false

doesn’t actually stop esbuild from building even for deploy.

Tyler Flint

04/02/2021, 6:18 PM

absolutely

Ross Coundon

04/03/2021, 6:54 AM

@Tyler Flint has inspired me to start the process of migrating our flagship product from serverless framework to sst. We’re using ReST API rather than HTTP API, so does this mean that I can’t use the import capability described here? I.e. I’d need to define a CDK API Gateway construct in the SST stack and define all my lambda integration methods and roots there rather than being able to migrate one by one and import the ones I’m not ready to migrate into the SST stack?

Ross Coundon

04/06/2021, 2:02 PM

We use Epsagon for tracing our serverless deployments and to do so we use a serverless framework plugin that automatically wraps each handler function when deploying. Is there an ‘official’ way to do something similar i.e. a plugin framework with SST?

Dennis Dang

04/06/2021, 5:29 PM

I see that there's a new role created for every lambda + stack. So we've almost reached our initial cap of 1000 roles available. Is that happening to others as well?

thdxr

04/11/2021, 1:07 AM

possibly with this: https://github.com/aws/aws-lambda-nodejs-runtime-interface-client

thdxr

04/11/2021, 1:11 AM

is that intentional?

Mike McCall

04/12/2021, 3:46 PM

^ seems to be working now. blew up node_modules.

Jakob Fix

04/12/2021, 9:28 PM

I noticed that whenever I make a change to the infrastructure definitions (the

Api

Cron

constructs, for example) while running

npx sst start

I get this message

Detected a change in your CDK constructs. Restart the debugger to deploy the changes.

which is cool. But is there a more straight-forward way than

Ctrl-c

npx sst start

? I remember that

nodemon

I think has the

rs

command that I can type to restart the process. Anything you would consider to further improve the developer experience? (It’s only a tiny niggle, no worries). Or is there already something similar maybe? 🙏

Mike McCall

04/12/2021, 10:49 PM

It looks like when updating the resolver data source in the appsync construct you have to remove it, deploy, add it back, and redeploy. Changing the data source does not result in an update.

Matthew Purdon

04/14/2021, 5:44 PM

hey there, is there a way to use the --plugin option from CDK from the SST cli?

thdxr

04/15/2021, 4:49 AM

Is everyone using dynamodb as their primary data store? Most of my experience has been in nosql but for the past year I swung the other way and went hard into Postgres

thdxr

04/15/2021, 4:50 AM

Now looking into serverless I'm wondering if I should go back to thinking in terms of simple k/v stores

Ross Coundon

04/19/2021, 8:08 PM

I’m trying to define an ApiGatewayV1Api which has two routes, one route which requires authentication via a custom lambda authorizer and a route that requires no authorization. When I deploy I get the error for the route without auth:

Copy code

Authorization type is set to NONE which is different from what is required by the authorizer [CUSTOM]

My definition looks like this:

Copy code

const api = new ApiGatewayV1Api(this, 'CustFeedbackApi', {
      defaultAuthorizer: authorizer,
      routes: {
        'POST /save': {
          function: 'src/handler/saveFeedbackHandler.handleSaveFeedback',
          methodOptions: {
            authorizationType: AuthorizationType.NONE,
          },
        },
        'GET /retrieve': {
          function:
            'src/handler/retrieveFeedbackHandler.handleRetrieveFeedback',
          methodOptions: {
            authorizationType: AuthorizationType.CUSTOM,
          },
        },
      },
    });

So, how do I set auth for one route but not another?

Ross Coundon

04/19/2021, 9:04 PM

Should I be able to get hold of the IS_LOCAL env var inside the stack definition file? The reason I ask is that I want to extend the timeout when running locally for debug purposes.

Jakob Fix

04/19/2021, 9:31 PM

I’m trying to pass some

defaultFunctionProps

to a

Cron

construct, but while the deployment doesn’t break, I don’t see the environment variables created in the AWS console, and when I checked the SST documentation, this property wasn’t mentioned. This is what it looks like now, and its equivalent works OK for the

Api

construct:

Copy code

// Create a Cron job to ping each morning at 9h15 CEST
    new sst.Cron(this, "Cron", {
      defaultFunctionProps: {
        environment: {
          CALENDAR_ID: ssm.StringParameter.valueForStringParameter(this, 'CALENDAR_ID'),
          // FIXME: cannot currently use SecureStrings because: <https://github.com/aws/aws-cdk/issues/6819>
          GOOGLE_APPLICATION_CREDENTIALS_EMAIL: ssm.StringParameter.valueForStringParameter(this, 'GOOGLE_APPLICATION_CREDENTIALS_EMAIL'),
          GOOGLE_APPLICATION_CREDENTIALS_KEY: ssm.StringParameter.valueForStringParameter(this, 'GOOGLE_APPLICATION_CREDENTIALS_KEY'),
          GOOGLE_APPLICATION_CREDENTIALS_KEY_ID: ssm.StringParameter.valueForStringParameter(this, 'GOOGLE_APPLICATION_CREDENTIALS_KEY_ID'),
          SLACK_WEBHOOK_URL: ssm.StringParameter.valueForStringParameter(this, 'SLACK_WEBHOOK_URL'),
          GIPHY_APIKEY: ssm.StringParameter.valueForStringParameter(this, 'GIPHY_APIKEY'),
          SLACK_SIGNING_SECRET: ssm.StringParameter.valueForStringParameter(this, 'SLACK_SIGNING_SECRET'),
        }
      },
      schedule: "cron(15 7 ? * MON-FRI *)",
      job: "src/cronjob.handler"
    });

Ross Coundon

04/19/2021, 9:55 PM

I’m trying to make use of an existing table in my stack because despite using a PolicyStatement in my stack that looks like this:

Copy code

new PolicyStatement({
      actions: ['dynamodb:*'],
      effect: Effect.ALLOW,
      resources: [
        'arn:aws:dynamodb:eu-west-2:12345667889:table/mytable/*',
        'arn:aws:dynamodb:eu-west-2:12345667889:table/mytable',
      ],
    });

I’m still getting an error about not having the permission to PutItem so I wanted to try adding consumers to a table construct instead but I don’t quite understand the sample. From the doc here it shows:

Copy code

import { Table } from "@aws-cdk/aws-dynamodb";

new Table(this, "Table", {
  dynamodbTable: Table.fromTableArn(stack, "MyDynamoDBTable", tableArn),
});

Is this something i need to do from within my SST stack? If so, what is

stack

referencing?

Uncharted

04/20/2021, 10:11 AM

Hello everyone ! I'm new to SST and comes from serverless framework I was looking for information if it was possible to have custom parameters like serverless framework in the custom part. I would like to do something like that.

Copy code

npx sst deploy --myParameters myValue

Jack Fraser

04/20/2021, 8:29 PM

Having reviewed the docs and this channel I am looking for a way to do custom logic for the

authorizationType

using a custom function? Similar to Serverless framework can have custom function for the

authorizer

. The reason for this is both for authorisation and to load in extra data onto the

event.requestContext.authorizer

Ross Coundon

04/20/2021, 9:08 PM

I’m converting an app to use SST and for that I’m using the ApiGatewayV1Api construct with a custom lamdba authorizer. The problem I have is that the event that’s passed to the lambda authorizer doesn’t look like an auth event. The type definition I’m using for the handler is APIGatewayTokenAuthorizerHandler which is what I’m using in other apps and receives a APIGatewayTokenAuthorizerEvent. APIGatewayTokenAuthorizerEvent has a property named authorizationToken which is used to validate the supplied token. However, in my SST app the event that arrives looks like a regular event with headers and body etc. The relevant parts of my SST definition look like this:

Copy code

const authFunc = new Function(this, 'AuthorizerFunction', {
  handler: 'src/main/handler/firebaseAuth.handler',
  timeout: 30,
  environment,
});

const authorizer = new RequestAuthorizer(this, 'Authorizer', {
  handler: authFunc,
  resultsCacheTtl: Duration.millis(0),
  identitySources: [IdentitySource.header('Authorization')], // I think this should extract the token and add to the authorizationToken property of the event
});

const retrieveHandler = new Function(this, 'retrieveHandler', {
  handler:
    'src/main/handler/retrieveFeedbackHandler.handleRetrieveFeedback',
  timeout: scope.local ? 30 : 5,
  environment,
});

const api = new ApiGatewayV1Api(this, 'CustFeedbackApi', {
  defaultAuthorizer: authorizer,
  defaultAuthorizationType: AuthorizationType.CUSTOM,
  cors: true,
  routes: {    
    'GET /retrieve': {
      function: retrieveHandler,
    },
  },
});

Is there something I’m missing in how to define the auth function or hook it up to the API?

gio

04/27/2021, 7:09 AM

Some weeks ago someone proposed to rename cloudwatch log stream. I can’t find that topic, I remember @Frank opened a pull request. Is this issue in progress? Personally I found very difficult to find the properly log stream with these default names (in attachment). I would like to have an option which rename that default value, something like this:

new Api(this, "Api", {

routes: {

"GET /notes": {

function: {

srcPath: "src/",

handler: "list.main",

environment: { tableName: table.tableName },

permissions: [table],

logGroup: 'Notes-API-dev-readNote'

},

},

},

});

Pål Brattberg

04/27/2021, 9:12 AM

Howdy! I'm having some problems that copyFiles seems to not be working with

sst start

, but works with

sst deploy

. I have tried both for a Function and an Api path. Anybody using this?