- Install Rust, Cargo, Lambda Crate, Terraform
For this project I decided to add a particular story to help define how we would expect users to interact with this lambda and the greater context that this lambda exists in. Below are the assumptions in no particular order
- This lambda has the responsibility of uploading an image to S3 to later be processed.
- The context for this lambda is that its a part of an online image manipulation service
- Users do not need an account or be authorized to use the service
- We will only serve users in NA/EU
Clone the project
git clone git@github.com:Spheny1/JasperHealth-Takehome-assesment.gitBuild Lambda
cd lambda
cargo lambda build --release --output-format zipApply Terraform Plan
export REGION={AWS-REGION}
export ENV={DESIRED-ENV}
terraform init
terraform apply -var="region=$REGION" -var="environment=$ENV"This project was slated to take 2-3 hours and I am content with the project as is. Given more time here are some improvements I would make
- Currently the Api Gateway is only checking for the user-agent that is forwaded by the CloudFront distribution a more secure solution would be to have the custom header whose value could be stored in Secrets Manager and be rotated on a schedule. Then, create a Lambda Authorizer function to check for this value in Secrets Manager and authorize the request that way.
- Setting up shared resources to reuse resources such as IAM Roles and the Api Gateway. Currently this will deploy a new Api Gateway based on the environment parameter given a more DRY solution could be to reuse the Gateway and have a new deployment based on the environment specified.
- Setting up Remote State. When creating automation pipelines setting up remote state it could be so even if my pipeline builds the infrastructure, locally I could still destroy it.