Configure Lab Environment

In this section, we will deploy our base lab infrastructure using AWS Serverless Application Model (AWS SAM) in AWS Cloud9 environment. This will consist of a public Amazon API Gateway which connects to AWS Lambda function that puts items in AWS DynamoDB. We will also create a rule in Amazon EventBridge and another AWS Lambda that will retrieve data related to cost optimization from AWS Compute Optimizer and AWS Trusted Advisor .

Our initial deployment should reflect the following diagram:

Section2 Base Architecture

Note the following:

  1. AWS SAM deployment includes an Amazon API gateway with an IAM role to invoke our Lambda function. This function references a JSON mapping file that contains trusted advisor check IDs allowing for mapping to the appropriate questions within the Well-Architected tool.

  2. AWS Lambda function puts items in AWS DynamoDB.

  3. In the Well-Architected Tool, a reviewer will define a workload which is a collection of resources and applications that delivers business value.

  4. Defining a workload in the Well-Architected Tool generates an API event called CreateWorkload that Amazon EventBridge receives. This will invoke the second AWS Lambda function.

  5. This AWS Lambda function collects usage data and recommends an appropriate instance type based on rightsizing information from AWS Compute Optimizer and AWS Trusted Advisor.

  6. The AWS Lambda function will be able to retrieve Question ID from AWS DynamoDB.

  7. The AWS Lambda function eventually updates data points into Notes in Well-Architected Tool.

Note: Select the region in which your EC2 Instances are running.

To deploy the template for the base infrastructure, complete the following steps:

1.1. Get the CloudFormation Template and deploy Cloud9.

You can get the CloudFormation template here.

The first CloudFormation template will deploy AWS Cloud9 and you can create CloudFormation Stack directly via the AWS console.

Click here for CloudFormation console deployment steps

1.2. Application Deployment using SAM(AWS Serverless Application Model).

  1. In Cloud9, a git repo will be automatically cloned and go to a working directory called integration to execute sam build. The sam build command processes your AWS SAM template file, application code, and any applicable language-specific files and dependencies.
cd /home/ec2-user/environment/aws-well-architected-labs/static/watool/200_Integration_with_AWS_Compute_Optimizer_and_AWS_Trusted_Advisor/Code/integration
sam build

Section2 SAMBuild

  1. Deploy an AWS SAM application using sam deploy –guided.
sam deploy --guided
  • Answer y to lambda authorization question. (LambdaPutDynamoDB may not have authorization defined, Is this ok?)

Section2 SAMDeploy

  1. In Outputs, take a note of APIGWUrl.

Section2 APIGWUrl

  1. Now you will update the AWS DynamoDB table with a sample mapping table in json file via API Gateway. This mapping table contains the association between the Well-Architected Question ID and AWS Trusted Advisor check ID.
  • Replace APIGWUrl with your APIGWUrl that you copied from Outputs.
curl --header "Content-Type: application/json" -d @mappings/wa-mapping.json -v POST {APIGWUrl}

Section2 MappingTable

  1. Confirm that UnprocessedItems appear to be empty, which means you successfully put items into AWS DynamoDB. Section2 Confirm

  2. In AWS DynamoDB console, click wa-mapping which you just deployed and click Explore table items. Section2 Table

Section2 Explore

  1. As per the screenshot below, you should be able to see 1 Question ID listed, together with 1 AWS Trusted Advisor check ID. Section2 Items


You have now completed the first section of the Lab.

Click on Next Step to continue to the next section.