Package & Deploy:
• aws cloudformation package / sam package
• aws cloudformation deploy / sam deploy
Deep dive into SAM deployment
aws cloudformation package
• SAM Template YAML file trasnform into
• app code +swagger zip and upload to code S3 bucket
aws cloudformation deploy
• Generated Template CloudFormation YAML
• Create and execute change set to stack
SAM Policy Templates
List of templates to apply permissions to
your Lambda Functions
Full list available here:
https://docs.aws.amazon.com/serverlessapplicationmodel/
latest/developerguide/serverlesspolicy-
templates.html#serverless-policytemplate-
table
Important examples:
• S3ReadPolicy: Gives read only permissions to
objects in S3
• SQSPollerPolicy: Allows to poll an SQS queue
• DynamoDBCrudPolicy: CRUD = create read
update delete
SAM and CodeDeploy
SAM framework natively uses
CodeDeploy to update Lambda
functions
Traffic Shifting feature
Pre and Post traffic hooks
features to validate deployment
(before the traffic shift starts and
after it ends)
Easy & automated rollback using
CloudWatch Alarm
SAM – Exam Summary
SAM is built on CloudFormation
SAM requires the Transform and Resources sections
Commands to know:
• sam build: fetch dependencies and create local deployment artifacts
• sam package: package and upload to Amazon S3, generate CF template
• sam deploy: deploy to CloudFormation
SAM Policy templates for easy IAM policy definition
SAM is integrated with CodeDeploy to do deploy to Lambda aliases
Questions
What are the two commands to run to upload Lambda functions and CloudFormation templates to AWS?:cloudformation package and cloudformation deploy
You have a CloudFormation template and it starts with:Transform: ‘AWS::Serverless-2016-10-31’What does the Transform represent?: its a SAM template
Which of the following is NOT an added resource type by Serverless Application Model?: AWS::Serverless::UserPool
Which Policy should you insert in your serverless model template to give buckets access for read access?:S3ReadPolicy