first take

Author: MikeBadescu

.gitattributes

@@ -0,0 +1,11 @@
+# Set the default CRLF behavior
+* text=auto
+
+# Explicitly declare text files you want to always be normalized and converted
+# to native line endings on checkout.
+*.Rmd       text
+*.R         text
+*.py        text
+
+# Declare files that will always have CRLF line endings on checkout.
+*.sh text eol=lf

README.md

@@ -1,2 +1,3 @@
 # aws-lambda-r
+
 Using R on AWS Lambda

doc/AWS-setup.md

@@ -0,0 +1,104 @@
+# aws-lambda-r - Configure AWS for production deployment
+
+**Note: the detailed instructions are not complete.** If you are familiar with AWS,
+please review the files in `scripts/` and `settings/`.
+
+These are instructions to be followed before running the scripts. At the end of 
+these instruction you should have obtained the values for the following keys:
+
+```
+IAM_ACCESS_KEY_ID=""
+IAM_SECRET_ACCESS_KEY=""
+IAM_LAMBDA_FUNCTION_ROLE=""
+EC2_KEY_NAME=""
+EC2_KEY_FILE=""
+EC2_SECURITY_GROUP_IDS=""
+EC2_SUBNET_ID=""
+S3_BUCKET=""
+API_ID=""
+API_RESOURCE_ID=""
+API_ALIAS_RESOURCE_ID=""
+API_AUTHORIZER_ID=""
+API_TOKEN=""
+```
+
+
+
+
+## IAM 
+
+IAM manages access to AWS.
+
+1. Create an IAM user account to be used only in conjunction with this app
+  + retain the values of **ACCESS_KEY_ID** and **SECRET_ACCESS_KEY**
+2. Give necessary permissions to this user
+  + [TBD: more automation --> more permissions]
+3. Create roles and policies 
+  + attach policies to the roles
+
+
+## SSH Key
+
+SSH Keys allows access through an SSH tunnel to a remove / cloud AWS EC2 instance.
+
+### Create and save SSH key for EC2 connection
+
+1. Log in to AWS Console.
+2. Go to EC2 Service
+3. Select **Key Pairs** under **NETWORK & SECURITY** menu. 
+
+![Key Pairs menu](ssh-01-key-pairs-menu.png)
+
+4. Press "Create Key Pair" button and give it a name. When you press the 
+"Create" button, the browser will start downloading the key automatically.
+
+![Enter key pair name](ssh-02-enter-key-pair-name.png)
+
+5. Open the folder containing downloaded key (a `.pem` file having the same name as the created key)
+
+6. Copy the `.pem` file to:
+    - on Windows: `C:\Users\<your_user_Name>/.ssh/` folder 
+        + in order to show hidden folders go to Folder Menu > View > Check "Hidden items"
+    - on OSX and Linux: `~/.ssh/` Additional commands might be necessary from terminal:
+        + `chmod 700 ~/.ssh`
+        + `chmod 400 ~/.ssh/<your_key_file>.pem`
+        + other instructions: [1](https://unix.stackexchange.com/a/115860) and 
+        [2](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html)
+
+
+## VPC [automate ?]
+
+1. Create dedicate VPC 
+2. Create subnet
+3. Create security group
+
+
+## LAMBDA [automate ?]
+
+1. Create Lambda Authorizer function 
+
+
+##  S3 BUCKET [automate ?]
+
+1. Create S3 bucket
+
+
+## API GATEWAY
+
+1. Create API
+2. Create resources
+3. Create authorizer
+4. Create stages
+5. Attach role for CloudWatch logging to API
+6. Enable CloudWatch Logging on stages
+
+
+## TERMINATE UNUSED INSTANCES
+
+1. Go to AWS web console and select Frankfurt / eu-central-1 region
+2. To to EC2 > Instances
+3. Select all running instance > Actions button > Instance State > Terminate
+
+## Create Custom Settings file
+
+[steps needed to create "secrets_user.sh" and "setup_user_secrets.sh" files]

doc/README.md

@@ -0,0 +1,3 @@
+# aws-lambda-r - doc
+
+Documentation directory

doc/lambda-policy.json

@@ -0,0 +1,14 @@
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "logs:CreateLogGroup",
+                "logs:CreateLogStream",
+                "logs:PutLogEvents"
+            ],
+            "Resource": "arn:aws:logs:*:*:*"
+        }
+    ]
+}

doc/lambda-trust.json

@@ -0,0 +1,12 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Principal": {
+        "Service": "lambda.amazonaws.com"
+      },
+      "Action": "sts:AssumeRole"
+    }
+  ]
+}

doc/ssh-01-key-pairs-menu.png

@@ -0,0 +1,53 @@
+# library(jsonlite)
+
+
+from_json <- function(json) {
+    
+    # basic exceptions
+    if (length(json) == 0L || is.na(json) || nchar(json) == 2L) json <- '{}'
+    
+    jsonlite::fromJSON(json)
+}
+
+
+to_json <- function(lst) {
+    
+    jsonlite::toJSON(
+        lst,
+        dataframe = 'rows',
+        null = 'list',
+        na = 'null',
+        auto_unbox = TRUE, 
+        digits = NA,
+        pretty = TRUE
+    )
+}
+
+
+# pure function (preferable), receives a json and returns a json
+aws_lambda_r <- function(input_json) {
+
+    # generic default error message
+    # defined only to illustrate how the function works
+    output_json <- '{"message": "Cannot create output JSON"}'
+
+    # possible implementation: catch all errors 
+    tryCatch({
+        input_lst <- from_json(input_json)
+        request_id <- input_lst$request_id[1]
+
+        output_lst <- list(
+            result_id = request_id,
+            result_lst = list(a = 1, b = 2:4),
+            result_dbl = 1:10 / 2,
+            message = NULL,
+        )
+        
+        output_json <- to_json(output_lst)
+
+    }, error = function(e) {
+        output_json <<- paste0('{"message": "', e$message, '"}')
+    })
+    
+    output_json
+}

doc/ssh-02-enter-key-pair-name.png

@@ -0,0 +1,5 @@
+# Ignore everything in this directory
+*
+# Except files below
+!.gitignore
+!README.md

example.R

@@ -0,0 +1,7 @@
+# aws-lambda-r - lambda
+
+All the files in this dir will used to create the AWS Lambda deployment package.
+
+- Temporary dir, NOT tracked by git!
+- The content of this dir will be updated automatically 
+- Please do not add extra files that are not being used by lambda

lambda/.gitignore

@@ -0,0 +1,3 @@
+# aws-lambda-r - python
+
+Python files, used for lambda

lambda/README.md

@@ -0,0 +1,27 @@
+import os
+import ctypes
+import rpy2.robjects as robjects
+import json
+
+os.environ["R_HOME"] = os.getcwd()
+os.environ["R_LIBS"] = os.path.join(os.getcwd(), 'libraries')
+
+for file in os.listdir('lib/external'):
+	file_name='lib/external/' + file
+    ctypes.cdll.LoadLibrary(os.path.join(os.getcwd(), file_name))
+
+
+# source R file
+# this R file might load libraries and source other files
+robjects.r['source']('example.R')
+
+# exposing R entry point to python
+aws_lambda_r = robjects.globalenv['aws_lambda_r']
+
+
+def handler_post(event, context):
+	
+	input_json = json.dumps(event)
+	output_json = aws_lambda_r(input_json)
+	
+	return output_json

python/README.md

@@ -0,0 +1 @@
+# List files to ignore

python/lambda_post.py

@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# calls all other local scripts 
+
+
+# load local settings if not already loaded
+[[ $SCR_DIR ]] || SCR_DIR="$(cd "$(dirname "$0")/."; pwd)"
+[[ $PRJ_DIR ]] || source "$SCR_DIR/02_setup.sh"
+
+
+
+source "$SCR_DIR/03_check_settings.sh"
+
+source "$SCR_DIR/04_create_ec2.sh"
+source "$SCR_DIR/05_update_ec2.sh"
+
+source "$SCR_DIR/06_copy_files.sh"
+
+source "$SCR_DIR/07_deploy_lambda.sh"
+
+source "$SCR_DIR/08_terminate_ec2.sh"
+
+source "$SCR_DIR/09_test_deployment.sh"
+
+
+echo -e "$INFO End of $(basename $0) script"