The project is based on the tutorials/quickstarts
Modifications done within his project
- Using Gradle instead of Maven
- DB migrations instead of programmatic DB setup
- Added Testcontainers to set up Postgres in unit tests
- Added several SAM command lines as Gradle tasks
- Required installations
- AWS CLI
- AWS SAM CLI
- Docker
- Required environment variables configured in AWS for the Lambda
- QUARKUS_DATASOURCE_USERNAME
- QUARKUS_DATASOURCE_PASSWORD
- QUARKUS_DATASOURCE_JDBC_URL
- QUARKUS_DATASOURCE_REACTIVE_URL
- Existing
.env.jsonconfiguration file in the project root directory, see.env.json.template
- The native image uses less memory than the Java 11 runtime, the costs of a 64M memory block could be saved at AWS.
- The native image has a significantly lower cold start delay, several seconds less than the Java 11 runtime. A cold start delay of one second or less should be achievable.
- The
quarkusDevGradle task and@NativeImageTestare not working since the container tries to reach a nonexistent AWS Lambda poll URL at startup. - The
startLocallyansstartNativeLocallycustom Gradle tasks cannot be stopped cleanly by CTRL+C or by IDEA.
- The correct solution
- Create a new security group for the Lambda and configure access from the RDS security group, as described here.
- Configure at least one new subnet and enable internet access over a NAT gateway (extra costs), as described here.
- Configure security group and subnet(s) in a VpcConfig in
sam.*.yml. Make sure the Lamba has theAWSLambdaVPCAccessExecutionRolepermission.
- The development solution (since the correct solution requires a NAT gateway which is charged hourly, this
contradicts the idea of just testing a Lambda with minimal costs or even within the AWS free tier)
- Configure the RDS instance as publicly accessible (and implicitly accept the related security risks). By default a Lambda runs in a secure VPC with access to AWS services and the internet (but not internal resources like RDS).