Amazon AWS recently opened a new region in China, and now Lambda and API Gateway are available there.
I wonder if anyone has succeeded in utilizing serverless framework to deploy code in China region. Our initial attempt has resulted in failures. We were able to resolve the S3 bucket issue by modifying serverless Javascript code to reference resources in China region. But we failed at the last step in modifying API Gateway.
We are at a loss as to where to look to overcome this obstacle. We are therefore checking to see if anyone has attempted similar things, and can share a few tips.
Thanks in advance for any help that you can offer!
+1 for this, does anyone have successful experience with CN regions?
Using Serverless framework for AWS China is possible.
Many additional steps are required to make the serverless framework in AWS China.
-
Create a separate profile ( e.g. cn) in ~/.aws/ and add your region name (cn-northwest-1 ) and the access key and secret access key in the credentials file.
-
When deploying the serverless framework, you will need to use this profile
serverless deploy --aws-profile cn
-
The EDGE API gateway configuration is not supported in AWS China region.
So you will be to configure API gateway type in the serverless.yaml file.
endpointType: REGIONAL
- The partition name we use for DynamoDB tables and the S3 buckets is normally “aws” for other region. For AWS China the partition name is aws-cn
So the references to DynamoDb and other services like S3.
“arn:aws-cn:dynamodb:cn-northwest-1::table/”
"arn:aws-cn:s3:::/*”
-
EnvironmentVariablesFeature is not supported in cn-northwest-1 region
So you will need to remove if there are any environment variables used for Lambda
-
The next issue is related to permission for API Gateway to call Lambda.
You might get an error like -
The provided principal was invalid. Please check the principal and try again.
Serverless has provided a solution, you will need to install a node.js plugin from serverless
- The last problem is related to API gateway whitelisting. Even after deploying your solution using serverless, you may receive an error -
403 forbidden exception - when API was invoked via Postman or CURL
The API gateway needs to be whitelisted for your AWS Account using either by getting an ICP exception or ICP recordal.
Hope this helps.
regards,
dattatray.