Check out a live version of the app (work in progress).
or
Use the setup instructions below to make one for yourself!
- An Amazon Web Services account
- Node.js and NPM
- Amazon Web Services Command Line Interface command
- Mac or Linux: Python >= 2.6.5 then
pip install awscli
- Mac: Use Homebrew:
brew install awscli
- Windows: Use AWS's CLI installer
- Mac or Linux: Python >= 2.6.5 then
- A Google account
(instructions not yet complete)
Give yourself an 1-2 hours to complete this setup. It is a long process -- too long, I think. That is the current reality in this world of stitching AWS services together like this. In January 2016, I am going to create a script that will do the bulk of this work. This will greatly speed up and simplify the setup process.
- Clone this repo and the serverless-buffer-app-lambda repo to your dev machine. The first one contains all the front-end code. The second one contains the AWS Lambda function code, which is effectively the server code.
- Let's create an IAM user with access only to the AWS services we need. This is more secure as the IAM user has restricted permissions compared to your primary AWS user. In general, it's a bad idea to use your primary AWS user's credentials for building apps.
Here is the JSON to paste in as the Policy Document:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1428341300017",
"Action": [
"dynamodb:DeleteItem",
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:Query",
"dynamodb:Scan",
"dynamodb:UpdateItem"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Sid": "",
"Resource": "*",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow"
}
]
}
- Now create a role that uses this policy. This role will be assigned to the Lambda functions.
- Add an email address and product name to enable OAuth authentication in this project.
- Configure OAuth. Add all the domains from which your app will be hosted (e.g. http://localhost:8080 and http://tweet.crc.io). Save the client ID you get for later.
- Now create an AWS IAM role that will use Google as the authentication provider.
Choose Google and paste in the client ID you got from Google.
- Now let's restrict login to only your Google account. Get your Google ID by going to https://plus.google.com and clicking
Profile
. Your Google ID is the number in the URL.
- Click Next on the following two screens.
- Copy/paste the new role's ARN to the serverless-buffer-app-gui config file and finish creating the role. (TODO: update path of config file)
I'd love your help! Check out the open issues to find something you can help on.
ISC License (MIT-like, but better)
Copyright (c) 2015, Chris Castle
Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.