First install Zappa: pip install zappa. There are a couple of layers and roles to understand: accounts, groups, users, permissions, and policies.To create the AWS credentials needed to run our web app, we need to complete a couple of steps:In the IAM Dashboard, click [Groups] on the left-hand menu. Your Account Number is listed in the Support Center on the upper left-hand side.The json for the inline policy applied to the group is below.After pasting and modifying the json with your AWS Account Number, click the [Validate Policy] button to ensure you copied valid json. Then click the [Next: Permissions] button.In the Set permissions screen, select the group you created earlier in the Add user to group section and click [Next: Tags].Tags are optional. How cool is that? Install and Configure Zappa. But, I expect this set of security permissions may be too open. The rental car has to be paid for even when it's just sitting in your driveway. With Uber, you only pay for the rides you take. We want to make sure the web app runs on our computer correctly before we deploy the app with Zappa on AWS Lambda. First, we built a simple Flask app and ran it locally. Make sure to run the command in the virtual environment we installed Flask and Zappa into in the previous step. ), we'll create a The following files should now be in the main project directory If everything worked, you should be able to browse to the URL listed in the terminal (something like and see your web app running in all its serverless glory.Pretty Cool. Why is Zappa so great? Now that our AWS credentials are set, close the AWS IAM browser window. In this post, we will build a simple Flask web app with Python and run the web app on AWS Lambda using Zappa in only a few steps.This isn't really "serverless" (servers run AWS Lambda), but with an AWS Lambda function, you don't have to spin up servers, install packages, make sure security patches are up to date, and most of all: A cloud server has to run all the time, whether or not someone visits your website. For a simple temporary hobby project, AWS is effectively free.Also, serverless Lambda functions scale up and down based on demand. Serverless Flask on AWS Lambda + API Gateway. Open the At some point, you will want to shut down and delete your app. Once the wizard finishes, you’re ready to deploy your API. This web app is super small and basic, but it will give you an idea of how Zappa and AWS Lambda works.The GitHub repo with all the code used in the rest of this post can be found here: Ultimately, our web app will look something like the screen capture below.Next, let's test the Flask app locally. What is Zappa? For example, the function_name for API Gateway’s permission can be the arn from the Lambda function, thus allows the API Gateway instance to invoke Lambda function. All of the attached policy options are AWS managed policies. Lambda is Amazon's function as a service (FaaS) platorm.

Hopefully, you see a green Success screen.Click the [Show] button under the Secret access key heading. In the next step, you will copy and paste these keys into a file. Then you can add and delete users easily without losing any info in the security policy. To increase security, you could slowly pare down the permissions and see if Zappa still deploys. The simplest example even fits in a single .gif! But an AWS Lambda function only runs when requested.Think of it this way: Cloud servers are kind of like rental cars.

We could use the policy generator to create our inline policy, but instead, we will create a Custom Policy written in json format.Type a policy name and paste the json below into the Policy Document window.Your AWS Account Number can be found by clicking [Support] → [Support Center]. Almost time to Before we deploy our web app on AWS Lambda (we are almost done! We completed the project in a few steps. You can dig through this discussion on GitHub if you want to learn more about specific AWS permissions needed to run Zappa: Back at the IAM Dashboard, create a new user with the [Users] left-hand menu option and the [Add User] button.In the Add user screen, give your new user a name and select the Access Type for Programmatic access.