This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2018-10-10
Channels
- # 100-days-of-code (2)
- # announcements (2)
- # aws (11)
- # beginners (114)
- # boot (6)
- # calva (11)
- # cider (11)
- # cljdoc (2)
- # cljs-dev (7)
- # clojure (126)
- # clojure-berlin (1)
- # clojure-conj (4)
- # clojure-dev (1)
- # clojure-germany (12)
- # clojure-italy (22)
- # clojure-spec (96)
- # clojure-uk (111)
- # clojurescript (27)
- # core-async (8)
- # cursive (17)
- # datomic (26)
- # devops (5)
- # editors (15)
- # emacs (13)
- # events (1)
- # figwheel-main (27)
- # fulcro (64)
- # hyperfiddle (29)
- # jobs (8)
- # jobs-discuss (7)
- # liberator (4)
- # off-topic (46)
- # om (9)
- # onyx (1)
- # overtone (1)
- # perun (8)
- # re-frame (28)
- # reagent (35)
- # reitit (5)
- # shadow-cljs (96)
- # spacemacs (1)
- # testing (10)
- # timbre (8)
- # tools-deps (63)
- # unrepl (1)
- # yada (10)
@mping Maybe with distinct ? https://docs.datomic.com/on-prem/query.html#aggregates-returning-collections
How are people handling middleware with Ions since routing happens at the API Gateway layer?
Nothing stops you from using ring middleware with ions. put the middleware around your app inside your call to apigw/ionize
@joe.lane That's what I was thinking, but then aren't I wrapping each handler individually, even if they all share common middleware?
Oh, so just a bare API Gateway proxy on "/", then everything the same as a usual Clojure webapp from there?
Delegating everything to the app feels like a misuse of API Gateway, but I'm just getting started with this entire stack. I'm basically here asking for best practices, or stories of pain so I can avoid. Maybe those haven't really congealed around Ions yet.
Have 'ionized' 3 apps at this point, run every thing through a single API GW for two of them, and the last we have two for a 'hard' separation of user and admin functions. I've been back and forth on it as well, but I'm leaning more towards using APIGW, more or less like ions use lambda, more of an AWS'ey way to 'lift' stuff into the clojure/datomic world as early as possible in a given flow, then just take it from there.
Thanks for the response. I feel much more comfortable drawing from at least some experience rather than making it up as I go. Just to clarify, you mean two "routes" in APIGW mapped to two Ion handlers?
we went with one proxy resource on / in apigw too, we're migrating from datomic cloud client on elasticbeanstalk, so this was a question of get it working with the least rework.
maybe one day, i'll try to separate the routing, but then it still makes sense to do that in clojure and use something like bidi to generate the swagger for api gw
hey @U8LN9KT2N yep, two separate ion/lambda handlers, and actually 2 separate endpoints, as opposed to 2 routes in a single endpoint. That was Probably more laziness than anything else lol. But may look at doing the routing in a single APIGW at some point
I'm definitely drawn to the "one APIGW entry proxying to one Ion handler per app" approach since then I can reuse the established Clojure webapp patterns and track all my routing/etc.. in code rather than a separate structure versioned in AWS. I've been second-guessing though since the core team's tutorials (eg https://docs.datomic.com/cloud/ions/ions-tutorial.html#webapp) guide towards "one Gateway entry and Ion handler per operation".
Create a policy in IAM with read access to said S3 object, copy the arn for that policy, then do a parameter upgrade on your datomic cloud stack. At the bottom of the first ( I think) page there is a section that says effectively āattach the arn for the policy you want these nodes to haveā. Paste the arn of the policy you created, complete the parameter upgrade, and that should do it.
That worked. Thanks! For reference: My basic misconception was that I added an inline policy to the Lambda execution role. But the Lambda function created on is just a thin layer for invoking the Clojure code inside the Datomic compute node.
(@stuarthalloway talks about this about 21 minutes into his intro video https://www.youtube.com/watch?v=3BRO-Xb32Ic)
Yeah, the docs are correct, however I believe that part is buried in āOperation > Access Controlā no where near the rest of the ion tutorial. https://docs.datomic.com/cloud/operation/access-control.html#authorize-ions