Docs Menu
Docs Home
/
Languages
/
PHP
/
PHP Library Manual

Deploy to AWS Lambda by Using Bref

On this page

  • Overview
  • Before You Get Started
  • Install Dependencies
  • Add the MongoDB Extension to Your Configuration
  • Customize the Sample Application
  • Set AWS Credentials
  • Deploy Your Application

Overview

In this guide, you can learn how to use Bref to deploy serverless PHP applications to AWS Lambda. This guide demonstrates how to deploy a PHP application built by using the PHP library and connect to an Atlas cluster by using AWS IAM authentication.

Before You Get Started

Before you can deploy to AWS Lambda by using Bref, you must set up the following components:

  • AWS account and access keys

  • Serverless Framework

The Setup tutorial in the Bref documentation describes how to prepare these components.

Install Dependencies

Bref uses Lambda layers to provide the PHP runtime. The bref layer integrates Bref into your application and is compiled with PHP and a few other extensions. You can install the other necessary extensions, such as mongodb, in other layers.

The following commands create a new project directory and install the MongoDB and Bref dependencies:

mkdir bref-mongodb-app && cd bref-mongodb-app
composer init
composer require bref/bref bref/extra-php-extensions mongodb/mongodb

Then, initialize the serverless configuration by using the bref command:

vendor/bin/bref init

After the commands complete, your project contains the following files:

  • composer.json: Lists PHP dependencies installed in the vendor directory

  • index.php: Defines a sample webpage

  • serverless.yml: Configures the deployment

Add the MongoDB Extension to Your Configuration

After you initialize the project, you can add the mongodb extension. Locate the Serverless config name in the list of extensions provided by the bref/extra-php-extension package. Add it to the layers of the function in the serverless.yaml file, as shown in the following code:

plugins:
    - ./vendor/bref/bref
    - ./vendor/bref/extra-php-extensions # Adds the extra Serverless plugin
functions:
    api:
        handler: index.php
        runtime: php-83-fpm
        layers:
            - ${bref-extra:mongodb-php-81} # Adds the MongoDB layer

Customize the Sample Application

Create a web page that list planets from the Atlas sample data by replacing the contents of index.php with the following code:

<?php
use MongoDB\Client;
require_once __DIR__ . '/vendor/autoload.php';
$uri = getenv('MONGODB_URI');
try {
    $client = new Client($uri);
    $planets = $client
        ->getCollection('sample_guides', 'planets')
        ->find([], ['sort' => ['orderFromSun' => 1]]);
} catch (Throwable $exception) {
    exit($exception->getMessage());
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <title>MongoDB Planets</title>
</head>
<body>
    <ul>
        <?php foreach ($planets as $planet) : ?>
            <li><?= $planet->name ?></li>
        <?php endforeach ?>
    </ul>
</body>
</html>

Tip

Find Operations

The preceding code uses the MongoDB\Collection::find() method to retrieve documents. To learn more about this method, see the Retrieve Data guide.

Set AWS Credentials

Atlas supports passwordless authentication when using AWS credentials. In any Lambda function, AWS sets environment variables that contain the access token and secret token for the role assigned to deploy the function.

The following steps demonstrate how to set the role in your Atlas cluster:

  1. Open the Lambda function in the AWS console.

  2. Navigate to Configuration > Permission, then copy the Role name.

  3. Add this role to your Atlas cluster in the Database Access section. Select the AWS IAM authentication method and set the built-in role Read and write any database.

To learn how to set up unified AWS access, see Set Up Unified AWS Access in the Atlas documentation.

After you configure the permissions, the Lambda function is allowed to access your Atlas cluster. Next, configure your application to use the Atlas endpoint.

Access to Atlas clusters is also restricted by IP address. Since the range of IP addresses that comes from AWS is very wide, you can allow access from everywhere. To learn how to allow universal access, see Configure IP Access List Entries in the Atlas documentation.

Note

Using Virtual Private Cloud (VPC) Peering is recommended to isolate your Atlas cluster from the internet. This requires the Lambda function to be deployed in the AWS VPC. To learn more, see Set Up a Network Peering Connection in the Atlas documentation.

Next, copy your connection string and remove the <AWS access key>:<AWS secret key> section, as your credentials are read from environment variables.

In your project's serverless.yml file, set the MONGODB_URI environment variable to your connection string:

provider:
    environment:
        MONGODB_URI: "<connection string without credentials>"

To learn more about using the MONGODB-AWS authentication mechanism, see the MONGODB-AWS section of the Authentication Mechanisms guide.

Deploy Your Application

Finally, deploy the application:

serverless deploy

After deployment completes, you can access the URL and see the list of planets from your collection.

Back

BSON

Next

Compatibility