Mixing
Using AWS Lambda to query SalesForce
I'm working on a AWS serverless app that will need to query SalesForce from AWS Lambdas to receive it's data and I'm struggling with how to authorize my Lambdas to talk to SalesForce.
Most of my research suggested that I should be using AWS VPC and Private Link to connect the two, but I can't find any details on what sort of VPC I should use.
For instance Scenario 2 of this article https://aws.amazon.com/blogs/apn/connecting-aws-and-salesforce-enables-enterprises-to-do-more-with-customer-data/ seems to be describing exactly what I want to do but is very vague on the details.
So far I've tried to set up a VPC using com.amazonaws.us-east-1.events for the service (I'm not sure if this is the correct service, but it make the most sense to me from the options I was given when trying to create a service) and I was able to use this service to create an endpoint.
I'm also sure where to enter the SalesForce authorization information. And I would assume I need to do something on the SalesForce's end like create a Connected App.
Am I on the right track here? Or should I just be trying to get an OAuth2 token from SalesForce that my Lambdas will use to connect? Or do I need to do both?
EDIT: So it turns out VPC was not the way to go since this is a serverless app. It's possible it might work wonders if I had an EC2 instance but I don't. I just wasn't hitting the authorization endpoint correctly.
rest-api aws
asked Dec 31 '18 at 21:03
Alexis BellAlexis Bell
112
add a comment |
I'm working on a AWS serverless app that will need to query SalesForce from AWS Lambdas to receive it's data and I'm struggling with how to authorize my Lambdas to talk to SalesForce.
Most of my research suggested that I should be using AWS VPC and Private Link to connect the two, but I can't find any details on what sort of VPC I should use.
For instance Scenario 2 of this article https://aws.amazon.com/blogs/apn/connecting-aws-and-salesforce-enables-enterprises-to-do-more-with-customer-data/ seems to be describing exactly what I want to do but is very vague on the details.
So far I've tried to set up a VPC using com.amazonaws.us-east-1.events for the service (I'm not sure if this is the correct service, but it make the most sense to me from the options I was given when trying to create a service) and I was able to use this service to create an endpoint.
I'm also sure where to enter the SalesForce authorization information. And I would assume I need to do something on the SalesForce's end like create a Connected App.
Am I on the right track here? Or should I just be trying to get an OAuth2 token from SalesForce that my Lambdas will use to connect? Or do I need to do both?
EDIT: So it turns out VPC was not the way to go since this is a serverless app. It's possible it might work wonders if I had an EC2 instance but I don't. I just wasn't hitting the authorization endpoint correctly.
rest-api aws
asked Dec 31 '18 at 21:03
Alexis BellAlexis Bell
112
add a comment |
I'm working on a AWS serverless app that will need to query SalesForce from AWS Lambdas to receive it's data and I'm struggling with how to authorize my Lambdas to talk to SalesForce.
Most of my research suggested that I should be using AWS VPC and Private Link to connect the two, but I can't find any details on what sort of VPC I should use.
For instance Scenario 2 of this article https://aws.amazon.com/blogs/apn/connecting-aws-and-salesforce-enables-enterprises-to-do-more-with-customer-data/ seems to be describing exactly what I want to do but is very vague on the details.
So far I've tried to set up a VPC using com.amazonaws.us-east-1.events for the service (I'm not sure if this is the correct service, but it make the most sense to me from the options I was given when trying to create a service) and I was able to use this service to create an endpoint.
I'm also sure where to enter the SalesForce authorization information. And I would assume I need to do something on the SalesForce's end like create a Connected App.
Am I on the right track here? Or should I just be trying to get an OAuth2 token from SalesForce that my Lambdas will use to connect? Or do I need to do both?
EDIT: So it turns out VPC was not the way to go since this is a serverless app. It's possible it might work wonders if I had an EC2 instance but I don't. I just wasn't hitting the authorization endpoint correctly.
rest-api aws
asked Dec 31 '18 at 21:03
Alexis BellAlexis Bell
112
I'm working on a AWS serverless app that will need to query SalesForce from AWS Lambdas to receive it's data and I'm struggling with how to authorize my Lambdas to talk to SalesForce.
Most of my research suggested that I should be using AWS VPC and Private Link to connect the two, but I can't find any details on what sort of VPC I should use.
For instance Scenario 2 of this article https://aws.amazon.com/blogs/apn/connecting-aws-and-salesforce-enables-enterprises-to-do-more-with-customer-data/ seems to be describing exactly what I want to do but is very vague on the details.
So far I've tried to set up a VPC using com.amazonaws.us-east-1.events for the service (I'm not sure if this is the correct service, but it make the most sense to me from the options I was given when trying to create a service) and I was able to use this service to create an endpoint.
I'm also sure where to enter the SalesForce authorization information. And I would assume I need to do something on the SalesForce's end like create a Connected App.
Am I on the right track here? Or should I just be trying to get an OAuth2 token from SalesForce that my Lambdas will use to connect? Or do I need to do both?
EDIT: So it turns out VPC was not the way to go since this is a serverless app. It's possible it might work wonders if I had an EC2 instance but I don't. I just wasn't hitting the authorization endpoint correctly.
rest-api aws
rest-api aws
asked Dec 31 '18 at 21:03
Alexis BellAlexis Bell
112
asked Dec 31 '18 at 21:03
Alexis BellAlexis Bell
112
edited 2 days ago
Alexis Bell
asked Dec 31 '18 at 21:03
Alexis BellAlexis Bell
112
asked Dec 31 '18 at 21:03
Alexis BellAlexis Bell
112
asked Dec 31 '18 at 21:03
Alexis BellAlexis Bell
112
112
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Disclaimer: I'm not at all familiar with Amazon's cloud offerings (other than the pricing model being very convoluted)
As far as the Salesforce side of the equation is concerned, you're on the right track.
You'll need to create your own connected app with the permissions (also called OAuth scopes) indicated in that article:
Perform requests on your behalf, Access your basic information, and Access and manage your data.
After you create the connected app in Salesforce, you'll have access to the pieces of information that your VPC endpoint requires, namely the consumer key and consumer secret. To (try to) be clear, the thing that requires the information from your connected app is the VPC endpoint on the Amazon side of things.
The VPC endpoint from your linked article is the thing that does the heavy lifting for OAuth (things like constructing the OAuth request, storing the resulting access token, sending that access token in subsequent requests, and managing the refresh token). You shouldn't need to perform any of the steps in any of the OAuth flows yourself, and it sounds like following your linked article should mean that Amazon takes care of wiring your lambda and endpoint together.
answered Dec 31 '18 at 21:35
Derek FDerek F
19.2k31849
Thanks, it helps to know I'm on the right track. Sadly however it's the Amazon side of things I can't seem to find any good documentation on and has me completely stumped. But at least I know I'm stumped on the right stuff.
– Alexis Bell
Dec 31 '18 at 22:04
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "459"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsalesforce.stackexchange.com%2fquestions%2f245087%2fusing-aws-lambda-to-query-salesforce%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Disclaimer: I'm not at all familiar with Amazon's cloud offerings (other than the pricing model being very convoluted)
As far as the Salesforce side of the equation is concerned, you're on the right track.
You'll need to create your own connected app with the permissions (also called OAuth scopes) indicated in that article:
Perform requests on your behalf, Access your basic information, and Access and manage your data.
After you create the connected app in Salesforce, you'll have access to the pieces of information that your VPC endpoint requires, namely the consumer key and consumer secret. To (try to) be clear, the thing that requires the information from your connected app is the VPC endpoint on the Amazon side of things.
The VPC endpoint from your linked article is the thing that does the heavy lifting for OAuth (things like constructing the OAuth request, storing the resulting access token, sending that access token in subsequent requests, and managing the refresh token). You shouldn't need to perform any of the steps in any of the OAuth flows yourself, and it sounds like following your linked article should mean that Amazon takes care of wiring your lambda and endpoint together.
answered Dec 31 '18 at 21:35
Derek FDerek F
19.2k31849
Thanks, it helps to know I'm on the right track. Sadly however it's the Amazon side of things I can't seem to find any good documentation on and has me completely stumped. But at least I know I'm stumped on the right stuff.
– Alexis Bell
Dec 31 '18 at 22:04
add a comment |
Disclaimer: I'm not at all familiar with Amazon's cloud offerings (other than the pricing model being very convoluted)
As far as the Salesforce side of the equation is concerned, you're on the right track.
You'll need to create your own connected app with the permissions (also called OAuth scopes) indicated in that article:
Perform requests on your behalf, Access your basic information, and Access and manage your data.
After you create the connected app in Salesforce, you'll have access to the pieces of information that your VPC endpoint requires, namely the consumer key and consumer secret. To (try to) be clear, the thing that requires the information from your connected app is the VPC endpoint on the Amazon side of things.
The VPC endpoint from your linked article is the thing that does the heavy lifting for OAuth (things like constructing the OAuth request, storing the resulting access token, sending that access token in subsequent requests, and managing the refresh token). You shouldn't need to perform any of the steps in any of the OAuth flows yourself, and it sounds like following your linked article should mean that Amazon takes care of wiring your lambda and endpoint together.
answered Dec 31 '18 at 21:35
Derek FDerek F
19.2k31849
Thanks, it helps to know I'm on the right track. Sadly however it's the Amazon side of things I can't seem to find any good documentation on and has me completely stumped. But at least I know I'm stumped on the right stuff.
– Alexis Bell
Dec 31 '18 at 22:04
add a comment |
Disclaimer: I'm not at all familiar with Amazon's cloud offerings (other than the pricing model being very convoluted)
As far as the Salesforce side of the equation is concerned, you're on the right track.
You'll need to create your own connected app with the permissions (also called OAuth scopes) indicated in that article:
Perform requests on your behalf, Access your basic information, and Access and manage your data.
After you create the connected app in Salesforce, you'll have access to the pieces of information that your VPC endpoint requires, namely the consumer key and consumer secret. To (try to) be clear, the thing that requires the information from your connected app is the VPC endpoint on the Amazon side of things.
The VPC endpoint from your linked article is the thing that does the heavy lifting for OAuth (things like constructing the OAuth request, storing the resulting access token, sending that access token in subsequent requests, and managing the refresh token). You shouldn't need to perform any of the steps in any of the OAuth flows yourself, and it sounds like following your linked article should mean that Amazon takes care of wiring your lambda and endpoint together.
answered Dec 31 '18 at 21:35
Derek FDerek F
19.2k31849
Disclaimer: I'm not at all familiar with Amazon's cloud offerings (other than the pricing model being very convoluted)
As far as the Salesforce side of the equation is concerned, you're on the right track.
You'll need to create your own connected app with the permissions (also called OAuth scopes) indicated in that article:
Perform requests on your behalf, Access your basic information, and Access and manage your data.
After you create the connected app in Salesforce, you'll have access to the pieces of information that your VPC endpoint requires, namely the consumer key and consumer secret. To (try to) be clear, the thing that requires the information from your connected app is the VPC endpoint on the Amazon side of things.
The VPC endpoint from your linked article is the thing that does the heavy lifting for OAuth (things like constructing the OAuth request, storing the resulting access token, sending that access token in subsequent requests, and managing the refresh token). You shouldn't need to perform any of the steps in any of the OAuth flows yourself, and it sounds like following your linked article should mean that Amazon takes care of wiring your lambda and endpoint together.
answered Dec 31 '18 at 21:35
Derek FDerek F
19.2k31849
answered Dec 31 '18 at 21:35
Derek FDerek F
19.2k31849
answered Dec 31 '18 at 21:35
Derek FDerek F
19.2k31849
answered Dec 31 '18 at 21:35
Derek FDerek F
19.2k31849
19.2k31849
Thanks, it helps to know I'm on the right track. Sadly however it's the Amazon side of things I can't seem to find any good documentation on and has me completely stumped. But at least I know I'm stumped on the right stuff.
– Alexis Bell
Dec 31 '18 at 22:04
add a comment |
Thanks, it helps to know I'm on the right track. Sadly however it's the Amazon side of things I can't seem to find any good documentation on and has me completely stumped. But at least I know I'm stumped on the right stuff.
– Alexis Bell
Dec 31 '18 at 22:04
Thanks, it helps to know I'm on the right track. Sadly however it's the Amazon side of things I can't seem to find any good documentation on and has me completely stumped. But at least I know I'm stumped on the right stuff.
– Alexis Bell
Dec 31 '18 at 22:04
Thanks, it helps to know I'm on the right track. Sadly however it's the Amazon side of things I can't seem to find any good documentation on and has me completely stumped. But at least I know I'm stumped on the right stuff.
– Alexis Bell
Dec 31 '18 at 22:04
add a comment |
Thanks for contributing an answer to Salesforce Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsalesforce.stackexchange.com%2fquestions%2f245087%2fusing-aws-lambda-to-query-salesforce%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
