This project demonstrates how to deploy a Django application utilizing a fully serverless architecture on AWS. It uses AWS Lambda as the execution environment, SQLite as the database, and CloudFormation/SAM for infrastructure provisioning. The setup includes a local development environment using VS Code and Docker/Devcontainer. Please note that this project is intended for demonstration purposes and is not suitable for production use (see Limitations section).
A simple Django polls application:
- Live Demo
- Admin Portal (read-only)
- Username: demo
- Password: djangoserverless
This solution uses the following AWS services:
The SQLite database file is stored on EFS, which is automatically mounted to every launched Lambda function.
This project uses the AWS Lambda Web Adapter as a bridge between Django's ASGI application and Amazon API Gateway.
Static files are served from EFS by Lambda via an ASGI application blacknoise and API Gateway.
This serverless approach offers several benefits:
- Eliminates the need for running EC2/RDS instances.
- Avoids leasing IPv4 addresses.
- Can seamlessly scale down to zero.
- Small projects can run almost entirely within AWS Free Tier limits.
- High availability: the application is deployed across three availability zones.
This approach has notable drawbacks primarily due to the use of SQLite in conjunction with network-attached storage:
-
Lack of support for concurrent writes: SQLite relies on file locking for database consistency, but Amazon EFS only supports advisory locking. Since read/write operations don't check for conflicting locks before executing, concurrent writes can lead to database corruption. This makes the setup unsuitable for multi-writer scenarios.
-
Relatively high latency: Even basic applications that perform database queries may experience latency exceeding 80 milliseconds with read requests and over 150 milliseconds with write requests.
-
Relatively slow cold start: Initial startup takes over 1 second, which may affect responsiveness and user experience, especially in time-sensitive applications.
Python: 3.12
Django: 5.1
Ensure the following are installed and configured:
- Docker
- VS Code
- Dev Containers
- AWS Account
- AWS Credentials (Single-Sign On or Access Keys)
- Clone this repository:
git clone https://github.com/efficient-solutions/aws-iac-django-serverless-starter.git
-
Open the project in a Dev Container in VS Code.
-
Apply the Django database migration by running the following command in the VS Code terminal:
python src/manage.py migrate
- Create a superuser by running the following command in the VS Code terminal:
python src/manage.py createsuperuser
- Launch the Django application from the VS Code menu:
Run > Run Without Debugging
.
Before proceeding to the deployment, add your AWS credentials to the current environment. Then, execute the following commands in the VS Code terminal:
sam build
sam deploy --guided
sam remote invoke Function --event '{"manage":"migrate"}' --stack-name aws-iac-django-serverless-starter
sam remote invoke Function --event '{"manage":"collectstatic"}' --stack-name aws-iac-django-serverless-starter
sam remote invoke Function --event '{"manage":"create_superuser"}' --stack-name aws-iac-django-serverless-starter
This command creates a superuser
root
with a randomly-generated password which is returned in the output. Change this password once you log in. Also, this command can only be run once.
After successfully deploying, you will receive an HttpApiUrl
output. Open this URL in your browser.
Due to the limitations of static serving from the Lambda function, it may take several minutes after running the
collectstatic
command before all static files are available. During this time, you may encounter occasional HTTP 404 errors.
To delete all the resources created within the stack, run the following command. This process can take over 5-10 minutes.
sam delete
This project is intended for development and testing purposes only. It is not suitable for production due to the following limitations:
- Concurrent writes can lead to database corruption.
- Static files are served by Lambda, which is slow, resource-intensive, and potentially costly.
- No option for handling media files.
- No option for adding a custom domain.
- No option for connecting to other AWS services or any external APIs from Lambda.
- No option for database backup.
- The
/events
endpoint, which handles non-HTTP events, is publicly accessible and unprotected. - Django's secret key is set with SAM CLI and insecurely stored in an environment variable.
- Django's
ALLOWED_HOSTS
setting is configured with a wildcard by default, posing a security risk.
For those considering this architecture for production environments, we recommend exploring our commercial version, which addresses all the limitations mentioned above.
This software is released under the GNU GPLv3 license.
This software product is not affiliated with, endorsed by, or sponsored by Amazon Web Services (AWS) or Amazon.com, Inc. The use of the term "AWS" is solely for descriptive purposes to indicate that the software is compatible with AWS services. Amazon Web Services and AWS are trademarks of Amazon.com, Inc. or its affiliates.