As we know Amazon Web Services (AWS) is one of the most popular cloud services and on the other hand, Salesforce is a leading CRM system. Last few years, we worked on multiple engagements where we get need to integrate Salesforce with AWS.
This article I am going to discuss one of the integration design patterns. We can integrate Salesforce and AWS using different design pattern. We assumed we evaluated different design pattern and we decided to use AWS Lambda function.
I am not going to cover what is Lambda function and why do we use it. We assume you already know, and decision is to use AWS Lambda function to send some data to Salesforce.
Business Requirement
In this scenario, we assume an Account (Customer) record is updated in external service hosted on AWS and that update needs to be sent to Salesforce. AWS Lambda function may be doing multiple other things like sending mails, publishing some events, uploading some documents to S3 but our focus would be the basic integration.
Integration Solution
Well, we got the requirement and now we have to work on solution. We need a Salesforce Admin to do some configuration in Salesforce and we also need a developer who can write a Lambda function using one of the supported languages. For our solution we are going to use Python as a language to write the Lambda function.
Salesforce Configuration
Since this is very simple update of few fields from Account Object, we do not have to write any APEX based service here. We can use standard Salesforce REST API to directly update the Account Object.
If we are expecting doing lot of processing before updating account record, then you need to write and APEX code or a Salesforce Lightning Flow. In this case also you can use Salesforce standard API to publish a platform event in Salesforce. Once an event record is published, Salesforce developer can write APEX or create a flow to process and update as needed.
Since we are going to directly update Salesforce record using standard REST API, we just need Salesforce credentials. We need to create a connected app in Salesforce. Once we configure connected app in Salesforce, we can share Client Id and Client Secret to Lambda developer and he or she would be able to complete the development
We are going to create one sample connected app in Salesforce. We are going to use Client Credential Flow for this requirement. Refer Salesforce Connected App Documentation Link to get more details of Connected App
Salesforce Connected App configuration
Connected App Name: AWS Lambda Access
API Name: AWS_Lambda_Access
API (Enable oAuth Setting): checked
Callback URL: Not relevent here so you can give anything
Selected oAuth Scope: Manage user date via API(api)
Enable Client Credentials Flow: checked
Update Connected App Policy to relax IP restriction. You can enforce IP in live environment. Also update Run As in client credentials section to a user with necessary access on objects we are trying to update.
It may take few minutes for connected app to complete the configuration. Once it is done you can generate Consumer Key and Consumer Secret. As a practice test your connected app configuration using Postman or similar tool and then share the details to Lambda developer securely.
AWS Lambda Development
Now the time to write a Lambda function for AWS. We can write Lambda function in AWS console, or we can develop it locally and upload the ZIP package to AWS. Refer AWS documentation for more details of creating Lambda function.
Since we are going to call Salesforce REST API and I decided to use python request library. I would develop it locally and zip it along with dependencies. In this case I would install the request library in the folder that I created to making the zip. I would again suggest referring AWS documentation for more help related to deploying Lambda function along with dependencies.
Sample Python code is given below but that is for reference purpose only. You need to split this into logical function, remove hard-coded values, and add all necessary exceptions handling
import json,requests
### consumer key and consumer secret shared by salesforce admin
consumer_key = "GET THIS KEY FROM SALESFORCE ADMIN"
consumer_secret = "GET THE SECRENT FROM SALESFORCE ADMIN"
### host should be in domain format. Get it from my domain in Salesforce
url_host = "https://crmview-dev-ed.develop.my.salesforce.com"
url_auth = url_host + "/services/oauth2/token"
### authorization details
payload_auth = {
'grant_type': 'client_credentials',
'client_id': consumer_key,
'client_secret': consumer_secret
}
### lambda handler function
def lambda_handler(event, context):
### request to get Salesforce session
res = requests.post(url_auth,
headers={"Content-Type":"application/x-www-form-urlencoded"},
data=payload_auth)
print (res.content)
### extracting token from auth call
res_auth = json.loads(res.content)
token = res_auth["access_token"]
### URL and payload for update. Form the payload dynamically from lambda request
url_update = url_host + "/services/data/v58.0/sobjects/Account/External_Id__c/C1230001"
payload_update = {
"phone": "1212121212",
"BillingCity": "Chicago",
"BillingState": "IL"
}
payload_upddate_json = json.dumps(payload_update)
### Call to Salesforce API
r = requests.patch(url_update, headers = {"Content-Type": "application/json", "Authorization":"Bearer " + token},data=payload_upddate_json)
print (r.content)
### Any other post processing action can be entered here