Diese Präsentation wurde erfolgreich gemeldet.
Die SlideShare-Präsentation wird heruntergeladen. ×

A Brief Look at Serverless Architecture

Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Wird geladen in …3
×

Hier ansehen

1 von 40 Anzeige

A Brief Look at Serverless Architecture

This talk will be a 2-300 level discussion on Serverless Architectures on AWS. We’ll first explore the Serverless ecosystem on AWS, looking at some particular use cases for Serverless. Looking through the lens of AWS customers, we’ll look at the typical Serverless journey, as well some of the key emerging patterns and benefits of Serverless Architectures. We’ll also touch some of the key challenges in a distributed environment and some potential solutions and tools that customers might want to consider.

This talk will be a 2-300 level discussion on Serverless Architectures on AWS. We’ll first explore the Serverless ecosystem on AWS, looking at some particular use cases for Serverless. Looking through the lens of AWS customers, we’ll look at the typical Serverless journey, as well some of the key emerging patterns and benefits of Serverless Architectures. We’ll also touch some of the key challenges in a distributed environment and some potential solutions and tools that customers might want to consider.

Anzeige
Anzeige

Weitere Verwandte Inhalte

Diashows für Sie (20)

Ähnlich wie A Brief Look at Serverless Architecture (20)

Anzeige

Weitere von Amazon Web Services (20)

Aktuellste (20)

Anzeige

A Brief Look at Serverless Architecture

  1. 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cassandra Bonner, Solutions Architect February 2017 APIdays A Brief Look at Serverless Architecture
  2. 2. Agenda ØThe AWS Serverless Ecosystem ØServerless Use Cases ØServerless APIs ØSample Application ØFAQ
  3. 3. The AWS Serverless Ecosystem
  4. 4. Progression to Serverless Monolithic Application Services Microservices Serverless
  5. 5. The Serverless Ecosystem AWS Lambda Amazon Kinesis Amazon S3 Amazon API Gateway Amazon SQS AWS IoT Amazon Cognito Amazon CloudWatch Amazon Glacier Amazon AppStream Amazon Athena Amazon Lex Amazon Polly Amazon Rekognition Mobile Analytics AWS Step Functions Amazon SNSAmazon Pinpoint
  6. 6. Serverless Simple but usable primitives Scales with usage Pay only usage Built in availability & fault tolerance
  7. 7. Serverless Use Cases
  8. 8. Use case: Event-Driven Serverless data processing Example: Amazon S3 bucket triggers Amazon S3 bucket events Original object Compressed object 1 2 3 AWS Lambda
  9. 9. Use case: Serverless web apps Dynamic content AWS Lambda Data in Amazon DynamoDB API Gateway Static content in Amazon S3 Browser
  10. 10. Use case: Serverless mobile and IoT apps AWS Lambda Amazon DynamoDB
  11. 11. Use case: Serverless app ecosystems Alexa, tell Slack to send, “I’m giving the demo now.” Message retrieval through scheduled polling Kevin says, “Break a leg!” Message upload (via Slack API) Team (channel users) Slack
  12. 12. Customer Story Hybrid – Front Legacy Webapp Internet Mobile apps Websites Partner Services AWS Lambda functions API Gateway response cache Endpoints on Amazon EC2 Any publicly accessible endpoint Amazon CloudWatch API Gateway
  13. 13. Internet AWS Lambda functions CRM Amazon CloudWatch Amazon CloudFront Amazon API Gateway Customer Story Hybrid Event-Driven Workflow Completion Third Party Amazon DynamoDb N Systems AWS Step Functions
  14. 14. AWS Step Functions
  15. 15. Serverless APIs
  16. 16. Amazon API Mandate (2002)
  17. 17. Amazon API Gateway: Serverless APIs Internet Mobile apps Websites Partner Services AWS Lambda functions API Gateway response cache Endpoints on Amazon EC2 Any publicly accessible endpoint Amazon CloudWatch Amazon CloudFront API Gateway
  18. 18. Benefits of Amazon API Gateway Create a unified API front end for multiple microservices DDoS protection and throttling for back-end systems Authenticate and authorize requests
  19. 19. Throttle Usage plans: Throttle specific consumers Internet Mobile apps Websites Partner Services AWS Lambda functions API Gateway response cache Endpoints on Amazon EC2 Any publicly accessible endpoint Amazon CloudWatch Amazon CloudFront API Gateway
  20. 20. Set daily quota Usage plans: Enforce per-consumer quotas Internet Mobile apps Websites Partner Services AWS Lambda functions API Gateway response cache Endpoints on Amazon EC2 Any publicly accessible endpoint Amazon CloudWatch Amazon CloudFront API Gateway
  21. 21. Track usage Usage plans: Track API usage Internet Mobile apps Websites Partner Services AWS Lambda functions API Gateway response cache Endpoints on Amazon EC2 Any publicly accessible endpoint Amazon CloudWatch Amazon CloudFront API Gateway
  22. 22. API Gateway Authorisation: 3 Types
  23. 23. Auth: Amazon Cognito User Pools Internet Mobile apps Partner Services AWS Lambda functions Endpoints on Amazon EC2 Amazon CloudFront API Gateway Amazon Cognito Websites User login Built-in auth check OIDC token OIDC token Any publicly accessible endpoint
  24. 24. Cognito User Pools
  25. 25. Auth: SigV4 / IAM Internet Mobile apps Partner Services AWS Lambda functions Endpoints on Amazon EC2 Amazon CloudFront API Gateway Amazon Cognito IAM IAM user / role acquisition SigV4 credentials
  26. 26. Auth: Custom Lambda authorizer Internet Mobile apps Websites Partner Services AWS Lambda functions Policy cache Endpoints on Amazon EC2 Any publicly accessible endpoint Amazon CloudFront API Gateway Lambda custom Auth function OAuth provider 403
  27. 27. Sample Application
  28. 28. Sample Application https://tinyurl.com/h67u35j
  29. 29. SpaceFinder High-Level View
  30. 30. Sign up and Sign in 1) Identity Token 2) Access Token 3) Refresh Token
  31. 31. Accessing AWS Services Amazon Cognito User Pools Amazon Cognito Federated Identities 3. Get Identity Id 4. Identity Id 5. Get Credentials (ID JWT) AWS Security Token Service (STS) 8. AWS Temporary Creds
  32. 32. User Classification - RBAC Þ Unauthenticated Users Þ Default Role Þ Authenticated Role Þ Default Role Þ Choose role from rule Þ Choose role from token
  33. 33. RBAC Granular Roles
  34. 34. Granular Role Classification
  35. 35. Granular API Security – get/del resources
  36. 36. IAM Policy Variables
  37. 37. DEMO
  38. 38. There has never been a better time to build GO BUILD!!
  39. 39. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank You!
  40. 40. FAQs https://github.com/awslabs/aws-serverless-auth-reference-app

×