AWS Lambda allows you to run you code on a Serverless infrastructure, while AWS takes care of all the heavy lifting of Provisioning and utilization, Availability and fault tolerance, Scaling and Operations and management. In this session, we will take few use cases, from common development scenarios, and show how can we use AWS Lambda to build smarter and better systems.

1. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Builders’ Day
Jerusalem
AWS Lambda use cases and best practices
Oren Reuveni, Solutions Architect, AWS

2. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agenda
• Use cases
• Best practices
• Design principles

3. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Previous session reminder - what does Serverless
mean?
No servers to
provision or manage
Scale with your usage
Built in availability
and fault-tolerance
Never pay for
idle/unused capacity

4. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Builders’ Day
Jerusalem
Use cases

5. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Common Lambda use cases
Web
Applications
• Static
websites
• Complex web
apps
• Packages for
Flask and
Express
Data
Processing
• Real time
• MapReduce
• Batch
Chatbots
• Powering
chatbot logic
Backends
• Apps &
services
• Mobile
• IoT
</></>
Amazon
Alexa
• Powering
voice-enabled
apps
• Alexa Skills
Kit
IT
Automation
• Policy engines
• Extending
AWS services
• Infrastructure
management

6. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon S3 Amazon
DynamoDB
Amazon
Kinesis
AWS
CloudFormation
AWS CloudTrail Amazon
CloudWatch
Amazon
Cognito
Amazon SNSAmazon
SES
Cron events
DATA STORES ENDPOINTS
DEVELOPMENT AND MANAGEMENT TOOLS EVENT/MESSAGE SERVICES
Event sources that trigger AWS Lambda
… and more!
AWS
CodeCommit
Amazon
API Gateway
Amazon
Alexa
AWS IoT AWS Step
Functions

7. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Builders’ Day
Jerusalem
Use case 1:
Automation

8. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Automation characteristics
• Periodic jobs
• Event triggered workflows
• Enforce security policies
• Audit and notification
• Respond to alarms
… All while being Highly Available, Scalable and Auditable

9. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Lambda:
Resize Images
Users upload photos
S3:
Source Bucket
S3:
Destination Bucket
Triggered on
PUTs
Automation: image thumbnail creation from S3
https://github.com/awslabs/serverless-image-resizing

10. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Enforce security policies
RDP from
0.0.0.0/0
RDP from
0.0.0.0/0
CloudWatch Event Bus in
another AWS Account
New Security Group ingress rule Amazon CloudWatch Events:
Rule
AWS Lambda:
Remediate and alert
AWS SNS:
Email alert
Ingress rule deleted

11. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Step Functions state machine

12. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Builders’ Day
Jerusalem
Use case 2:
Web App/Microservice/API

13. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Web application
Data stored in
Amazon DynamoDB
Dynamic content
in AWS Lambda
Amazon API
Gateway
Browser
Amazon
CloudFront
Amazon
S3
Amazon
Cognito
Static content
Authenticate
Dynam
ic API calls
over HTTP

14. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Multi-Region with API Gateway
us-west-2
us-east-1
Client
Amazon
Route 53
Regional
API
Endpoint
Regional
API
Endpoint
Custom
Domain
Name
Custom
Domain
Name
API Gateway
API Gateway
Lambda
Lambda
api.mycorp.com
CNAME
CNAM
E

15. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Bustle Achieves 84% Cost Savings with AWS Lambda
Bustle is a news, entertainment, lifestyle, and fashion
website targeted towards women.
With AWS Lambda, we
eliminate the need to worry
about operations
Tyler Love
CTO, Bustle
”
“ • Bustle had trouble scaling and
maintaining high availability for its
website without heavy management
• Moved to serverless architecture using
AWS Lambda and Amazon API
Gateway
• Experienced approximately 84% in
cost savings
• Engineers are now focused on
innovation

16. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Demo

17. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Builders’ Day
Jerusalem
Best practices

18. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Lambda Best Practices
• Minimize package size to necessities
• Separate the Lambda handler from core logic
• Use Environment Variables to modify operational behavior
• Storage reuse - /tmp
• Self-contain dependencies in your function package
• Leverage “Max Memory Used” to right-size your functions
• Delete large unused functions (75GB limit)

19. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Compute power: Don’t “guesstimate”
alexcasalboni
aws-lambda-power-tuning

20. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
General design principles
Think concurrent requests, not total
requests

21. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Lambda is stateless. Leverage container reuse but
persistent storage for durable state
s3 = boto3.resource('s3')
db = db.connect()
def lambda_handler(event, context):
global db
# verify if still connected
# otherwise carry on
if not db:
db = db.connect()
…
db.save(highly_durable_state)
...

22. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Instead of Lambda based “monoliths”….
GET /pets
PUT /pets
DELETE /pets
GET /describe/pet/$id
PUT /describe/pet/$id
ONE LARGE LAMBDA FUNCTIONEVENT DRIVEN

23. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Lambda based “nano-services”
EVENT DRIVEN Constellation of functions
GET /pets
PUT /pets
DELETE /pets
GET /describe/pet/$id
PUT /describe/pet/$id
Amazon
API Gateway

24. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
General design principles
Orchestrate your application with state
machines, not functions

25. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Don’t orchestrate within your functions…STARTJOB
JOB#XSTARTED
HTTPPOST
HTTPPOST
AREWETHEREYET?
NOPE!
WE’REDONE!
ZzZz
OR
time.sleep(10)

26. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Use Step Functions

27. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
General design principles
Design for failures and duplicates

28. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Applying Saga pattern with AWS Step Functions
theburningmonk.com/2017/07/applying-the-saga-pattern-with-aws-lambda-and-step-functions

29. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
• Single responsibility principle == Single function
• Share resource information across stacks via
Export value or SSM Parameter Store
• Build out multiple environments, such as for
Development, Test, Production and even DR using
the same template, even across accounts
SAM Template
Source
Control
Dev
Test
Prod
Deployment best practices

30. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Serverless Application Model (SAM)
CloudFormation extension optimized for
serverless
New serverless resource types: functions, APIs,
and tables
Supports anything CloudFormation supports
Open specification (Apache 2.0)github.com/awslabs
serverless-application-model
Deployment best practices

31. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Introducing SAM Local
CLI tool for local testing of serverless apps
Works with Lambda functions and “proxy-
style” APIs
Response object and function logs available
on your local machine
Supports all native runtimes
github.com/awslabs
aws-sam-local

32. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Useful Frameworks for Serverless Web Apps
• AWS Chalice
Python Serverless Framework
https://github.com/aws/chalice
Familiar decorator-based API similar to Flask/Bottle
Similar to third-party frameworks, Zappa or Claudia.js
• AWS Serverless Express
Run Node.js Express apps
https://github.com/awslabs/aws-serverless-express
• Java - HttpServlet, Spring, Spark and Jersey
https://github.com/awslabs/aws-serverless-java-container

33. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Testing strategies
Run Unit tests locally (Leverage SAM Local)
Run Integration/Acceptance tests with real services
Weighted alias and Canary deployment

34. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Monitoring – Metrics and streaming
Alarm on individual and aggregate metrics
(Throttling alarm !== Errors/Duration alarm)
Create Custom Metrics via Metric Filter
(Centralize logs from multiple accounts to Amazon ES)
Drill down application insights with X-Ray
(Too much time spent at logs == Lack of metrics)
Log only what’s necessary
(Use Environment Variables to control logging level)
built-in custom
Amazon Cloudwatch

35. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security
Application Security Best practices still apply
(Input validation/sanitization, code review, etc..)
One IAM Role per function
(permissions are easy to add but hard to remove)
Encrypt secrets with KMS integration
(Leverage EC2 SSM Parameter Store for shared secrets)
Automate security scans/controls into CI/CD
(Dependency CVEs, static/dynamic analysis, etc.)

36. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
• Lambda can be used in various use cases
• Easy to implement, and lets you focus on your solution
• Working by best practices will result in a more secure, cost
effective, performant solution
What will you build with Serverless?

37. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Builders’ Day
Jerusalem
Oren Reuveni, Solutions Architect, AWS
Thank You!