Serverless computing allows you to build and run applications without the need for provisioning or managing servers. With serverless computing, you can build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more. In this session, you'll learn how to get started with serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers. We'll introduce you to the basics of building with Lambda and how you can benefit from features such as continuous scaling, built-in high availability, integrations with AWS and third-party apps, and subsecond metering pricing. We'll also introduce you to the broader portfolio of AWS services that help you build serverless applications with Lambda, including Amazon API Gateway, Amazon DynamoDB, AWS Step Functions, and more.

1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Manish Mohite, Enterprise Solutions Architect, AWS
July 26, 2017
Getting Started with AWS Lambda
and the Serverless Cloud

2. AWS compute offerings
VM Task Function
Service Amazon EC2 Amazon ECS AWS Lambda
H/W OS Runtime
Unit of scale
Level of
abstraction

3. AWS compute offerings
I want to
configure
servers,
storage,
networking,
and my OS
I want to run
servers,
configure
applications,
and control
scaling
Run my
code when
it’s needed
Service
How do I
choose?
Amazon EC2 Amazon ECS AWS Lambda

4. Agenda
• Why AWS Lambda?
• How it works
• Use cases
• Best practices

5. Why AWS Lambda?

6. Servers
How will the application
handle server hardware failure?
How can I control
access from my servers?
When should I decide to
scale out my servers?
When should I decide to
scale up my servers?
What size servers are
right for my budget?
How much remaining
capacity do my servers have?
(AAHHHHHHHHH!!)

7. Operations and management Scaling
Provisioning and utilization Availability and fault tolerance
Owning servers means dealing with ...

8. AWS Lambda: Run code in response to events
FUNCTION SERVICES (ANYTHING)
Changes in
data state
Requests to
endpoints
Changes in
resource state
Node
Python
Java
C#
EVENT SOURCE

9. No servers to provision
or manage
Scales with usage
Never pay for idle Availability and fault
tolerance built in
Benefits of Lambda and serverless compute

10. AWS Lambda pricing
• Buy compute time in
100 ms increments
• Low request charge
• No hourly, daily, or
monthly minimums
• No per-device fees
Never pay for idle!
Free Tier
1 million requests and 400,000 GBs of
compute every month, every customer

11. AWS Lambda
Amazon DynamoDB
Amazon SNS
Amazon API Gateway
Amazon SQS
Amazon KinesisAmazon S3
Compute and API Proxy
AWS X-Ray
AWS Step Functions
Services for building serverless applications
Database, Storage, Orchestration, Analytics, Interprocess Messaging
Developer Tools
AWS CodeBuild
AWS CodePipelineAWS SAM
Third-Party Tools
Open Source

12. Amazon API Gateway: Serverless APIs
Internet
Mobile Apps
Websites
Services
AWS Lambda
functions
AWS
API Gateway
Cache
Endpoints on
Amazon EC2
All publicly
accessible
endpoints
Amazon
CloudWatch
Monitoring
Amazon
CloudFront
Amazon
API Gateway
Any other
AWS service

13. Amazon API Gateway benefits
Create a unified API
frontend for multiple
microservices
DDoS protection
and throttling for
backend systems
Authenticate and
authorize requests

14. “I want to sequence functions”
“I want to select functions based on data”
“I want to run functions in parallel”
“I want to retry functions”
“I want to try/catch/finally”
“I want to run code for hours”
Orchestration for serverless apps
AWS Step Functions

15. AWS Step Functions
Easily coordinate multiple Lambda functions using visual workflows
Visualize in the
Console
Define in JSON Monitor
Executions

16. Benefits of Step Functions orchestration
Change and add steps
without writing code to
evolve applications
and innovate faster
Coordinate and visualize
Lambda functions as a
series of steps to quickly
create serverless apps
Automatically trigger and
track each step at scale
and handle errors with
built-in retry and fallback
Productivity AgilityResilience

17. How it works

18. Using AWS Lambda
Bring your own code
• Node.js, Java, Python,
C#
• Bring your own libraries
(even native ones)
Simple resource model
• Select power rating from
128 MB to 1.5 GB
• CPU and network
allocated proportionately
Flexible use
• Synchronous or
asynchronous
• Integrated with other
AWS services
Flexible authorization
• Securely grant access to
resources and VPCs
• Fine-grained control for
invoking your functions

19. Using AWS Lambda
Authoring functions
• WYSIWYG editor or
upload packaged .zip
• Third-party plugins
(Eclipse, Visual Studio)
Monitoring and logging
• Metrics for requests,
errors, and throttles
• Built-in logs to Amazon
CloudWatch Logs
Programming model
• Use processes, threads,
/tmp, sockets normally
• AWS SDK built in
(Python and Node.js)
Stateless
• Persist data using
external storage
• No affinity or access to
underlying infrastructure

20. Amazon S3 Amazon
DynamoDB
Amazon
Kinesis
AWS
CloudFormation
AWS CloudTrail Amazon
CloudWatch
Amazon
Cognito
Amazon SNSAmazon
SES
Cron events
DATA STORES ENDPOINTS
CONFIGURATION REPOSITORIES EVENT/MESSAGE SERVICES
Example event sources that trigger AWS Lambda
… and a few more with more on the way!
AWS
CodeCommit
Amazon
API Gateway
Amazon
Alexa
AWS IoT AWS Step
Functions

21. Use cases

22. Common use cases
Web
Applications
• Static
websites
• Complex web
apps
• Packages for
Flask and
Express
Data
Processing
• Real time
• MapReduce
• Batch
Chat Bots
• Powering chat
bot logic
Backends
• Apps &
services
• Mobile
• IoT
</></>
Amazon
Alexa
• Powering
voice-enabled
apps
• Alexa Skills
Kit
IT
Automation
• Policy engines
• Extending
AWS services
• Infrastructure
management

23. Three-tier web application architecture
https://d0.awsstatic.com/whitepapers/AWS_Serverless_Multi-Tier_Architectures.pdf

24. Here is what that translates to in real life
http://media.amazonwebservices.com/architecturecenter/AWS_ac_ra_web_01.pdf

25. Common use cases
Web Applications and Backends
Internet
Mobile Apps
Websites
Services
AWS Lambda
function
AWS
API Gateway
Cache
All publicly
accessible
endpoints
Amazon
CloudWatch
Monitoring
Amazon
CloudFront
Amazon S3 AWS Lambda
function
AWS Lambda
function
Amazon DynamoDB
Web
Applications
• Static
websites
• Complex web
apps
• Packages for
Flask and
Express
Backends
• Apps &
services
• Mobile
• IoT
</></>

26. Task
Choice
Fail
Parallel
Lambda + Step Functions
Image Recognition and Processing Backend
Common use cases

27. Serverless IoT with AWS Lambda at iRobot

28. AWS
Lambda
Amazon
CloudFront
Amazon
S3
Amazon
DynamoDB
Amazon
Redshift
Amazon
Route 53 Amazon VPC
Amazon
CloudWatch
AWS
CloudFormation
AWS
CloudTrail
AWS
Config AWS IAMAWS KMSAWS WAF
Amazon Cognito Amazon
SNS
Amazon API
Gateway
Amazon
SQS
Amazon
Elasticsearch Service
Amazon
Kinesis
Amazon
QuickSight
AWS IoT
How iRobot leverages AWS

29. Serverless is distributed by nature
Component graph
becomes call graph
Distributed systems
thinking is required from
the start
Event-based architecture

30. Common use cases
Data
Processing
• Real time
• MapReduce
• Batch
Lambda + Kinesis + DynamoDB

31. Common use cases
Data
Processing
• Real time
• MapReduce
• Batch
Lambda + DynamoDB + Amazon Redshift

32. What to expect from the session
15-20 minutes of processing  now in seconds
2x order of magnitude for cost savings
https://www.youtube.com/watch?v=TXmkj2a0fRE
Nordstrom recommendations

33. Capital One – chat bot

34. IT Policy – Governance with AWS Lambda

35. Common use cases

36. Best practices

37. AWS Lambda best practices
 Limit your function/code size
 Node – remember execution is asynchronous
 500 MB /tmp directory provided to each function
 Don’t assume function will reuse underlying infrastructure
 But take advantage of it when it does occur
 You own the logs
 Include details from service-provided context
 Create custom metrics
 Operations-centric vs. business-centric
 Use environment variables
 Parameterize code and change parameters independent of code updates
 Use for securing credentials and keeping them out of code

38. Best practice: Use versions and aliases
Versions = immutable copies of code + properties
Aliases = mutable pointers to versions
 Rollbacks
 Staged
promotions
 “Lock” behavior
for client

39. AWS CloudFormation brings:
• Infrastructure as code
• Easy to provision and manage a collection of related AWS resources
• Input .yaml file and output provisioned AWS resources
• Optimized for infrastructure
AWS SAM:
• CloudFormation extension optimized for serverless
• New serverless resources: functions, APIs, and tables
• Supports anything CloudFormation supports
• Open specification (Apache 2.0)
AWS Serverless Application Model (AWS SAM)

40. AWSTemplateFormatVersion: '2010 -09-09'
Resources:
GetHtmlFunctionGetHtmlPermissionProd:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:invokeFunction
Principal: apigateway.amazonaws.com
FunctionName:
Ref: GetHtmlFunction
SourceArn:
Fn::Sub: arn:aws:execute -api:${AWS::Region}:${AWS::AccountId}:${ServerlessRestApi}/Prod/ANY/*
ServerlessRestApiProdStage:
Type: AWS::ApiGateway::Stage
Properties:
DeploymentId:
Ref: ServerlessRestApiDeployment
RestApiId:
Ref: ServerlessRestApi
StageName: Prod
ListTable:
Type: AWS::DynamoDB::Table
Properties:
ProvisionedThroughput:
WriteCapacityUnits: 5
ReadCapacityUnits: 5
AttributeDefinitions:
- AttributeName: id
AttributeType: S
KeySchema:
- KeyType: HASH
AttributeName: id
GetHtmlFunction:
Type: AWS::Lambda::Function
Properties:
Handler: index.gethtml
Code:
S3Bucket: flourish -demo-bucket
S3Key: todo_list.zip
Role:
Fn::GetAtt:
- GetHtmlFunctionRole
- Arn
Runtime: nodejs4.3
GetHtmlFunctionRole:
Type: AWS::IAM::Role
Properties:
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess
- arn:aws:iam::aws:policy/service -role/AWSLambdaBasicExecutionRole
AssumeRolePolicyDocument:
Version: '2012 -10-17'
Statement:
- Action:
- sts:AssumeRole
Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
ServerlessRestApiDeployment:
Type: AWS::ApiGateway::Deployment
Properties:
RestApiId:
Ref: ServerlessRestApi
Description: 'RestApi deployment id: 127e3fb91142ab1ddc5f5446adb094442581a90d'
StageName: Stage
GetHtmlFunctionGetHtmlPermissionTest:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:invokeFunction
Principal: apigateway.amazonaws.com
FunctionName:
Ref: GetHtmlFunction
SourceArn:
Fn::Sub: arn:aws:execute -api:${AWS::Region}:${AWS::AccountId}:${ServerlessRestApi}/*/ANY/*
ServerlessRestApi:
Type: AWS::ApiGateway::RestApi
Properties:
Body:
info:
version: '1.0'
title:
Ref: AWS::StackName
paths:
"/{proxy+}":
x-amazon-apigateway-any-method:
x-amazon-apigateway-integration:
httpMethod: ANY
type: aws_proxy
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015 -03-
31/functions/${GetHtmlFunction.Arn}/invocations
responses: {}
swagger: '2.0'
CF template example – API triggering Lambda
AWSTemplateFormatVersion: '2010-09-09’
Transform: AWS::Serverless-2016-10-31
Resources:
GetHtmlFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: s3://flourish-demo-bucket/todo_list.zip
Handler: index.gethtml
Runtime: nodejs4.3
Policies: AmazonDynamoDBReadOnlyAccess
Events:
GetHtml:
Type: Api
Properties:
Path: /{proxy+}
Method: ANY
ListTable:
Type: AWS::Serverless::SimpleTable
AWS SAM example – API triggering Lambda
AWS SAM: Less complexity, more power

41. The function networking environment
 Default – a default network environment within VPC is provided for you
 Access to the internet always permitted to your function
 No access to VPC-deployed assets
 Customer VPC – Your function executes within the context of your own VPC
 Privately communicate with other resources within your VPC
 Familiar configuration and behavior with:
 Subnets
 Elastic network interfaces (ENIs)
 EC2 security groups
 VPC route tables
 NAT gateway

42. Additional best practices
 Externalize authorization to IAM roles whenever possible
 Least privilege and separate IAM roles
 Externalize configuration
 DynamoDB is great for this
 Take advantage of dead letter queues
 Use to handle failed invocations
 Make sure your downstream setup “keeps up” with Lambda scaling
 Limit concurrency when talking to relational databases
 Be aware of service throttling
 Engage AWS Support to increase your limits
 Contact AWS Support before known large scaling events

43. Takeaways
• Many applications can go serverless
• Data processing, backends, triggers, web hooks
• Lambda functions are opinionated
• State, invocation modes, and deployments
• The ecosystem continues to grow
• Tooling, languages, and application capabilities

44. Next steps
1. Go to console.aws.amazon.com/lambda and create your first
Lambda function
2. Stay up to date with Lambda on the Compute blog and check out
aws.amazon.com/lambda for scenarios and customer stories.
3. See https://aws.amazon.com/serverless for reference
architectures, samples, and links to more content.
4. Send us your questions, comments, and feedback on the Lambda
Forums.

45. Thank you!