This document provides an overview of building serverless web applications using AWS Lambda and Amazon API Gateway. It discusses moving from a monolithic to microservices architecture with Lambda functions. It introduces the AWS Serverless Application Model (SAM) for defining serverless applications using CloudFormation templates. SAM supports Lambda functions, APIs, and other resources. The document also demonstrates sample SAM and CloudFormation templates and discusses frameworks like ClaudiaJS and Chalice for developing serverless applications.
2. Who Am I?
• Technical Evangelist at AWS
• Formerly of SpaceX and NASA
• randhunt@amazon.com
• @jrhunt on twitter
• These slides are not just mine!
Many people at AWS contributed.
• Thanks Leo!
3. About Me
Who: Leo Zhadanovsky / @leozh / leozh@amazon.com
What: Principal Solutions Architect
Previous:
Director of Systems Engineering @ DNC / Obama for America 2012
4. What to expect from the session
• Concepts
• Design patterns
• Tooling
• Demo
6. Benefits of Lambda
No servers to provision
or manage
Scales with usage
Never pay for idle Availability and fault
tolerance built in
7. Never pay for Idle
EVENT DRIVEN CONTINUOUS SCALING PAY BY USAGE
8. Function versioning and aliases
• Versions = immutable copies of
code + configuration
• Aliases = mutable pointers to
versions
• Each version/alias gets its own
ARN
• Enables rollbacks, staged
promotions, “locked” behavior for
client
Lambda Function
Version $LATEST
Lambda Function
Version 123
Lambda Function
DEV Alias
Lambda Function
BETA Alias
Lambda Function
PROD Alias
9. Lambda Environment Variables
• Key-value pairs
• Available via standard environment variable
access, such as process.env, or os.environ
• Can optionally be encrypted via AWS KMS
10. Common Lambda Use Cases
Web
Applications
• Static websites
• Complex web
apps
• Packages for
Flask and
Express
Data
Processing
• Real time
• MapReduce
• Batch
Chatbots
• Powering
chatbot logic
Backends
• Apps &
services
• Mobile
• IoT
</></>
Amazon
Alexa
• Powering
voice-enabled
apps
• Alexa Skills
Kit
Autonomous
IT
• Policy engines
• Extending
AWS services
• Infrastructure
management
12. Unify multiple microservices
under single API front-end
Authenticate and
Authorize Requests
Throttling and DDoS Protection
Amazon API Gateway
13. Amazon EC2 Instances
Lambda Functions
Other AWS Services
API Gateway
On Premise Servers
/v1/user /v1/user/image
Unified API
14. SIGv4 Lambda Custom Auth
{ }
API Keys
• Invoke with Caller Credentials
• AWS Identity and Access
Management (IAM) Roles
• Amazon Cognito
• Per Method Authorization
• OAuth
• On Premise Authentication
• Custom built auth
• Usage Plans
• Quotas per API Key
• Throttling per API Key
• Per Method Authorization
Auth
15. Throttling / DDoS / Scaling
DDoS Protection
• Layer 7 and Layer 3 Protection
• Cloudfront in front of API Gateway
Throttling
• Usage Plans
• Quotas per API Key
• Throttling per API Key
Scaling
• Auto Scaling
• Caching Layer
16. API Gateway Stage Variables
• Stage variables act like environment variables
• Use stage variables to store configuration values
• Stage variables are available in the $context object
• Values are accessible from most fields in API Gateway
• Lambda Function ARN
• HTTP endpoint
• Custom authorizer function name
• Parameter mappings
22. Monolithic - What does it look like?
GET /pets
PUT /pets
DELETE /pets
GET /describe/pet/$id
PUT /describe/pet/$id
EVENT DRIVEN ONE LARGE LAMBDA FUNCTION
23. Monolithic - Pros and Cons
• Single Handler
• Handles all GET/PUT/POST/UPDATE/DELETE
• Very Large Lambda Function
• Have to build a routing mechanism
• Larger blast radius
Cons:
Pros:
• Sometimes its easier to comprehend a less
distributed system
• Deployments “could” be faster
27. Microservices - What does it look like?
EVENT DRIVEN ONE LAMBDA PER HTTP METHOD
GET /pets
PUT /pets
DELETE /pets
GET /describe/pet/$id
PUT /describe/pet/$id
28. Microservices - Pros and Cons
• Can be harder to debug (X-ray can help with this!)
• Multiple Lambda Functions to Manage (Use SAM!!!!)
Cons:
Pros:
• Easier for teams to work Autonomously
• Separation of components
• Fine grained deployments (Integration testing is important)
• Can be easier to debug
• Agile
29. What does it look like put together?
Amazon
S3
Amazon
API Gateway
S3 stores all of your static
content: CSS, JS, Images, etc.
API Gateway handles all of
your application routing.
Lambda runs all of the logic
behind your website. Such as
a Create/Read/Update/Delete
service.
30. How do I manage it?
MEET SAM
USE SAM TO BUILD TEMPLATES THAT DEFINE
YOUR SERVERLESS APPLICATIONS
DEPLOY YOUR SAM TEMPLATE
WITH AWS CLOUDFORMATION
31. AWS Serverless Application Model (SAM)
AWS CloudFormation extension optimized
for serverless
New serverless resource types: functions,
APIs, and tables
Supports anything CloudFormation supports
Open specification (Apache 2.0)
38. Wrap-Up
Things to remember:
• AWS SAM (Serverless Application Model)
• Helps you define your entire Serverless application
• Lots of frameworks out there to help you get started
quickly
• ClaudiaJS, Zappa, Sparta, Apex, Chalice, aws-
serverless-express, Lambada, Serverless Framework
• If you’re just getting started, Start small!
• If you have questions, don’t be afraid to ask, the
community around Serverless is fantastic!
Automation done incorrectly can actually cause you more pain than doing things manual. We hope to help guide you in the right direction and give you ideas of how to automate your infrastructure.
Automation done incorrectly can actually cause you more pain than doing things manual. We hope to help guide you in the right direction and give you ideas of how to automate your infrastructure.
Automation done correctly has vast benefits for your company and your infrastructure.
AWS SAM is a new specification that extends CloudFormation, and is optimized for serverless.
It allows you to define 3 resource types commonly used in serverless applications, in a simpler and cleaner way: Lambda function, API Gateway APIs, and DynamoDB tables.
It’s worth noting that SAM in its core, is a CloudFormation template. That means you can define any CloudFormation resource in your SAM template, to go along with your serverless resources.
This how that template would look like. This is 5 times longer than the SAM template, and defines 8 separate resources. And this is what you had to write, before SAM existed.
Let’s go over a SAM template to understand the specification better:
First, we are defining a serverless function, which is transformed into a Lambda function under the covers.
The first property specified is CodeUri. This property receives a URI that points to an S3 object. When CloudFormation creates my Lambda function it refers to this URI to retrieve the function’s deployment package.
The next property I’d like you to pay attention to, is policies. The managed policies that you specify here will be included in the execution role that CloudFormation will generate for your Lambda function.
Next, we are defining the function’s event source, which in this case is an API. Notice that I don’t need to explicitly define an API as a separate resource. Specifying an API as my function’s event source is sufficient for CloudFormation to generate an API with the specified characteristics for me.
Lastly, I’m defining a DynamoDB table using the simpleTable. This shortcut will generate a DynamoDB table with a single attribute primary key, with a provisioned throughput of 5.
The key piece that makes all of this possible, is the transform capability CloudFormation introduced.
When you specify the serverless transform, then under the covers, CloudFormation turns this template into a regular CloudFormation template. CouldFormation then uses that template to generate my resources.